posted by Eric Slivka on Wednesday December 08, 2010 04:55 PM

In addition to today’s news that promo codes for applications in Apple’s iOS App Store are now valid worldwide, several other items of interest related to the iOS and Mac App Stores have surfaced yesterday and today.

First, MacStories notes that the latest version of Apple’s iTunes Connect Developer Guide makes clear that promo codes will not be available for Mac App Store applications. In conjunction with last week’s tip that Apple will not permit “demos, trial versions, or betas” of applications in the Mac App Store, this latest bit of info suggest that Apple will be fairly restrictive in what can be offered through the Mac App Store, preferring that developers use their own sites for non-mainstream distribution for testing and review purposes.

Given that Mac OS X is much more open than iOS in terms of officially-supported application distribution mechanisms, it appears that Apple feels that limiting its role to mainstream distribution is a preferred strategy, at least for the time being.

Second, Apple yesterday announced on its developer news page that iOS developers can now submit Mac OS X versions of their applications to the Mac App Store with the same names as their corresponding iOS applications. Apple had previously required that applications in the two stores carry different names, but has apparently now opted to support the branding and consistency permitted by using the same name for a given application on each platform.

Finally, iClarified reports that Apple has informed iOS developers that it will be upgrading the security on its push notification service as of December 22nd, introducing 2048-bit certificates to ensure greater security for connections between applications’ notification provider servers and Apple’s servers. The change will not require modficiations to iOS applications, but will require developers to update their notification servers with the new certificate.

http://marcospoerrle.blogspot.com/

http://marcospoerrle.com/blog/

https://twitter.com/marcospoerrle

https://twitter.com/spoerrle

http://www.facebook.com/pages/Marco-Spoerrle/108765315840487

http://advertising-marketing-techniques.marcospoerrle.net/

posted by Eric Slivka on Wednesday December 08, 2010 04:23 PM

Industry Gamers reports on the results of a new survey from market research firm Interpret revealing that users of handheld games are increasingly moving away from dedicated devices such as the Nintendo DS and Sony PSP in favor of smartphones such as the iPhone.

The report, “The Phone Gaming Revolution: Do the DS and PSP Stand a Chance?,” found that 43.8% of the phone/DS/PSP gaming market plays games on phones, which represents a significant 53.2% increase over the past year. At the same time, Interpret says that the proportion of those who play on the DS or PSP has fallen by 13%.

But while that data could indicate that the market for handheld gaming is simply expanding with the increasing capabilities of phones, other data shows that users of dedicated gaming devices are in fact abandoning those devices in favor of their phones.

The company notes, “Gamers appear to be defecting from their handheld gaming devices to phones to get their gaming kicks: a full 27.2% of consumers who indicate that they play games on their phones only (and not on the DS/PSP) actually own a DS or PSP, but do not actively use the device(s).”

With existing dedicated gaming devices being forsaken in favor of all-in-one smartphone devices, some analysts are questioning whether dedicated devices have a significant role in the future portable gaming market. Sony at least appears to be responding to the threat with a “PlayStation Phone” of its own that appears to be an Android-based device offering many of the features of a smartphone while also including hardware buttons akin to those found on traditional handheld gaming devices.

http://marcospoerrle.blogspot.com/

http://marcospoerrle.com/blog/

https://twitter.com/marcospoerrle

https://twitter.com/spoerrle

http://www.facebook.com/pages/Marco-Spoerrle/108765315840487

http://advertising-marketing-techniques.marcospoerrle.net/

An example of these basic concepts is the retweet, which is sending a tweet one likes or approves of to her líst of followers. Retweets account for a lot of Twitter traffic, and form a major part of the site’s ability to promote viral content. If a retweet gathers enough steam, it can make the rounds of the entire web in a matter of minutes.

By Enzo F. Cesario (c) 2010 BrandSplat
Marco Spoerrle, marcospoerrle.com, Spoerrle, www.marcospoerrle.com, Facebook, Social Networking, Twitter

For many online merchants, friendly fraud is a persistent problem. Without the right security tools in place, it is difficult to identify whether or not a customer is committing fraud.
According to the article, “Friend and Foe? Combating E-Commerce ‘Friendly Fraud’,” financial cybercrime against card-not-present (CNP) retailers can take many forms. While MasterCard says 70% of [...]

MANAGING THE THREAT of online fraud is a tricky business; overly stringent
precautionary measures can put players off, while seemingly lax security can affect client confidence, particularly where payments are
involved. Offering unobtrusive fraud-prevention measures while reassuring the customer is increasingly important as fraudsters come up with new ways to attack gaming sites. CyberSource’s Dr Akif Khan and iovation’s Greg Pierson tell eGaming Review about the latest developments in fraud prevention and how their companies are keeping the bad guys at bay.
eGaming Review (eGR): How does fraud prevention affect legitimate clients, and what measures can be taken to avoid the loss of good custom?
Dr Akif Khan (AK): Some fraud-screening tools can operate too rigidly, resulting in good customers being turned away unnecessarily. To help avoid the loss of good custom, egaming merchants should invest in an automated solution that enables them to build rules specific to their customers’ behaviour. In addition, focus should be given to recognising good behaviour rather than just trying to spot bad behaviour. Having an adaptable fraud solution, rather than a ‘one size fits all’ approach will help to prevent the loss of legitimate customers while still minimising fraud.
Greg Pierson (GP): The impact of fraud prevention on legitimate customers varies tremendously depending on the risk-mitigation techniques used and the approach taken when responding to potential threats. Ideally, fraud management should be invisible to your customers, preventing threats in the background, in real-time, while protecting the identity and privacy of your customers.

We suggest looking for solutions which offer low false-positive rates so that good players are not mistaken for bad ones, along with solutions which do not interrupt the player experience, but provide efficiencies in the review process, are highly scalable and enable you to respond to requests appropriately.
eGR: What unique services does your offering provide to guard against fraud efficiently and com-prehensively?
AK: The most effective way to protect businesses from online fraud is to use a combination of anti-fraud tools, gathering as much information about each transaction as possible.
CyberSource Decision Manager includes over 200 validation tests and services (such as device fingerprinting, velocity checking and IP geolocation) to help egaming companies catch fraudulent behaviour sooner and more accurately. Each order is simultaneously compared with data collected from thousands of merchants worldwide, to highlight anomalies that may signal fraud.
GP: iovation provides a real-time service which exposes the reputation of computers that connect to your business. We have a database of over 350 million unique computers from every country in the world and our shared platform allows gaming sites to benefit from the traffic, relationships and information provided by thousands of global fraud analysts, representing more than 300 major online brands. Besides knowing when a bad device touches your site, our multi-layered approach also looks at transaction anomalies, velocity rules, profile risk and associated accounts and devices to identify fraudsters. Combining fact-based evidence with inference of risk helps sort the good from the bad at transaction time with nearly zero false-positives.
On average, our gaming customers see a 40% uplift on fraud stopped by leveraging global information, as opposed to just looking at the activity on their own site. In the past 90 days, our platform has stopped 5.6 million fraud attempts. Of these, four million were caught because of activity within individual sites, with the remainder identified through activity on other sites. If a device has defrauded several other gaming sites, why not use this information to avoid the problem in the first place?

eGR: What new forms of fraud have been noted in 2010, and how can these be guarded against? What do you do to keep one step ahead of fraudsters?
AK: Fraudsters are always finding new ways to commit fraud. During 2010 we’ve seen an increase in the number of fraud attacks involving botnets. Fraudsters have long been able to use proxy servers to circumvent IP geolocation checks, but the latest evolution of this trend is organised criminals distributing malware onto innocent people’s computers via phishing sites or email attachments.
This malware effectively turns the computer into a proxy server through which the fraudster can
send transactions, unbeknown to the genuine user of the computer. When a criminal has infected a
large group of computers it is known as a ‘botnet’, which becomes a valuable commodity to rent out
to other fraudsters to use, as it enables them to
hide their location behind a large network of
proxy servers.
One way that egaming merchants can guard against this is to use a vendor with strong device fingerprinting and proxy piercing capability.
GP: So far this year, we are seeing high levels of attempted credit card fraud, collusion, affiliate fraud and account take-overs. Sharing information is key to staying ahead of the fraudsters. Our platform allows gaming sites to benefit from the knowledge of traffic and experience at other sites. Moreover, our platform helps sites benefit from all the fraud management tools and resources across all the business we protect.
eGR: How important is technology to the prevention of crime and fraud in the egaming sector, and what kinds of technologies have been developed recently in response to fraud?
AK: Technology is a critical component in winning the battle against fraud. The most recent innovations in CyberSource’s toolset include powerful device fingerprinting capabilities that enable merchants to accurately and uniquely identify a computer that is being used to transact on their website. This is done passively without interfering with the customer experience, and helps egaming merchants spot fraudsters who are registering multiple times under different identities, for example.
Another cutting-edge feature is the ability to pierce through proxies to establish the true IP location from which the transaction data is originating. If a fraudster was sitting in, say, Vietnam but routing transactions through a proxy in, say, France, this technology would be able to accurately identify their true location and not be fooled by the proxy. This has proven to be exceptionally useful for our merchants.

GP: Technology is necessary to manage risk at scale and optimise operational efficiencies. But technology, people and processes have to work together. We continually add new rules and capabilities to our platform, giving our subscribers greater flexibility and control over the activity on their website by incorporating deep intelligence about end-user devices, associated accounts, and shared history. Alerting sites the moment a bad device touches their business and identifying risks in real-time based on device characteristics and behaviour has already flagged nearly 16 million fraudulent transactions for our clients in the first six months of this year.
eGR: To what extent is the increasing role of alternative payment methods becoming integral to online crime?
GP: The attack surface has increased significantly with the proliferation of alternative payment methods. Every new payment method, like every new feature, creates potential new ways for bad guys to damage your business and exploit your customer base. Multi-layered risk-mitigation strategies and sharing across verticals, geographies and fraud teams is critical.
eGR: How important is choosing the right payment provider in the prevention of fraud?
AK: Merchants should choose a provider that can offer a comprehensive fraud-management solution worldwide. Each business is unique, so it is critical that both organisations work together to define requirements and determine the most suitable approach, whether this is supporting an in-house fraud team or fully outsourcing. Merchants should also work with a provider that offers global coverage and understands ecommerce across the world, not just in the local region. After all, fraudsters are not limited by geographical boundaries.
GP: Choosing a payment provider, or a complimentary set of payment-service providers, is an important decision. Some solutions leave the risk for you to manage, some leverage sophisticated anti-fraud technologies, while others assume the risk. Payments are just one aspect of your business subject to fraud and abuse. No combination of payment-service providers is going to help you stop fraudsters from returning to your site to set up new accounts. Nor will payment-service providers help you uncover account take-over attempts, underage players, chat abuse, chip dumping and other fraud and abuse attempts outside of the payment process.
Specific end-user interactions need the right level of protection, based on what is at risk. The mix of tools you use and the flexibility of individual solutions can help you customise an approach appropriate for individual points of interaction and their associated risk. Ultimately, it’s about balancing risk with customer experience, revenue, and other factors that are important to your business.

(c) WWW.EGRMAGAZINE.COM AUGUST 2010

http://www2.iovation.com/e/1692/es-pdf-egr-fraudroundtable-pdf/I7OGW/204834332

http://marcospoerrle.blogspot.com/
http://marcospoerrle.com/blog/
https://twitter.com/marcospoerrle
https://twitter.com/spoerrle
http://www.facebook.com/pages/Marco-Spoerrle/108765315840487
http://advertising-marketing-techniques.marcospoerrle.net/

Advertising Apple AppleCare Blog Book Facebook FBI iPhone Marco Spoerrle marcospoerrle.com market your business Marketing During Recession Marketing Ideas Privacy Sales and Marketing Security Social Media Social Networking social networks Spoerrle Strategies to Help Teacher Tips for Newbies traffic www.marcospoerrle.com Your Business Grow YouTube

Google today announced an update to its Google Mobile App for the iPad, iPhone, and iPod touch, bringing push notifications for Gmail and Google Calendar.

Ever missed an appointment or important email because you were away from your desk? Now Google Mobile App can help with push notifications from your Google account to your iPhone — an icon badge shows you’ve got new mail in Gmail, and Google Calendar event reminders appear right on your home screen.

Also included in the update is as-you-type results for searches on flight info, weather, stock quotes and currency conversions.

The update appears to just be going live now, and may not yet be appearing for all users.

http://marcospoerrle.blogspot.com/

http://marcospoerrle.com/blog/

https://twitter.com/marcospoerrle

https://twitter.com/spoerrle

http://www.facebook.com/pages/Marco-Spoerrle/108765315840487

http://advertising-marketing-techniques.marcospoerrle.net/

posted by Eric Slivka on Monday August 23, 2010 01:47 PM

Facebook is suing a company called Teachbook, which operates a social networking site for teachers, apparently because it has “book” in its name and “competes” with Facebook. Teachbook is described as “a professional community for teachers”. Sounds like a threat to Facebook’s existence doesn’t it?

Do you think Facebook should be suing Teachbook? Tell us what you think.

Ryan Tate at Valleywag draws on some irony, saying, “Imagine: Someone ripping off the name of an existing social networking tool for his own site. Why, that hasn’t been done since 2004 when some punk kid at Harvard registered TheFacebook.com while college administrators were already developing their own ‘online facebook.’”

The beginning of the suit reads:

Facebook has become a worldwide social, cultural and political phenomenon. With fame comes imitation. Here, Defendant Teachbook.com LLC rides on the coattails of the fame and enormous goodwill of the FACEBOOK trademark. Misappropriating the distinctive BOOK portion of Facebook’s trademark, Defendant has created its own competing online networking community in a blatant attempt to become Facebook “for Teachers.” Despite Facebook’s protests, Defendant has willfully and deliberately persisted in its misappropriation of the Facebook brand, forcing Facebook to protect its user community and the strength of the Famous FACEBOOK trademark through this action.

They’re protecting us – the user community.

When a user (teacher) joins Teachbook, the site promises the ability to manage a professional profile and all info in the account by choosing to share with admins, colleagues, parents, or public. It lets teachers create lesson plans, instructional videos, and other teaching resources. It lets users manage their classroom communications with secure parent-teacher communication tools (gradebook, events calendar, classroom newsletter, homework space). It lets teachers communicate with colleagues through discussion, chat, blogs, etc. It lets them create and manage online courses and instructional modules. It lets teachers manage student grades by recording, calculating, and sharing them within the Gradebook. (I wonder if Facebook knows they’re using the word “gradebook” too).

Facebook drops the following stats in its case for why others shouldn’t be able to use the word “book” in their names:

“Through this usage, Facebook has permeated the web and Facebook users are accustomed to seeing and expect to see Facebook across the world wide web, not just on the Facebook site,” the suit proclaims. “Facebook, and its FACEBOOK trademark, are famous.”

The suit also mentions that Facebook owns a number of U.S. registrations for the mark FACEBOOK, covering a variety of goods and services, such as online networking services, chat functions, electronic media, online journals with user-defined content and electronic publishing services, and software to enable uploading, tagging, and sharing of electronic media or info.

By this logic, other companies that use either “Face” or “Book” may have to fear. It’s unclear what the company’s stance on the word “the” is, as Facebook was first called “The Facebook”. “The” is only slightly more common than “book”, especially in the teaching profession, I would imagine. Since “the” is no longer part of the Facbook brand, I’m guessing they won’t pursue that.

It’s also worth noting that Facebook just launched a product called “Facebook Places” , even though Google (their direct competitor) already had a product called ”Google Places”.

This suit comes at a time when Facebook is becoming much more integrated with not only the web, as the company pointed out, but the real world as well. Facebook Places is bringing physical locations to Facebook, and other third-parties are also coming up with different ways to connect physical objects (not just places) to Facebook. Watch out, books!

The entire suit can be read here (pdf).

This week, the New York Times and BBC News both reported that the Federal Bureau of Investigation (FBI) has sent the Wikimedia Foundatation a letter, ordering the removal of an image of the Bureau’s seal from its Wikipedia entry. The Wikimedia Foundation’s response thus far has basically  been, “no.”

The NYT provides copies of both the FBI’s letter, and the Wikimedia Foundation’s response. Pretty entertaining stuff. The FBI’s letter, signed by Deputy General Counsel David C. Larson, begins:

It has come to our attention that the FBI seal is posted, without authorization, on Wikipedia at the following site: http://en.wikipedia.org/wiki/File:US-FBIShadedSeal. svg . As the site itself notes, “Unauthorized use of the FBI seal . . . is subject to criminal prosecution under Federal criminal law, including 18 U.S.C. 701.”

The FBI Seal is an official insignia of the Department of Justice. Its primary purpose is to authenticate the official communications and actions of the FBI. Unauthorized reproduction or use of the FB I Seal is prohibited by 18 United States Code, Section 701, which provides:

Whoever manufactures, sells, or possesses any insignia, of the design prescribed by the [Department head] or any colordble imitation thereof, or photographs, prints, or in any other manner makes or executes any engraving, photograph, print, or impression in the likeness of any such insignia, or any colorable imitation thereof, except as authorized under regulation made pursuant to law, shall be fined under this title or imprisoned not more than six months, or both…

See the whole letter here (pdf).

The Wikimedia Foundation’s letter, signed by General Counsel Mike Godwin, begins:

Dear Deputy Director Larson,

First, thank you for taking my call Thursday, and congratulations on your imminent retirement after so many years of service. It’s unfortunate that on such an otherwise happy occasion I must inform you that the Bureau’s reading of 18 U.S.C. 701 is both idiosyncratic (made especially so by your strategic redaction of important language) and, more importantly, incorrect.

I’m writing you, of course, regarding your recent letter reiterating the Bureau’s invocation of 18 U.S.C. 701 and your demand for removal of the image of the FBI Seal on Wikipedia (images of which are widely available elsewhere, including on the Encyclopedia Britannica website, last I checked). You may recall that in my initial email response to your estimable Assistant General Counsel, Mr. Binney, I pointed to cases construing Section 701 and that, in a subsequent email, I broadly hinted that ejusdem generis, a standard accepted canon of statutory construction, demonstrates that this statute is inapposite to the use of an image of the seal on an encyclopedia.

It’s clear that you and Mr. Binney took the hint, although perhaps not in the way I would have preferred. Entertainingly, in support for your argument, you included a version of 701 in which you removed the very phrases that subject the statute to ejusdem generis analysis. While we appreciate your desire to revise the statute to reflect your expansive vision of it, the fact is that we must work with the actual language of the statute, not the aspirational version of Section 701 that you forwarded to us…

See that whole letter here.

Clearly, the Wikimedia Foundation firmly believes that it is not in the wrong here, and is prepared to go to court with the FBI, if it comes to that, as Godwin notes in the letter.

be interesting to see if the FBI pursues this, as everyone else wonders why the FBI isn’t focused on more pressing matters. I can’t imagine what harm the FBI’s seal is doing on a non-profit community encyclopedia site aimed at spreading knowledge.

Which side do you agree with? The FBI’s or the Wikimedia Foundation’s?
Let us know.

http://marcospoerrle.blogspot.com/

http://marcospoerrle.com/blog/

https://twitter.com/marcospoerrle

https://twitter.com/spoerrle

http://www.facebook.com/pages/Marco-Spoerrle/108765315840487

http://advertising-marketing-techniques.marcospoerrle.net/

FBI, Marco Spoerrle, marcospoerrle.com, Advertising, Blog, Facebook, market your business, Spoerrle, Social Networking, Social Media, Security

By Chris Crum | Staff Writer

You’ve probably read about the infamous “leaked” list of user names this week, that a security researcher shared in a torrent. A bunch of companies have reportedly been downloading the info leading to some unnecessary paranoia. Our own IT department took a look at that torrent, and there’s really nothing to get freaked out about. It just contains data that’s already public (170,879,858 URLs by our count), as the “leaker” Ron Bowes told BBC News.

The biggest file is called facebook-urls.txt. The top of the file looks like this (with “xxxxx” representing the unique number associated with the accounts):

http://en-us.facebook.com/people/-/xxxxxxx

http://en-us.facebook.com/people/-/xxxxxxxx

http://en-us.facebook.com/people/-/xxxxxxx

http://en-us.facebook.com/people/-/xxxxxxxxx

http://en-us.facebook.com/people/-/xxxxxxxxxx

Eventually, once you get past the dashes, they start looking like this (where the “xxxx” represents people’s names):

http://en-us.facebook.com/people/A-xxx-xxx-xxx/100001172054083

http://en-us.facebook.com/people/A-xxxxxx-xxxxxxxx/100000816806409

http://en-us.facebook.com/people/A-xxxxxx-xxxxxxxxxxxxxxx-xxx-xxxxxx/643427473

“So you could figure out somebody’s name from the profile URL, but that’s really about it,” our IT manager says. “Anything else, you’d have to actually go to the URL and crawl it.”

And of course, these people are already in the Facebook Directory anyway, as Bowes noted. There’s no other information.

From the README file included in the torrent, here are the list of all the files:

Filname                            Description
————————————————————————-
facebook.rb                     The script used to generate these files (v1)
facebook.nse                    The script that will be used for the second pass (v2)
facebook-urls                   The full URLs to every profile
facebook-names-original         All names, including duplicates
facebook-names-unique           All names, no duplicates
facebook-names-withcount        All names, no duplicates but with a count
facebook-firstnames-withcount   All first names (with count)
facebook-lastnames-withcount    All last names (with count)
facebook-f.last-withcount       All first initial last name (with count)
facebook-first.l-withcount      All first name last initial (with count)

Bowes said that collecting the data was in no way irresponsible and likened it to a telephone directory. On top of that, there’s not any info to distinguish people with the same names apart from one another.

Facebook has also confirmed that the info in the list was already freely available online, and that “no private data is available or has been compromised.”

This article from the Telegraph claims that the torrent contains info like profile pictures, lists of friends, etc. Our team says that’s not true and that you’d have to re-crawl the profile URL in order to get that data.

The bottom line is that the info in the torrent is public info, just like any other personal info that is published publicly on the web that’s out there for Google, Yahoo, Bing, or any other crawler to index. Essentially, all that’s really in the torrent is big list of URLs. Whoa!

The companies downloading the torrent for whatever purposes they have in mind, would probably be better served to just look at the directory. Facebook has a lot more users than 170,879,858.

http://marcospoerrle.blogspot.com/

http://marcospoerrle.com/blog/

https://twitter.com/marcospoerrle

https://twitter.com/spoerrle

http://www.facebook.com/pages/Marco-Spoerrle/108765315840487

http://advertising-marketing-techniques.marcospoerrle.net/

By Chris Crum