First 48 Hours of Firefox 4

Packet-Sniffing Laws Murky as Open Wi-Fi Proliferates

Starbucks is rolling out free, unsecured Wi-Fi access at about 7,000 coffee shops across the United States beginning July 1. But will there be packet-sniffing with your latte?

The Seattle-based coffee concern’s move to lure customers with free internet comes amid a growing legal uncertainty about privacy on open Wi-Fi networks, kicked off by Google’s admission its Street View cars intercepted data on unsecured Wi-Fi networks in neighborhoods across the globe.

Google, in response to government inquiries and lawsuits, claims it is lawful to use packet-sniffing tools readily available on the internet to spy on and download payload data from others using the same open Wi-Fi access point.

“We believe it does not violate U.S. law to collect payload data from networks that are configured to be openly accessible (.pdf)  (i.e., not secured by encryption and thus accessible by any user’s device). We emphasize that being lawful and being the right thing to do are two different things, and that collecting payload data was a mistake for which we are profoundly sorry,” Google wrote Congress.

It’s not considered felony wiretapping “to intercept or access an electronic communication made through an electronic communication system that is configured to that such electronic communication is readily accessible to the general public,” according to the text of the federal wiretapping statute. Password protected — encrypted Wi-Fi networks — are not considered “readily accessible,” Google maintains.

That’s a position one former Justice Department prosecutor backs, although Google may have theoretically violated the rarely prosecuted Pen Register and Trap and Trap and Traces Device Act.

There’s no way to say how many unsecured hot spots dot the United States. McDonald’s announced in January that it would provide unsecured Wi-Fi access in 11,000 restaurants, and more businesses are expected to follow.

So far, government regulators aren’t sure whether Google committed any legal wrongdoing. Connecticut Attorney General Richard Blumenthal announced Monday that as many as 30 attorneys general were examining the lawfulness of Google’s actions. But Blumenthal never said the Mountain View, California, internet giant’s activities were unlawful, going so far as to say they were “potentially impermissible.”

“They certainly acknowledge, at the very least, that intercepting and gathering people’s data was wrong,” he said. “There may be a need to strengthen and enhance federal and state laws.”

French regulators, who are examining the legal issues with more than a dozen other countries, said data captured by Google includes e-mail passwords and content of electronic messages.

Joel Gurin, the Federal Communications Commission’s government affairs chief, said “Google’s behavior also raises important concerns. Whether intentional or not, collecting information sent over Wi-Fi networks clearly infringes on consumer privacy.”

Like Blumenthal, Gurin stopped short of declaring such snooping unlawful and instead reminded consumers to be wary of open Wi-Fi networks.

Marc Rotenberg, executive director of the Electronic Privacy Information Center, believes Google’s actions amount to wiretapping, and he asked the FCC to investigate.

What’s more, Rotenberg said U.S. policy should clearly spell out that such activity is illegal — all in a bid to encourage free Wi-Fi access and protect privacy.

“Telling everybody to race around and lock up their hot spots misses the point,” he said.

The Justice Department declined to state its views on the issue, and the U.S. courts have not clearly addressed the issue.

The closest court ruling was in January, when an Oregon federal judge ruled evidence of child pornography found on a local man’s computer through his open Wi-Fi network could be used against him in court, absent a warrant. In arguing to uphold the warrantless computer search, the government said privacy interests were nullified with unsecured Wi-Fi networks.

“Defendant’s unsecured wireless access point was open to anyone with a wireless modem, whether or not they were law enforcement,” (.pdf) the government argued. “Because defendant made no effort to keep or maintain his computer network private but maintained an access point open to all, no search occurred.” (.pdf)

U.S. District Judge Garr King agreed. (.pdf) The defendant, John Ahrndt, pleaded guilty to child pornography charges (.pdf) last week.

Spammers, Evildoers, and Opportunists

My boss passed this article along to me after a discussion about the BS of SEO

Spammers, Evildoers, and Opportunists

Search Engine Optimization is not a legitimate form of marketing. It should not be undertaken by people with brains or souls. If someone charges you for SEO, you have been conned.

First came the web, and it was a mess. Servers went up everywhere, the net connected them all, pages bloomed like flowers, and no one could find a damn thing.

Then came the search engines. First primitive indexes of dumb keywords, then Google with its rankings of most-linked pages, we were finally able to find the pages we needed, mostly.

The ascendency of Google has meant that, if your goal is to get the most eyeballs possible (as any ad-supported media business’ goal is), then prominent placement in the search engine results became a top priority.

And so, like the goat sacrificers and snake oil salesmen before them, a new breed of con man was born, the Search Engine Optimizer. These scammers claim that they can dance the magic dance that will please the Google Gods and make eyeballs rain down upon you.

Do. Not. Trust. Them.

The problem with SEO is that the good advice is obvious, the rest doesn’t work, and it’s poisoning the web. I’m going to tell you about the problems, and then tell you the one true way to generate traffic on the web, based on my own 14 years of hits and misses.

1. The good advice is obvious, the rest doesn’t work.

Look under the hood of any SEO plan and you’ll find advice like this: make sure to use keywords in the headline, use proper formatting, provide summaries of the content, include links to relevant information. All of this is a good idea, and none of it is a secret. It’s so obvious, anyone who pays for it is a fool.

Occasionally a darkside SEO master may find some loophole in the Google algorithm to exploit, which might actually lead to an increase in traffic. But that ill-gotten traffic gain won’t last long. Google changes the way it ranks its index monthly (if not more), so even if some SEO technique worked, and usually they don’t, it’ll last for a couple weeks, tops.

And when they do reindex, if they determine that you’ve been acting in bad faith (like hiding links or keywords or other deceptive practices) they’ll drop you like a hot rock. So a temporary gain may result in a lifetime ban.

In the end, you’re sacrificing your brand integrity in a Faustian bargain for an increase in traffic that won’t last the month. And how valuable was that increase, anyway? If you’re tricking people into visiting your site, those visits are going to be bad experiences.

2. SEO is poisoning the web.

Google’s ranking algorithm is based on links. So the most effective way to game their system is to plant links on as many sites as possible, all pointing to your site, linked from specific keywords. This is called Google bombing.

SEO cockroaches employ botnets, third-world labor, and zombie computers to blanket the web with link spam. 99% of spam comments to blogs are these kind of links. The target of these links is not the blog readers, it’s Google.

SEO bastards are behind worms that attack blog services like Blogger, WordPress, and Movable Type. Some hack into the blog templates themselves to insert links that are hidden from the readers of that blog, but visible to a Google crawler.

And they create programs to grab expired domain names, automatically create websites, filling the pages with content stolen from RSS feeds, creating billions of bad results for users.

It’s a game, and every link is a score for the SEO jerkwads and their disreputable clients. And every time they win, those of us trying to create quality work and good experiences on the web lose.

Worse than the hackers are the competent journalists and site creators that are making legitimate content online, but get seduced by the SEO dark side into thinking they need to create content for Google instead of for their readers. It dumbs-down the content, which turns off your real audience, which ultimately makes you less valuable to advertisers. If you want to know why there’s so much remnant advertising on online news sites, it’s because you’re treating the stories like remnants already.

Remember this: It’s not your job to create content for Google. it’s their job to find the best of the web for their results. Your audience is your readers, not Google’s algorithm.

The One True Way

Which brings us, finally, to the One True Way to get a lot of traffic on the web. It’s pretty simple, and I’m going to give it to you here, for free:

Make something great. Tell people about it. Do it again.

That’s it. Make something you believe in. Make it beautiful, confident, and real. Sweat every detail. If it’s not getting traffic, maybe it wasn’t good enough. Try again.

Then tell people about it. Start with your friends. Send them a personal note – not an automated blast from a spam cannon. Post it to your Twitter feed, email list, personal blog. (Don’t have those things? Start them.) Tell people who give a shit – not strangers. Tell them why it matters to you. Find the places where your community congregates online and participate. Connect with them like a person, not a corporation. Engage. Be real.

Then do it again. And again. You’ll build a reputation for doing good work, meaning what you say, and building trust.

It’ll take time. A lot of time. But it works. And it’s the only thing that does.

Courtesy of