Experimenting with the New Top Level Domains

by Michael Cropper | Jun 14, 2015 | SEO | 0 comments

A while ago we talked about what the new top level domains mean for businesses. Since writing that blog post over 12 months ago, a lot has happened. Since the initial announcement of new top level domains coming to the market, we thought it would be worth looking at what has actually changed and what you can actually do with the new domains.

New Generic Top Level Domains

Back in February 2014, there was a total of 362 top level domains that had been registered. Today, there are 988, a figure that is almost triple. Again, have a good browse through the top level domains that have been registered over the past year to get a feel for how things are changing.

An interesting point to note that while we have seen an almost tripling of top level domains that have been registered, we’ve yet to see any significant rollout of these domain names from businesses and brands online. The .google top level domain has been registered, yet we are all still using google.com or google.co.uk when searching. Likewise, .barclays has been registered but we are also still using barclays.com or barclays.co.uk. So why is this?

Well, honestly, things haven’t really changed that much over the past year when it comes to how customers perceive top level domains. If anything, people have become more wary of websites that don’t appear genuine, with cyber fraud and phishing attacks becoming part of everyday life. You only need to look back and read some of the topics we’ve covered on cyber security recently to see the scale of the problem; Cyber Security Conference 2015; Online Fraud and Cybercrime is a Serious Threat in 2015; Creative Entrepreneur 2014; A Short Story About… A Poorly Designed Website Allowing Anyone to Register as an Administrator Without Validation or Authorisation.

What this has ultimately led to is a situation whereby it appears that brands aren’t willing to experiment with the new top level domains just yet. So we thought we would experiment a little to see what kind of things we could do. It would be extremely unlikely for us to switch over to our new top level domain for the main website, since people are still very unsure about the new top level domains and still associate websites with the traditional .com and .co.uk. Hence why this is a nice little experiment to see how people can interact with websites and brands in a more user friendly and effective way with a little thought and planning.

Introducing contrado.digital

That’s right, we’ve just purchased a trendy domain that fits well with our brand, http://contrado.digital. Yes this is the full domain. The .digital top level domain became available quite recently, so we thought it would be worth securing this to protect the brand. Going beyond this, we’ve set up some additional functionality that allows you to interact with us a little easier.

http://search.contrado.digital

To search the Contrado Digital website, you could use search functionality that is built into WordPress, www.contradodigital.com/?s=searchQuery, although you may not know that exists. We’ve kept the search functionality hidden on purpose for the time being to avoid cluttering the main navigation as we found that it wasn’t being used a great deal by the majority of website visitors. But what if you still want to search the website without having to remember what the specific search URL is?

That’s why we created search.contrado.digital. Simple type this into your web browser, followed by your search query and you will automatically be shown a search results specifically for your query. For example, here are a few you can try;

• search.contrado.digital/cyber security
• search.contrado.digital/utm tracking parameters
• search.contrado.digital/digital lifeline

So there’s a nice easy way to find exactly what you need on the Contrado Digital website.

http://email.contrado.digital

To email us at Contrado Digital, again, simply type the following into your web browser, email.contrado.digital and you will be presented with a simple way to drop us an email without any effort at all. Go on, give it a go;

• email.contrado.digital

Yes, you could just go to the homepage, scroll down to the bottom and click on the link there. But why waste your time looking for an email address when you could just setup a nice piece of functionality that automates this whole process for you.

Social Media Channels

How about if you want to go straight to our social media channels to find out the latest trends happening in the digital world? Sure, you could again go to the website, hunt for the social media icons or go to the social media website and search for us there. But why waste your time doing that when you could just go straight to the relevant channel with ease;

• facebook.contrado.digital
• linkedin.contrado.digital
• twitter.contrado.digital

Nice little bit of functionality!

Summary

While the new top level domains are certainly still in their infancy, is there any way that you could be using these to help your audience connect with your brand easier? I’m sure there are many different and unique pieces of functionality that can enhance the user experience of your website by using this technology. What ways can you think of that would help by using a similar setup?

A Short Story About… A Poorly Designed Website Allowing Anyone to Register as an Administrator Without Validation or Authorisation

by Michael Cropper | Jun 10, 2015 | SEO | 0 comments

A Short Story About… series, sharing stories about epic fails related to digital marketing, web design, technology choices and more. All designed to make you aware of what can happen when you work with the wrong people and an inexperienced digital agency. Remember the importance of working with the right digital agency.

Sharing these real life stories with you allows you to review your own setup to make sure you aren’t making the same rookie mistakes. Sharing is caring and it also makes our life easier when you speak with us about increasing your revenue through digital marketing and technology.

Look at our new shiny website!

The story starts here…. We received an email from a business owner who mentioned that they had passed on our details to another business owner related to some work that they needed support with. Nothing too strange here, we get this all the time.

Naturally, when we receive requests such as this, we have a quick nosey around to get a feel for the website, digital marketing channels, technologies in use and more. Based on this quick analysis we soon get a feel for where the business is at when it comes to how digitally advanced they are, or aren’t, as the case may be.

Having already heard of the business that had been referred to us, we already knew that the website was in development with another agency (sorry, we’re not going to name and shame here, but we shall say that they are local to us…). Based on this, we had a quick look around the new website;

Website X

Initial Investigations

One of the key areas we investigate is to see what technology the website has been built with and ultimately decide if we even want to get involved with helping the business. Depending on the technology used and other factors, we often turn down work that is just too far gone to help and there is no budget for a complete rebuild. Often bad decisions in the past can lead to costly solutions in the future, often which businesses don’t have budgets for re-doing something. Thankfully though, there is generally something we can help with in one way shape or form.

We always recommend the right solutions for businesses, it’s unfortunate that this ethos isn’t the same for all agencies, with many often using poorly configured technology, custom built technology and everything in between. Hence, why businesses come to us when things have gone wrong elsewhere and they are looking for a good solution that is truly suitable for their long term needs. As a caveat, there are a lot of good agencies around alongside ourselves and we can quite happily point you to them. It is also true, as many businesses are painfully aware, that there are a lot of charlatans around too.

So, while investigating what technology was powering the website, we soon noticed a login button on the website;

So we had a quick look at the login page to see if this resembled any of the common content management systems around;

And what do we see here, a nice “Register” button, so we investigated a little further;

Ooohh, that looks like a nice easy registration form, so we tested a little further…;

• Username: test
• Password: test123
• Confirm password: test123

Surely any content management system or website worth it’s weight in salt would handle guest registrations in a graceful and secure way? Well, no, and this is where we were really shocked to see how bad this system has actually been built in terms of security. After registering a user using the form available on the website for anyone to see, we went back to the login page from earlier and tested these details;

And here we are, straight into the administration area where we can edit the content of the website as we choose. Adding content, deleting content, uploading images in the gallery, addling links to websites of our choosing and more. To test that we do indeed have the right privileges, we added (and then immediately removed) a piece of content to the website which was visible once we updated this;

(Click for larger view)

The above isn’t the actual content that was added to the website for obvious reasons. It was simply a number “1” which was added to one of the sentences then removed immediately. The above image is purely for illustrative purposes and to emphasise the point.

It is extremely worrying that a website can be built with no security in place at all. This process took no more than 5 minutes to investigate, test and access the admin area. Imagine what we could do in 10 minutes…

Now if someone came along who had an axe to grind or was looking to infect websites with malware and other code, this would be extremely easy thing to do. Not only could this result in the website being blacklisted from Google, your own website visitors and customers could be infected with viruses or your website could be (unknowing to you) part of a bot net that is hacking many websites around the world.

This blog post is not designed to show how good we are when it comes to identifying security issues related to websites (although we aren’t too bad at that…), this blog post is designed to highlight how easy security issues can occur when you are using either the wrong technology, incorrectly configured technology, sloppy web developers or an agency who clearly has no idea what they are doing.

For any website or web application, security should be embedded from the start of the project and clear testing throughout to ensure that only those who have access to the administration area do have access to it. Security is not an added extra, this is your own business and website that we are talking about. An area that you have clearly worked hard on and one that will no doubt have been a reasonable investment. Don’t get caught out with rookie mistakes.

Imaging if the administration area contained a list of all of your customers who had registered with your website? Or if this contained personal sensitive information in unencrypted form, names, email addresses, phone numbers or heavens forbid credit card details? Such a simple mistake can turn into an enormous problem. All preventable when you are working with the right people who have the skills, knowledge and experience to do the job properly.

Technology

For reference, the technology behind the website in this case study was running the following;

• IIS 8 Web Server
• Net / ASP.Net MVC Framework (this is where the problem and solution lie, allowing anyone to view the user registration page and allowing the default user to be created as an Administrator)
• Google Hosted Libraries
• jQuery
• Fancybox

Incorrectly configuring technology is one of the most common pitfalls related to website security. It is so important that you are working with a well-respected company who have staff with a wealth of experience and capable of preventing issues like this occurring.

The Solution

Throughout this blog post, the company has remained masked and is not identifiable in any way for obvious reasons. The company has also been notified and their agency is working on a solution as a priority. We believe in responsible disclosure, which is why we have published these findings, to avoid others falling into the same trap.

For reference for the developers working on this solution, if any pointers are needed, a quick Google search for the solution came up which may be quite useful;

• http://stackoverflow.com/questions/12706236/restricting-access-to-register-user-in-asp-net-mvc
• http://forums.asp.net/t/1886372.aspx?How+to+remove+self+registration+from+mvc+4+Internet+application
• http://www.asp.net/web-pages/overview/security/16-adding-security-and-membership
• http://www.asp.net/mvc/overview/older-versions-1/nerddinner/secure-applications-using-authentication-and-authorization
• http://www.asp.net/mvc

Please also have some form of robust security processes in place within your business to prevent this happening again in the future. Please also check all of your other clients who you have built websites for in this same fashion, as this could also need fixing on their website too. Again, it is extremely simply to gather a list of websites built by the same agency where this problem could also exist;

For anyone looking to do harm, this could turn into a reputational nightmare for the agency involved along with causing all of the businesses involved an awful lot of lost revenue if this was exploited fully by a hacker before a solution was implemented. Staff training, for both technical and non-technical users is key in this area to ensure that problems are identified before other people find them and exploit them.

Summary

As mentioned at the start, it is essential that you are working with the right digital agency who is capable of delivering projects in a secure fashion. Simply working with the cheapest company, the company who can talk the best talk or the company who manages to convince you that their solution is the best one over all of the others just isn’t going to cut it. As a business owner or decision maker, it is ultimately your responsibility that you are working with well-respected agencies who know what they are doing.

If you are concerned by the contents of this blog post, if you are questioning your current supplier or are generally concerned about the security of your digital assets, then get in touch. Cyber security is a hot topic for a reason, it is hugely important to protect the future of your online presence and more.

The learning point: Ensure your website registration process doesn’t allow new users to access parts of the website they shouldn’t. In this example, using a well-respected content management system would have prevented this issue altogether. Many website builds do not require any fancy custom built content management system solution, popular platforms such as WordPress or Magento are often perfect for the job.

Has the Internet Reached Full Capacity Already?

by Michael Cropper | May 13, 2015 | SEO | 0 comments

Seriously, have we reached full capacity? I’m speaking specifically about traditional broadband connections, not fibre broadband. The ‘old’ broadband running on the copper lines from the exchange. It seems that this technology is well and truly full, at least based on personal experience and that of anecdotal evidence from speaking with other people in a similar situation.

To put this into context, previously the internet connection at home has been more than adequate for a good number of years based on the type of activities within the household. More recently, since our old provider was bought out by a larger provider and my personal working habits have changed slightly, I am starting to question if the current broadband infrastructure has reached full capacity and I’m putting the question out there, have you noticed any difference recently in your home non-superfast internet speeds?

Superfast Internet

The rollout of superfast broadband throughout the UK is absolutely needed, but have we gone far enough with the rollout? The current superfast broadband rollout is what is technically known as Fibre to the Cabinet, FTTC for short. In lay-person speak, this means that there is now a fibre connection from your local telephone exchange to the little green box at the end of your street.

Traditionally, this part of the journey was powered using copper wire. This is a problem due to the laws of physics. Transferring data (i.e. your internet connection) is significantly faster through a fibre optic cable than through the old copper wires. Hence why the rollout of fibre broadband was essential as data usage has significantly increased over recent years with the growth of services such as Netflix, YouTube, Amazon Prime, Tesco Blink, Xbox Live, Online Gaming and more.

But I question whether we have gone far enough with the upgrades and whether we actually have a long term solution in place for the growing data requirements for home and business users. The current superfast broadband rollout is a significant improvement which has implemented the improvements to part of the line as can be seen below;

Source: http://www.thinkbroadband.com/guide/fibre-broadband.html

What you will notice is that this isn’t the whole picture. There is part of the connection which is still using the older technology, which is the part of the connection between your green box and your home. For office use, this generally is not a problem as there is either a leased line to the premises or similar technology making the internet connection truly superfast. For some users, and most importantly, the growing remote and flexible workers as part of your workforce, this is actually a large problem. Personally, there is rarely a working day that is the same, with work being completed in various locations depending on the plan for the week. Which means that for myself personally, I could be experiencing internet connections with down streams nearing 100 mb/s or as poor as 2mb/s with continuous dropouts depending on the time of the day. While this doesn’t interrupt any activities, it does require a little more planning, a backup plan in place at all times in the form of mobile data, oh, and the forced upgrade to a fibre connection – more on that later though.

Speaking based only on anecdotal evidence, on a traditional broadband connection at home, the evidence is clear, broadband connectivity issues starting around 3:30pm, peaking around 5pm, starting to tailor off around 7pm. What I’m talking about here is when the internet connectivity gets so bad that it is not possible to load a website or connect to the internet. After a lot of thought on the topic, the only conclusion that I can make based on this is that children are arriving home from school at around 3:30pm, accessing all of the on-demand services, clogging up the internet then going to bed around 7pm. Thinking through many options that could be causing this, along with endless discussions with home broadband technical departments working to ‘resolve the issue’ (and failing miserably), it is clear that the old provider was not able to fix the issue which I believe to be related to the capacity crunch that we are all experiencing invisibly at the minute.

The Capacity Crunch

The next step of my personal story is that we are moving to superfast fibre broadband at home, not out of a want for faster speeds as for home use, traditional broadband used to be absolutely fine for our needs as a home user. No, we are moving to a superfast fibre connection out of necessity. As part of the process, one comment from the new supplier struck a cord and made me think about what has actually happened with the recent broadband rollout project within the UK. The comment was that the new provider is going to have to send out an engineer to the green box and flick us on to fibre.

So in summary, unless you are paying directly for a fibre connection, you simply aren’t benefiting from this new technology. Call me a cynic, but this does seem a little strange why home users aren’t automatically switched over to this upgrade when they already often paying reasonably hefty prices for basic usage, on the whole – and that the project was part funded (50/50) by the European Union through the European Regional Development Fund and local authorities throughout the UK.

The question I came to ask myself was whether we, as home consumers, were being forced down a paid upgrade route when the reality is that the current service being provided simply isn’t up to scratch and is not fit for purpose. The copper pipe is already full which is causing service issues for those people using traditional broadband technology.

Another topic in this area, which we will cover in more depth in another blog post is the difference between broadcast technology (i.e. your live TV) VS streaming technology (i.e. anything over the internet). We’ll look at the technical details a little more another time, for now, the key point is that broadband technology is a first-come-first-serve basis, meaning that if there is a certain amount of capacity on the old copper lines, then whoever uses the capacity first wins and those who aren’t quick enough lose out. All of this is clearly a little more complex than this in the background and simply put, those closer to the exchange have priority over the bandwidth. Meaning that the further away from your local exchange you are, the further down the pecking order you are when it comes to getting your fair share of bandwidth and often those further out are left with the crumbs at the end.

It may be no surprise to you based on the tone of this blog post that we aren’t quite sat next to the local exchange at home. Never the less, we also aren’t tens of miles away either. Traditional broadband has been (up until recently) and should be absolutely fine for our needs, yet it isn’t. Instead, a forced ‘upgrade’ to a fibre service is required to maintain basic connectivity to the home, not to get 200x the speed we currently get.

The Cloud

Putting this into context from a business perspective as a whole, more and more staff are requesting home and flexible working options for various reasons. The image I came across on LinkedIn recently resonated with a lot of people and really does go to show where business and the idea of ‘work’ is heading;

Attribution required: If this is your image, get in touch and we’ll credit you accordingly J
The concept of a modern day working environment requires an unbelievable robust internet connection throughout the UK that can be enjoyed by all. One that I do not believe we have. The recent upgrades are a step in the right direction but we need more.

As more businesses migrate their entire business to the cloud for all of the benefits this brings, the key to all of this working seamlessly is a robust internet network. With accounting software, project management software, research tools, file storage systems, customer relationship management systems and more all being contained within the cloud. This all only works with a fantastic internet connection throughout all parts of the data journey.

The Reality for Many

While this blog post may seem like a little rant against poor performing internet speeds at home, it isn’t. I’ve had that spat directly with the current provider on Twitter J No, this blog post is to highlight the issue that many people are currently experiencing yet there seems to be no real long term solution to this growing problem. Sure, we have had a significant improvement in the form of fibre broadband throughout the UK, but this is not going to last and quite frankly this rollout is not the inclusive Britain that we all aim to strive for. The ever increasing costs related to basic services, and I do include internet in this category, needs addressing and a real solution needs to be identified.

Browse through the swarms of people on Twitter complaining every day about broadband connection speed problems from all suppliers à https://twitter.com/search?f=realtime&q=slow%20broadband&src=typd. Backing up personal anecdotal evidence. This isn’t just the reality for a small number of people, this is a problem impacting an awful lot more people than those just voicing their opinions on Twitter.

Again, putting this into perspective, when comparing home broadband speeds directly with data speeds when connecting to the internet via a mobile phone provider, it is clear there is an issue with the technology;

The mobile data tariffs are just way too expensive currently to warrant permanent connectivity through mobile phone networks. Although maybe this is a longer term solution and the reason why BT is looking to buy EE for £12.5 billion, the largest and fastest mobile network throughout the UK.

The Future

So where do we go from here? Clearly this is a problem where the solution is a little more involved than my thoughts in a blog post. With some interesting blog posts coming from BT on the matter recently, the issue is clearly already under discussion;

“BT’s head of optical access, Professor Andrew Lord, who will take part in the conference said: “It’s the first time we have had to worry about optical fibres actually filling up. We could expand the network by laying more cables but the economics of that do not work and it would increase power consumption. Prof Lord added that a possible solution to the problem would be to ration internet access, where household consumers and businesses would be charged for the amount of data they use.” – Source (5^th May 2015)

“The internet will not need to be rationed in the future because of a “data capacity crunch”, according to a leading scientist from telecoms giant BT.” – Source (11^th May 2015)

Whatever the solution, it is clear that more needs to be done by all the key players in this market to address these issues, and fast. Many web services are seeing exponential growth in data usage as consumer behaviour shifts from broadcast to on-demand services which is only going to grow further. Couple this with the future horizon in an internet connected world with the Internet of Things, we have a serious crunch approaching in my opinion.

This is purely my personal opinion on where we are at currently and where we are heading. It would be great to hear your thoughts on the topic and share your experience in the comments. Do you think the internet has reached full capacity? Do you think we are heading for a capacity crunch? Or are you simply loving your new fibre broadband speeds streaming series after series of the latest dramas on Netflix?