I just got several security attack messages while trying to make a text only blog post while logged into my own account. The offending blog post is pasted below, and the errors after that. Apparently it has too much white space and all sorts of other stuff - I'm still trying to get that in by removing that formatting, but it looks lousy - plus my members won't have the advantage of knowing that is the problem As I mentioned in another post, it is never a good situation when you are yelling "What a piece of crap!" at your own system.
-----------------
Google may buy Yelp - is this a good idea?
I read in the LA times this morining that Google may by Yelp - a site that specializes in reviews of small business. I'm not sure I like this idea. While at one time I think Google really was oriented towards "empowering" small business, now I think more are more they want to control them.
I first started thinking this when I read a passionate protest against "Google SideWiki". This is a little utility where you can comment on a website through Google, without being a member of that website. So right now you could for example, go write "The California Small Business Community Sucks!" (please don't do that) and I would have to go write a rebuttal - another thing to deal with. Since many sites like this are run by small business, Google is essentially trying to "trump" their site and take advantage of their hard work.
Another example is "Open ID" - it is a little more technical, but this was supposed to let people log on to sites like this with their Google ID and password. At first I thought this was OK- it would allow people to have just one centrally managed place for their passwords. Then I learned that webmasters that develop sites like this wouldn't even be allowed to have access to their member's email. Special programs would have to be written to send requests to Google to send messages to members- the management of sites like this wouldn't even have access to email addresses!
This is all getting a bit too "big brother" for me. Google is trying to "trump" the Internet. Our only job is to provide content for them so they can sell more advertising. What ever happened to "don't be evil"
------------------
Google ready to buy Yelp? LA Times, December 18, 2009
In what could be a sign that Google is ready to train its computing power on the local advertising market, the search giant was reported today to be in talks to buy Yelp, a San Francisco company that enables users to review all sorts of businesses.
The website TechCrunch, citing anonymous sources, reported that the two companies are very close to an acquisition and that the price could be in the neighborhood of $500 million. Representatives of both companies declined to comment, according to Bloomberg News.
Analysts immediately noted that Google -- which acquired AdMob last month for $750 million -- is probably particularly interested in Yelp's sales force, which operates in 30 markets and knows how to sell to local advertisers. "This would be the closest Google has gotten to buying a 'sales force' with a meaningful 'on the ground' presence in the form of local editorial people in market and telephone salespeople," Greg Sterling wrote on Search Engine Land's website.
Though Yelp has occasionally incurred the wrath of local business owners -- over negative reviews posted on the site or aggressive sales tactics -- most of the company's revenue comes from selling ads to those businesses. The company disputes the main complaints and says it works hard to serve businesses fairly. The company has also empowered thousands of average people -- it calls them "Yelpers" -- to review restaurants, dentists, retail shops and scores of other businesses.
Yelp was founded in 2004 by former PayPal employees Jeremy Stoppelman and Russel Simmons, who started with a $1-million investment from PayPal co-founder Max Levchin. It has since received an additional $30 million from venture firms DAG Ventures, Bessemer Venture Partners and Benchmark Capital, Bloomberg reported. The company says it hosts more than 8 million reviews, and more than 26 million people visited the site in November.
Impact: 35 | Tags: xss, csrf, id, rfe, sqli, lfi
Description: finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID: 1
Description: finds attribute breaking injections including whitespace attacks | Tags: xss, csrf | ID: 2
Description: Detects JavaScript with(), ternary operators and XML predicate attacks | Tags: xss, csrf | ID: 7
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20
Description: Detects common comment types | Tags: xss, csrf, id | ID: 35
Description: Detects comments to exploit firefox' faulty rendering and proprietary opera attacks | Tags: xss, csrf, id | ID: 36
Description: Detects MySQL comments, conditions and ch(a)r injections | Tags: sqli, id, lfi | ID: 40
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43
