Search Engine Optimisation - comments

  • Lucky Jim
  • 13/10/08 31/05/09
  • not a depositor
  • Offline
Posted: Fri, 10/07/2009 - 07:28

ng's blog on SEO is fine. Everyone with a website wants to be top of the list on search engine ranking! However a lot depends on what your website is about & what you want it to do for you. If you are selling a whale in Worcester you will come out top of page 1 of Google! if you are selling widgets then you might give up wading through Google pages to find your site!

Inevitably there are several pages of sites on searching under 'Kaupthing Isle of Man'. There's only one KSFIOM for a start so anyone with a website relating to the bank is likely to get in the picture within a few pages. It is good that the DAG public site has a high ranking on a search.

www.kaupthingiom-dag.co.uk is not in competition with the official site, but it has had over 2000 hits in less than 4 weeks which shows that it is popular with DAG members. Currently the site ranks 24 on Google and 12 on Yahoo. I suspect that the ranking of the site might have been much higher but for the fact that it is designed as a 'frameset' for easy navigation, and Google isn't too keen on frameset websites! Nevertheless it is moving up the Google ranking.

Interesting though is my blog http://ksfiom-blog.blogspot.com is in 8th. position on page 1 of Google and is top of page 1 on Yahoo!

At the end of the day the DAG is 'high profile' on Google & Yahoo & that is all that matters! (:

3.166665
Your rating: None Average: 3.2 (6 votes)

Comment viewing options
Select your preferred way to display the comments and click "Save settings" to activate your changes.

www.kaupthingiom-dag.co.uk suggestions

  • ng
  • 11/10/08 31/12/20
  • a depositor
  • Offline
  • Fri, 10/07/2009 - 11:29

LJ some pages you might find worthwhile:

You might also want to consider whether it's a good idea (from a security and privacy perspective) to be providing statistics and IP addresses of your visitors to a small company based in Cyprus, specifically Targetica Online, 12a Gregoriou Afxentiou Avu, Scouros Bldg, Office 55, Larnace 6023. Do you know and trust them? You should, as you are telling them every time somebody visits your site (IP address plus any browser and cookie data available.) On top of that there is the significant security risk that they could take control of your users' browsers, redirecting to another site, displaying an entry form to attempt phishing and so on.

Let me know if you need further explanation.


@ng -- not a problem!

  • Lucky Jim
  • 13/10/08 31/05/09
  • not a depositor
  • Offline
  • Fri, 10/07/2009 - 15:05

ng - thanks for your comments. I am familiar with the sites to which you refer.

www.kauthingiom-dag.co.uk has W3C validation as a frameset site (see here) , has been tested on a number of browsers and does the job it is designed to do!
My backlink software shows no evidence of a link to any suspect sites. No one has reported any problem as a result of visitng the site. On the contrary many have mailed me expressing their gratitude for the site.

As we all know anyone browsing on the internet can be 'watched' in a number of ways as to where, when & how they are visiting websites and that is one of the reasons why everyone should have good internet security software incorporating a firewall, spyware, anti-phishing etc..

The DAG Dupral chat forum site is in a different bracket & indeed it has been 'invaded', so by its very nature requires special inbuilt security. Members may be assured that the alternative public site is a safe site to visit.

I have no wish to engage on the forum in some sort of clash between webmasters -- we have enough problems trying to accomplish the DAG's Mission without introducing IT technicalities! So if you do not accept the assurances I give then do please drop me a line to point out in what way it poses a risk & I will be only too happy to sort it immediately.


Security loophole on www.kaupthingiom-dag.co.uk

  • ng
  • 11/10/08 31/12/20
  • a depositor
  • Offline
  • Fri, 10/07/2009 - 17:19

LJ you decided to come in here spamming my post about SEO with yet another shameless promotion of your "alternative" site - surely all you needed to do was post your comments on your site for everybody to see them? This is not about some "clash between webmasters", it's about the fact that your site is not secure due to cross-site scripting and if you insist on continually promoting it here it is only right for a security warning to be given.

My advice to all visitors of http://www.kaupthingiom-dag.co.uk is to turn off javascript, or better still use Firefox with the NoScript plugin (it allows javascript to be easily disabled on a per-site basis.)

To avoid LJ's potential embarrassment I tried to give him some pointers without actually spelling out that there are numerous issues on the site, not least of which that its in danger of copyright infringement due to framing other sites (see the wikipedia article.) W3C compliance has nothing to do with it, since that's about correct HTML structure, not usability, security nor copyright infringement.

Safe?

As for: "Members may be assured that the alternative public site is a safe site to visit" - well that depends on ones point of view and level of understanding of the issues. Would a simple list of IP addresses of a thousand or more site visitors, i.e. probable KSFIOM depositors, be of interest to "evil" third parties? Possibly. How about a full log of everything they type into their browser after visiting that site?

LJ, there's nothing wrong with not understanding the issues, only with pretending that you do. You clearly don't understand the security issues of running javascript served by third party servers that you have no control over, let alone making matters worse by running them inside a frameset so that they can remain active when the user browses to another site yet framed by your page. The fact that the third party in question is a small company in Malta is arguably irrelevant (it could be worse!) Of course you've had no complaints because most of your site visitors know little more about the topic than you do. A clear case of a little knowledge is dangerous I'm afraid.

So, I'll spell it out:

You're serving third party javascript loaded from a remote site (not your site) which will be run by the browsers of your trusting site visitors without their knowledge. That means the remote site will automatically get a log of all IP addresses of visitors to your site. But that's failry minor - the big issue is this: That script could be updated at any time by the people who run that site (the crowd in Malta that I referred to.) Its functionality could be changed at any time and I'm absolutely sure you wouldn't notice such a change and nor would 99.9% of your site visitors. A change could easily add "functionality" to do url masking, click tracking, keyboard tracking (i.e. logging what you type, passwords, account numbers, etc.) Basically you're facilitating a potential man in the browser style attack via javascript.

But it gets worse - because your frameset makes everything appear that it's coming from your site, your trusting users are more likely to download run anything you offer (in fact provided by the evil third party script but they may well not notice that.) So there's a good opportunity for installing further trojan in binary or active-x format.

Don't panic

But before anybody panics .. it's relatively unlikely that a trojan javascript could hook into things like your online banking, because those sites at least would almost certainly take steps to defeat remote frames and background javascript that may be running, typically by opening a new window or at least performing a full-page refresh. The latter is the approach now implemented here - due to unacceptable framed links from http://www.kaupthingiom-dag.co.uk - if you use a link there to come here, you will now see a security warning message. In any case, the level of risk depends very much on which browser you have, and whether any new loopholes are discovered in cross-frame security, etc.

Nonetheless, LJ there is still a very real risk by running any remotely served javascript whether it comes from Malta, the IoM or Nigeria. "Members may be assured that the alternative public site is a safe site to visit" - you have NO IDEA - the people that know the answer to that are the crowd in Malta, so maybe you should check with them? Of course, most likely they're bona fide, after all most people are. The problem is that there's no easy way to tell.


www.kaupthingiom-dag.co.uk is a SAFE website

  • Lucky Jim
  • 13/10/08 31/05/09
  • not a depositor
  • Offline
  • Sat, 11/07/2009 - 09:52

The use of Javascript is common to millions of websites & is used extensively on the Chat Forum site to collect a whole mass of information about what members do when they visit the site.

However, so that everyone can have complete assurance & peace of mind about www.kaupthingiom-dag.co.uk I have removed javascript from the website.

The website only exists because members felt the need for it and because it is paid for through the generosity of someone who supports the DAG's Mission.

There is no covert motive behind it. As stated on the site:

This website www.kaupthingiom-dag.co.uk is running in tandem with the existing Depositors' Action Group public website. It has been especially designed with two objectives in mind:

  1. to offer depositors an easy to navigate website that gives them the essential facts along with up-to-date progress reports on efforts to recover all of their money;

  2. to offer the public the facts of the demise of the Kaupthing IoM bank, and the depositors' just claim for a return of their money that was put in the trust of a solvent, triple-A credit rated bank. The bank lost its licence due to a serious regulatory failure on the part of the Island's Financial Supervision Commission & the Directors of the bank.

    It is hosted by a highly respected UK-based internet services provider and registered by Nomintet which is the .co.uk domain name registry in the United Kingdom.

Members can have total assurance that unlike ng's Chat site I do NOT have or need the fascility to know the IP address (& other information) of DAG members accessing & using the website.

The site is SAFE so there is no need for members to change their browser's settings.


"I have removed javascript

  • ng
  • 11/10/08 31/12/20
  • a depositor
  • Offline
  • Sat, 11/07/2009 - 11:01

"I have removed javascript from the website."

Untrue, though you have removed the one especially dodgy third party one.

"The use of Javascript is common to millions of websites..."

True, and you won't find a single properly run site, let alone a corporate site, that uses remotely served javascript from unknown third parties..

"...is used extensively on the Chat Forum site..."

Also true. The difference is that ours is either fully controlled here, or from a recognised and trusted major organisation (specifically Google.)

"...to collect a whole mass of information about what members do when they visit the site."

Is it indeed? Can you describe in a little more detail the "mass" of information the scripts purportedly collect about what members do? Give a few examples maybe? Just one example perhaps?

"...I do NOT have or need the fascility to know the IP address (& other information) of DAG members accessing & using the website."

Untrue. You just don't know how to do it.

"...hosted by a highly respected UK-based internet services provider..."

True. You still have no idea who the people in Malta are, do you? The ones to whom you were effectively giving IP information of all your visitors and the ability to potentially run whatever javascript program they wanted to in your visitors' browsers.

LJ, what bothers me is you waffling on to DAG members pretending that you know what your talking about when in reality you clearly don't. That's worrying, because many DAG members rely on input from relatively few knowledgeable members, whether it be about financial, legal or IT matters. If there were somebody on here waffling on about IOM liquidation law as if he knew what he were talking about, that could be very dangerous. Other members who genuinely understood the topic would hopefully point out the inaccuracies.


There's no javscript on www.kaupthingiom-dag.co.uk

  • Lucky Jim
  • 13/10/08 31/05/09
  • not a depositor
  • Offline
  • Sat, 11/07/2009 - 16:15

I can give members categorical assurance that there is no javascript on www.kaupthingiom-dag.co.uk. Any member can access the source code of any of the site's pages if they wish to check, simply by a right click of the mouse.

My thanks to all those who have e-mailed me to express great appreciation for my efforts on behalf of the DAG's Mission and their support for the alternative website.


Agreed

  • ng
  • 11/10/08 31/12/20
  • a depositor
  • Offline
  • Sat, 11/07/2009 - 17:03

Agreed now there isn't. But there was when you made your prior claim, wasn't there? Admittedly nothing dangerous, just an annoyingly intrusive little function that tried (and failed) to defeat right-mouse button functionality. It's gone now, as if by magic. LJ, you're not doing yourself any favours by this blatant cover-up, admitting that you made an honest mistake would have achieved more.

Anyway, as you pointed out, there's nothing intrinsically wrong with using javascript - it's very useful. In much the same way, there's nothing intrinsically wrong with using Microsoft Word, also very useful - unless perhaps your copy was given to you by a bloke down the pub who you had never met before.


ng has confirmed the site is SAFE

  • Lucky Jim
  • 13/10/08 31/05/09
  • not a depositor
  • Offline
  • Sat, 11/07/2009 - 19:51

I respect ng's IT expertise and thank him for now confirming that www.kaupthingiom-dag.co.uk is a safe site to visit. (:


representations

  • manx-person
  • 17/10/08 31/05/09
  • not a depositor
  • Offline
  • Sat, 11/07/2009 - 16:29

I am not sure I would rely on your assurances and representations.

You have stated that the DCS "will not cost the IOMG a penny" and when challenged just disappear.

You represent opinions as facts with no corroboration.

Similarly, I think this bold assertion will be made here, and a few bluster comments made, and then will disappear from attention.


subtex?

  • manx-person
  • 17/10/08 31/05/09
  • not a depositor
  • Offline
  • Fri, 10/07/2009 - 18:45

As a non-depositor I have been accused a number of times of having a hidden agenda.
If I had set up an "alternative free DAG" site to promote this agenda I wonder what would have been said?


Hidden agendas and mysterious people

  • ng
  • 11/10/08 31/12/20
  • a depositor
  • Offline
  • Fri, 10/07/2009 - 19:26

manx-person I think most regular readers here know what your background and motives are - you've made no secret of them. But I did suggest recently (you may have missed it) that you fill in the About me section on your profile page - it may help you and others. In case anybody doesn't know, you can read some limited information about other members by clicking on their user name where you see it shown as author of a post (on the left of this comment, for example.) The About me section will be included if that person has written one.


Hidden agendas and mysterious people

  • manx-person
  • 17/10/08 31/05/09
  • not a depositor
  • Offline
  • Fri, 10/07/2009 - 19:58

I didn't miss it, I did read what you said. All sounds very sinister "what my motives are" but thanks.
I'm not a mysterious person - Ask a member of the DST or HNW who have met me if you need de-mystifying.


Hidden agendas and mysterious people

  • ng
  • 11/10/08 31/12/20
  • a depositor
  • Offline
  • Fri, 10/07/2009 - 20:23

To clarify manx-person, I didn't mean to imply by my choice of title that you were such a person, only that the situation does exist. In reality, anyone who is not a depositor is likely to be treated with some degree of suspicion and perhaps rightly so (especially if they run an "alternative" web-site and then repeatedly try to lure members away from this one at every opportunity.) Whatever anyone's true motives may be, the About me area is one place where individuals can provide some further information to explain their presence here. Personally, I start getting suspicious when people start claiming to know things which they clearly don't, it makes me wonder why.

Anyway, to enter your About me information you need to edit your account settings. Go to account, edit, optional or click here. Please note the warning given there about providing information which might allow you to be personally identified. Nothing wrong with that, so long as you know what you're doing.