StratVantage – the News 11/02/01
How Many Search Engines Are There?
Recently I decided to try one of those search engine submission services that claim to submit your Web site to dozens, hundreds, or thousands of search engines. Many of these companies offer premium services that purport to be able to increase your ranking in target search engines, and sometimes these services are quite expensive. After years of ignoring the spam offering search engine submission, one caught my eye because of its low price: $2.50 (normally $9.95!!!!!!!). I figured, what the heck, for $2.50, I’d see what this search engine submission thing was all about.
The service I selected was INeedHits.com. Their Submit Pro service submits your site to 300 search engines, and, incredibly, they were having a sale that ended 10/31. Even more incredibly, it seems they’ve extended the sale, and it now ends 11/30. The company claims, “Our professional team will review and adjust your web site code to increase your Search Engine position. We will then submit your adjusted web site to 300+ major Search Engines including: Yahoo, Excite, Lycos, WebCrawler, Hotbot and Google.” This sounds like a tremendous deal: Actual humans would consult with me to “adjust” my Web site code to maximize my search engine position, all for $2.50.
As I constantly tell my children, “If it seems to be too good to be true, it is.” And sure enough, I got no personal review and adjustment of my Web site code. When you click to order the service, no mention is made on the next page of code review as part of the Submit Pro package. You have the opportunity to order additional services like the Keyword Analysis Report (normally $45, now $15!) and the Website Code analysis (normally $50, now $20!). These extra cost options are such a good deal the company preselects them on your order form for you. I wasn’t really surprised at this sleazy sleight of hand, of course. The search engine placement world seems to be full of hype and promises.
What was really interesting, however, was what happened when my submission actually ran (I didn’t fall for the extra cost extras and took the base package). One cool thing INeedHits does is give you a free email account and then submits your search engine requests using this email account. This turns out to be a very good idea because the act of submitting to some of these “search engines” generates a stream of spam selling everything from 3,368,420 free Web page hits to roses and garlic (I think that’s the title of my next album). The come-on that most interested me, however, was a site that offered to submit your Web site to 600,000 search engines.
Now I was willing to believe that there were 300 search engines as claimed by INeedHits. I didn’t believe that there were 300 major search engines, but it wouldn’t surprise me to find that number of credible engines filling various Internet niches. But 600,000? How could that be? Turns out there’s a whole network of Free For All search engines (the acronym is FFA, which means something different to those of us in the Midwest). And it resembles a huge pyramid or Ponzi scheme. As best as I can figure, FFA search engines make money off advertising on the “search engine” sites and through spam email the sites send to people who submit to them. The services are created by sites likeRateSaver.com and BigMailBox.com. A good explanation of the methodology can be found on the RateSaver site of Matt Perdeck, who claims to be, “a regular guy. Not super smart. Not well connected. Just average.” Yet somehow Matt has been able to generate thousands of dollars even while he sleeps using a “hits tree.”
The hits tree concept apparently combines the labyrinthine and convoluted Free For All search engine phenomenon with affiliate programs. An affiliate program is a way to get other people to market something for you, for example a book. Amazon runs an affiliate program enabling people to embed a link on their Web sites that takes visitors to Amazon. If the visitor buys, the affiliate gets a commission. The world of affiliate programs is easily as convoluted as the FFA search engine world, and will have to be the subject of another article.
The hits tree concept is immediately recognizable to anyone who’s made it out of the 8th grade: It’s basically an electronic chain letter. Your hits tree pagecontains boxes with six Web links in positions one through six. These links are to pages of other hits tree members’ Web pages, where they undoubtedly sell something. According to the explanation that is also posted on your hits tree page, “Your own hits page has a link to your website (or any website you like) in position #1. When people sign up (for free), they get their own hits page, with their own link in position #1. Your link is copied onto the new page and goes into position #2. All other links are also shifted back. This means that if 20 people sign up from your hits page, your link winds up on 20 new pages, in position #2.” You do the math. Actually, you don’t need to; it’s provided for you:
| Pages with your link | ||
| 20 people visit your page and get their own page: | ||
| Those 20 pages each get 20 visitors themselves, producing 20 * 20 = 400 pages: | ||
| Those 400 pages each get 20 visitors themselves, producing 20 * 400 = 8000 pages: | ||
| Those 8000 pages each get 20 visitors themselves, producing 20 * 8000 = 160,000 pages: | 160,000 | |
| Those 160,000 pages each get 20 visitors themselves, producing 20 * 160,000 = 3,200,000 pages: | 3,200,000 | |
| ———————— | ||
| Total pages with your link: | 3,368,420 |
Wow! Three million pages that point to my Web site! But wait, there’s more! You can also put banners on your hit tree pages and earn easy money! Plus you can automatically email (Not spam! They asked for it!) people who visit your page! You can also include access to free ebooks! And the best part: It’s all only $45!
Despite the breathless hype, you may be wondering if anyone falls for this stuff, and if they’re making money. All I can say is that plenty of people are falling for it. But the only folks making serious coin are those who collect the $45 for creating a new hits tree. As in any pyramid scheme, only those in at the top are likely to be making any money. Regular Guy Matt Perdeck must be making some money selling his eBook, Living Off the Net, for between $29.95 and $39.95. Try aGoogle search for his name and see how many sites are flogging his book.
So how many search engines are there really? I can’t say, although one site lists a thousand of them. But when I tried to find several of the engines listed on that site, all I got from Google was links to other lists of search engines. I could never find a real site! Another list of search engines included links, and did appear to include valid search engines, many of which were simply “meta” search engines. (A meta search engine submits your query to several established search engines and collates the results. My favorite is MetaCrawler, although it’s gone downhill recently.) So it appears that there really are 1,000 search engines out there.
The bottom line is: Don’t waste your time with search engine submission services. You’ll get the most traffic out of getting the major search engines to list you. Then you can engage the services of a reputable search engine ranking specialist to help you achieve a favorable search engine position. If you want to learn more about search engines and search engine placement, check out Search Engine Watch. As for me, I decided in the name of journalism to drop 45 bucks on the hits tree concept. I’ll let you know how it turns out.
Briefly Noted
- Shameless Self-Promotion Dept.: Look for a new directory, debuting this week: Nanotechnology Resources. Frankly, I was overwhelmed at the amount of information on the Net about this technology and thus didn’t get the directory finished in time for the article in the last SNS. It will feature commercial and academic resources along with pointers to other directories and link pages.
StratVantage Directories - A Foolish Security: Renowned computer security expert Bruce Schneier examined the new changes in airline security in his email newsletter last month. He puts into words better than I can the problems, dangers, and false sense of security half-baked security measures provide:
Computer security experts have a lot of expertise that can be applied to the real world. First and foremost, we have well-developed senses of what security looks like. We can tell the difference between real security and snake oil. And the new airport security rules, put in place after September 11, look and smell a whole lot like snake oil.
All the warning signs are there: new and unproven security measures, no real threat analysis, unsubstantiated security claims. The ban on cutting instruments is a perfect example. It’s a knee-jerk reaction: the terrorists used small knives and box cutters, so we must ban them. And nail clippers, nail files, cigarette lighters, scissors (even small ones), tweezers, etc. But why isn’t anyone asking the real questions: what is the threat, and how does turning an airplane into a kindergarten classroom reduce the threat? If the threat is hijacking, then the countermeasure doesn’t protect against all the myriad of ways people can subdue the pilot and crew. Hasn’t anyone heard of karate? Or broken bottles? Think about hiding small blades inside luggage. Or composite knives that don’t show up on metal detectors.
Parked cars now must be 300 feet from airport gates. Why? What security problem does this solve? Why doesn’t the same problem imply that passenger drop-off and pick-up should also be that far away? Curbside check-in has been eliminated. [Note: it’s been reinstated since this was written.] What’s the threat that this security measure has solved? Why, if the new threat is hijacking, are we suddenly worried about bombs?
- Face Recognition Again: Schneier also eloquently punctures the idea of using face recognition on crowds to separate out the known bad guys. His analysis is much longer, and I refer you to his newsletter for it, but here’s the gist:
Biometrics is an effective authentication tool, and I’ve written about it before. There are three basic kinds of authentication: something you know (password, PIN code, secret handshake), something you have (door key, physical ticket into a concert, signet ring), and something you are (biometrics). Good security uses at least two different authentication types: an ATM card and a PIN code, computer access using both a password and a fingerprint reader, a security badge that includes a picture that a guard looks at. Implemented properly, biometrics can be an effective part of an access control system.
I think it would be a great addition to airport security: identifying airline and airport personnel such as pilots, maintenance workers, etc. That’s a problem biometrics can help solve. Using biometrics to pick terrorists out of crowds is a different kettle of fish.
In the first case (employee identification), the biometric system has a straightforward problem: does this biometric belong to the person
it claims to belong to? In the latter case (picking terrorists out of crowds), the system needs to solve a much harder problem: does this biometric belong to anyone in this large database of people? The difficulty of the latter problem increases the complexity of the identification, and leads to identification failures.
Getting reference biometrics is different, too. In the first case, you can initialize the system with a known, good biometric. If the biometric is face recognition, you can take good pictures of new employees when they are hired and enter them into the system. Terrorists are unlikely to pose for photo shoots. You might have a grainy picture of a terrorist, taken five years ago from 1000 yards away when he had a beard. Not nearly as useful.
Schneier goes on to point out that thousands of false positives would be generated even if the system were 99.99 percent accurate. In fact, current systems aren’t anywhere near that accurate. The US Department of Defense (DoD) Defense Advanced Research Projects Agency (DARPA) sponsored the Facial Recognition Vendor Test (FRVT) 2000 test, which concluded that the best false detection rate (FDR) was 33 percent, with a false acceptance rate (FAR) of ten percent. Are you willing to take a one in three chance of being detained as a terrorist the next time you fly?
Cryptogram
- Wireless Data and Terrorism: Wireless Internet and Mobile Computing published a six-part Wireless Data and Terrorism report. The report takes a look at both the failures and value of wireless data in critical situations. It provides emergency wireless data checklists, and examines the industry’s economic outlook in the aftermath of the terrorist attacks. The most notable failure of the wireless industry during the aftermath of the attacks was a marketing one, according to the report. Because wireless data is treated not so much as a “’second fiddle’ to voice, [but] more like a ‘third piccolo,’” many people who could have benefited either did not know about wireless data services, or did not know how to use them.
Wireless Internet & Mobile Computing - Blinding Flash of the Obvious: OK, am I the last one to figure out the significance of the date chosen for the terrorist attacks: 9-11 or 911 – call for help?
- Gov Favors Limiting FOIA Disclosure of Computer Attacks: To encourage corporate victims of crackers to report crimes, the White House said it will support proposals to withhold details about electronic attacks against the nation’s most important computer networks, according to an Associated Press story. The Cyber Security Information Act, originally introduced last year and then again this past July, would restrict government agencies’ disclosures about attacks under the Freedom of Information Act (FOIA). The bill has languished in committee since July. I don’t know quite what to think about this one. On the one hand, it’s a given that computer intrusions are under-reported due to fears of liability, competition, and embarrassment. On the other hand, restricting FOIA in this case may lead to the proverbial slippery slope. Perhaps disclosing these attacks to an industry ombudsman would be a good compromise.
Security Focus
