Author: Olly

  • Facebook IS spying on you, but not with messenger

    Facebook has recently rolled out its “in house” browser to “open links faster” on Android and possibly iOS devices (anyone confirm the iOS bit?) and I’ve been cool with it so far as it does seem to make things a bit faster – but then the real reason for this new feature suddenly dawned on me!

    Data mining!

    Now, not only do they know what you ‘like’ and what links you click on from within your Facebook app, but now they also know what you do once you are on that page. “Did you click on anything else? What else might interest you? Was the content relevant or did you bounce straight back?”

    *It’s worth noting at this point that they’re not doing this so they can make a clone of you and steal your identities. They are more likely to be doing it so they can learn more about you, which in turn allows them to target their advertising better and improve their service to you… Which in turn makes you a more profitable customer for them.*

    So, despite it actually being a benefit in the form of faster link opening times, it’s just a sneaky way of harvesting more of your data – and as we all know, data is the new gold.

    They’ve already built a multi billion corporation with our content, now they are squeezing more out of our Facebook experience to harvest more data to use and probably sell for a huge (probably tax free) profit.

    Clever move, Facebook. You sneaky little prawn.

  • PCI Compliance Nonsense

    OK – I’ve had about enough of this and I need to rant somewhere!!

    As everyone knows – we make websites and quite recently we have been building  lots and lots of online shops. Its usually much more of a technical job as there are so many more elements to take into consideration, one being payments and how you take them via/on your website.

    There are generally three ways you can take payments, and they are as follows;

    1) Simple “cash holding” payment gateways like PayPal – this takes the money and holds it in your paypal account – not a merchant account.

    2) Similar 3rd party payment gateways like SagePay – these are tied to a merchant account which is a bank account specifically for website payments.

    3) Embedded payment gateways that never take anyone from your site, process the payment on your site and sends money to a merchant account.

    Now all apart from the 3rd (in my professional opinion) do not require any level of pci compliance, as the payment isnt taken on the customer website – its taken on PayPal.com or SagePay.com – who then need to be PCI compliant as thats the point of it all..

    Q: What is PCI?

    A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment.

    ~Source

    Now somewhere along the line some idiot at the top of the ladder in the financial industry has decided that everyone who owns a merchant account (which are never and could never be hosted on our clients hosting environment, so again, hosted with a 3rd party) needs to be PCI compliant – what a load of rubbish!

    I agree 100% that if you take/store/send payment info you need to tick every box in terms of compliance – as you are dealing with highly sensitive information –  but why do my clients need to become PCI compliant if they never see the card/payment details themselves?

    What the fools at the banks don’t realise is that by them making a stupid call like this (like the cookie thing a few years ago) they are forcing thousands and thousands of small to large sized businesses to unnecessarily pay to have their hosting environments PCI compliant – when they don’t need to!

    Additionally, many customers with shared hosting might need to move their site to a dedicated server or VPS at a significantly higher cost to themselves – as some PCI scanners say that shared hosting can never be PCI compliant – its an area of much confusion & myth and really needs properly clearing up by someone who knows what they are talking about, not just some suit making a blind call with nothing to back it up.

    Is there anyone out there that can (from a technical point of view, i’m actually able to search Google myself also) explain to me why ANYONE using something like SagePay with an external merchant account needs to be PCI compliant themselves?

    </rant-over>

  • Finally settled on a new layout

    My rekindled love for blogging has also meant i’ve been spending time tinkering with my blog layout and the colour scheme trying to get it just how I want it.

    For the last few weeks I was rocking an awesome theme, to be fair it was the best one i’ve ever had, proper ticked all the boxes…. apart from the fact once I started delving in and altering a few things I realised the guy who made it was a moron and had obviously coded most of the template files with his knees.

    The structure of everything was a mess. I was very sad :'(

    So, I started the hunt for a new WordPress Theme (you’d have thought i’d have one of the ninjas at work make me one haha) and it reminded me about how hard it was to find simple blogging themes nowadays that focus on the written content rather than huge header images and image slideshows and junk.

    …Is that because no one writes old fashioned blogs any more?

    I get that a picture is worth a thousand words but I often visit blogs and they’re using premium themes that are built to focus on large imagery that accompany the published articles, and the authors simply use some crappy stock image because if they don’t they break the layout of the page.

    So is there really any point in having that as a main feature of the theme?

    We did some work for a lady recently who was a travel blogger, and because of what she blogged about she needed large images to be part of her articles else the images of the places she visited wouldn’t get across to her readers – however not everyone blogs about “visual” things so there really should be more choice of themes out there for the rest of us! 🙂

    Anyway, after 20 minutes or so I saw this theme, liked that it was fairly bare-bones and installed it. All credit to Per Sandström for making a great theme that is easily customisable and is made for bloggers!

    Hurray for simplicity!

  • SCAM – Data File Google Winning Batch: UK/111/GWIN/GUK

    Dave spotted this in our spam box from anagalski@iimcb.gov.pl with a reply to address as owenhookson09@gmail.com – as if “the CEO of Google” would have an email address like that!

    “You have Been Selected as a Winner for Using Google Services. Find attached E-mail with more details.
    Congratulations,

    Sincerely.
    Mr. Owen Hookson.
    CEO GOOGLE UK.”

    And its another attachment jobbo – look at this beaut;

    1

    2

    Here is the original file

    Its of course – a Scam – stay away folks and if you see anything like this in your inbox forward it me so I can have a giggle 🙂