DaveBarousse.com

If you use the MyBlogLog Recent Readers widget on your blog, you may have noticed some interesting visitors to your site recently. The two main characters that I have been seeing on numerous blogs that I read are vote4cleo and litllolita. They appear to be two young females soliciting votes to become famous models, but when you dig a little deeper, these girls aren’t who they say they are.

So who is the wizard behind the curtain? My guess would be DeluxeOnlineRewards.com, or some affiliate of theirs, trying to scam your vistors. How are they scamming my visitors, you ask, they seem like two young attractive females simply trying to get a little exposure. That’s exactly what most people think, but lets go through the process so you can see exactly what they are up to.

You start off by finding a photo of MyBlogLog user named vote4cloe on the front page of this site. Among all the normal readers that usually show up there, she seems a bit eccentric, so you click on her photo or name to see her MyBlogLog profile.

Once landing on vote4cloe’s MyBlogLog profile page, you have to click through to her site that is listed in the “Sites And Blogs That I Author” section. That’s pretty common as bloggers often check out the blogs of visitors who show up in their MyBlogLog widget (I often do). Plus, they entice the desire to click through with this little bit of text, “Help Cleo become a Victoria’s Secret Model!” I think that would grab the attention of most men and a lot of women.

As you’ll see after clicking through, you land on vote4cleo’s Myspace profile. Notice her bio is all about her trying to be a Victoria Secret model and some drama about it being her lifetime dream. Also notice the huge bold link that reads, “Click Here To Vote For Me!” After clicking on that link is when the fun really begins.

When you click through vote4cleo’s Myspace profile, you’ll land on a page that looks like a page owned and operated by Victoria’s Secret (notice how they call it Victoria Secrets). The text says that if you participate in their offer you’ll earn a $500.00 gift card. To kick off the process, there is a form in the middle of the page for you to enter your zip code. Since vote4cloe is trying to be a Victoria’s Secret model and the web page appears to be legit, this all seems normal.

You are excited about getting $500.00 so you enter your zip code. You are then taken to another form asking you to enter more personal information. Of course you want to get your $500.00 gift card, and you trust Victoria’s Secret, so why not fill this out? Before doing that you may want to have a look at the fine print back on the page with the zip code form.

DeluxeOnlineRewards.com IS NOT AFFILIATED OR ASSOCIATED WITH AND HAS NOT RECEIVED ANY CONSIDERATION FROM ANY OF THE ABOVE ENTITIES

THIS IS AN ADVERTISEMENT*Notice: To claim your reward you must participate in our program and meet all of the offer eligibility requirements as outlined in the Terms & Conditions before you can receive your FREE reward. Eligibility requirements include signing up for at least 2 Silver, 2 Gold and 2 Platinum offers. Available offers will vary and some offers may require a purchase to qualify. Those qualifying for Gift Card rewards will have the option of receiving a Visa gift card or a retailer’s gift card where available.

If you haven’t figured it out by now, vote4cleo is NOT a young attractive female trying to become a Victoria’s Secret model. She is an online marketer trying to get your information to sell. If you’ve made it to the page with the form asking for your email address, city, state, age, etc. then you are only a few keystrokes away from making vote4cleo a good bit of cash and increasing the amount of spam in your inbox.

After entering your information and submitting the form, you are taken to a page where you have to select at least 6 of the “offers” that are mentioned in the fine print above. Those offers include subscriptions to services such as Dish Network, Columbia House, Bad Credit Loans, etc. What happens here is the marketer will be getting paid for each lead they generate with your information. If you finally make it this far, congratulations, you’ll get your $500.00 gift card. You’ll then need to use it to pay for the 6 or more subscriptions you just signed up for.

This entire process may seem a bit strenuous, but it is obviously working for these marketers as we see these types of campaigns all over the internet. They wouldn’t be putting forth so much effort to dupe people into their offers if it wasn’t making them money. You can also see this technique used in combination with display advertisements such as the classic punch the monkey ads.

Although MyBlogLog has had their share of problems recently, I’m not convinced that this case is a flaw in their system. But isn’t it their responsibility to weed this kind of stuff out? Perhaps. But aren’t most blogs using MyBlogLog to generate traffic to ultimately sell something? Directly or indirectly, yeah, probably so.

I personally don’t want to see MyBlogLog infested with spammers, so I hope they do make it a priority to keep these kind of scams out of their community. It is fun to browse the blogs of those who visit my site. When most of the users who appear in the recent readers widget are “fakes,” I’ll be removing it from my blog.

After going through this process, one of the most interesting things to me are the comments that bloggers are leaving on vote4cleo’s MyBlogLog profile. Most were thanking her for visiting their blog, but I read several where the commenter was sincerely wishing her luck in pursuing her modeling career. That tells me that these people don’t have a clue to what is actually going on.

Marcus Frind is the guy behind the ultra successful dating site, Plentyoffish.com. In a recent blog post about his current plan of action, he laid it on the line for any aspiring entrepreneurs or business owners. Marcus had this to say:

Burn this into your brain, Success doesn’t happen, its created.

Now I know most of the people reading this are aspiring to create a business of some kind. Many will just day dream all day but never actually do anything. I was like that a few years ago, then I finally sat down and did something, and kept forcing myself to do it till it became a pattern and it turned out hugely successful. Now i’m going to repeat that and you can as well. Now when you read this, I’ll be on a beach in Mexico on my big bed watching thousands of girls stream by, and in between the time it takes you to read this and my next drink arrives I’ll have made your weekly salary. Now that is either going to make you angry, or it’s going to inspire you to go create something. The choice is yours.

That is the level I want to be operating on. Thanks for the motivation Marcus.

Is Twitter simply misunderstood or really worthless?

While reading some of the live blogging going on at the 2007 SXSW conference last week, it was apparent that Twitter was the darling company of the event. I was told by my good friend, Patrick McCarthy (who spoke at the event), that there were two large plasma TV’s set up that scrolled Twitter messages all day long. There were also reports from other bloggers that panelist were Twittering while up on the panel. I find that disturbing.

Taken directly from the Twitter home page, they explain their service as:

A global community of friends and strangers answering one simple question: What are you doing? Answer on your phone, IM, or right here on the web!

I’ll admit that the technology behind this whole thing sounds pretty cool. However, I do not understand why everyone is raving so much about the application. I know my friends don’t really care about what I’m doing, and I surely don’t have the time to worry about what all my friends are doing. Are people really that bored?

What I really think is wild is the statement made by Jason Calacanis in his recent Twitter Is On Fire blog post. Jason said:

Yes, this is the start of something big. Soon Twitter will carry video, audio, and photos… when that happens Twitter replaces IM and email and flickr 50% of the time

That is a pretty bold statement and I personally don’t see it happening. At least for me it won’t because I don’t think I’ll be creating a Twitter account any time soon. Unless otherwise convinced that Twitter is worth my time, I’d rather focus my energy on something useful and fun.

I totally understand how Twitter can be used for more than just letting your friends know what you are doing, but there are already several services currently in place that everyone already uses and are comfortable using. There is definitely room for more efficient and streamlined processes to deliver content to your friends, but I don’t think Twitter is the answer. At least not in it’s current form.

Twitter sounds like it would be fun for about 10 minutes, then would annoy the hell out of me. I also hate the name. I’m not the only one who feels this way about Twitter.

I do respect the idea and the technology driving the application. I just don’t think that the application, especially the way it is currently pitched, is worth all of the hype it has been receiving lately.

The good news is that Twitter has proven that people are ready to interact more with web applications through other channels such as IM and cell phones. That is going to be a space to watch as it will only become more popular riding on the success that Twitter has seen.

Since discovering John Chow’s blog several months ago, I’ve been hooked. The great advice, secrets of the pros, openess and transparency has keep me coming back on a daily basis. I’ve learned a lot in the short time that I’ve been reading JohnChow.com and it was actually a post that he made that motivated me to create a blog of my own.

JohnChow.com easily became a favorite of mine for several reasons. The main one being that I simply enjoy the web and the opportunities that are available online. It is obvious that John has the same passion, but he takes it to a whole new level. He documents the way he takes advantage of these opportunities and then shares that information with all of us. It also seems that John genuinely enjoys helping others who share the same passion as him. He does so by setting the example and by giving back valuable information to other bloggers.

John’s blog became popular due to his original content and the way he openly shares his tips and tricks. Since becoming one of the most popular personal blogs on the internet, John has been able to leverage his traffic and come up with creative ways to make his blog more profitable. This is the ultimate dream for a lot bloggers out there, so reading a live journal of how John is making this happen is like blogger crack for those trying to make blogging a steady revenue stream.

Watching John in action, it is really genius how he is able to take ideas like ReviewMe and turn them into an opportunity for all of his visitors. By putting in a little bit of work reviewing John’s blog, he is willing to give me an inbound link from his site. That is a great opportunity for someone like me, trying to increase traffic to a new blog. He also gives away neat little prizes to top commenter’s on his articles. Cool right?

Bottom line, if you are interested in blogging, web publishing, making money online or want some fresh new ideas on how to improve your website, pay close attention to Johnchow.com. You never know what may show up next.

I created a website with two friends of mine that allows people to submit their social networking profile, such as their Myspace profile, and then allows others to vote those profiles up within a category (digg style). In order to help Myspacer’s promote their profile and get others to vote for them, we wanted to create a badge or widget that our users could place on their Myspace page in order to campaign for more votes on their profile.

The use of widgets on Myspace pages is pretty common these days, unless the widget breaks the Myspace Terms Of Service. To make our widget stand out in the crowd, I wanted it to dynamically show the number of votes that the person currently has, along with some fancy text. Any time the person gets a new vote on our site, it would need to also update the count in the widget on their Myspace page, or any other place they may have put it on the web.

This would be a pretty straight forward task, but due to security reasons, Myspace does not allow users to put html elements on their pages that execute JavaScript or make a request to a server side scripting language like PHP (links with .php in them). I’m not very experienced with Flash, so I’m not sure if you can generate dynamic content with Flash on Myspace. I’m not even sure if Myspace still allows users to put Flash elements on their pages? At any rate, I knew what it would take for me to do what I needed to do using PHP and an Apache Mod Rewrite rule, as long as Myspace allows users to put images on their profiles (which they currently do).

Disclaimer: Use these techniques at your own risk. I am not responsible for anyone using these techniques to perform malicious acts on Myspace and their users. If you do, this could be you.

I’m not a frequent Myspace user, but after doing some quick testing, I figured out that they would allow me to add image tags to my page. After making that discovery (it was actually pretty obvious just browsing through profiles), I was pretty confident that I would be able to pull this off. Here is a quick summary of what needed to happen:

• User gets html code (an image tag wrapped in an anchor tag) from our site and adds that code to their Myspace page in order to display our widget

• When their Myspace page is viewed, the widget makes a request to our server to get an image file
• The image file executes a php script on our server, gets some information from the database and returns that information back to the browser in the form of a jpeg image

The beauty of it all is that to Myspace, it looks like the request is only for a simple image file. Plus, when the image loads on the Myspace page, it looks like a normal jpeg image to the person viewing the page. Because PHP is able to dynamically create images, the final product is actually really sharp looking.

So if Myspace doesn’t allow scripting languages on their pages, how am I able to execute a script to generate the number of votes in the person’s widget? By using some smoke and mirrors with PHP and the power of Apache’s Mod Rewrite, I am able to make it look like the request is being made to fetch an image file, when in fact, it is requesting and executing a PHP script and then sends an image back to the browser.

Because I knew that the user’s profile id needed to be sent along with each request, I had to set it up in a way that I could parse the requesting url on the server side and pass that id along in a query to get the number of votes for that user. To do that, I decided to make the url look like this:

http://www.server.com/widget/1234.jpg

As you can see, the url looks like it is making a request to get an image file. This is where the Mod Rewrite rule comes into play. The 1234.jpg file doesn’t actually exist and is in fact the profile id disguised as the name of an image file. This is a common technique used to generate friendly urls, but I think it is still pretty slick.

The next thing I had to do to set this up was create a new directory on the server that would hold all of the files needed to make the magic happen. In the example url above, that directory is the widget directory. I then created an .htaccess file that will live in this new directory and will tell Apache to turn the Mod Rewrite engine on. It also tells Apache to run any files with a .jpg extension through the PHP engine via a PHP script (that also lives in that same directory). The .htaccess file also includes a regular expression that will read anything between the final slash in the url and the .jpg file extension then stuff that value into a variable in a query string that gets passed along to the PHP script. This enabled me to access that value in the PHP script via the $_GET superglobal and ultimately it is used to read information from the database for that user.

The .htaccess file looks like this:

Options +FollowSymLinks
RewriteEngine On
RewriteRule ^([0-9]+).jpg index.php?id=$1&type=jpg

To make sure you set this up correctly, you can create a new directory on your server, copy the code above into an .htaccess file and create a PHP script called index.php in that directory. Simply make your PHP script echo the $_GET superglobal so you can make sure that the value is getting passed through. There are a few more steps that need to happen in the PHP script to return an image, but once you can get the correct value to echo in plain text, you’ll be more than half way there.

My index.php file does a few things:

• Opens a database connection
• Scrubs the value passed in to make sure it is not malicious
• Queries the database for the information for the number of votes
• Creates an image based on a template image file I previously created
• Merges the data I selected from the database to the image file I just created
• Sets the http header content type to image/jpg
• Returns the final image file to the browser and exits the script

Below is what the code for doing the image manipulation looks like in the index.php file. Of course you will also need to include the code that will check the inputs, query the database, process the result set, etc. The following code also assumes that the GD Library has been installed with PHP:

$im = imagecreatefromjpeg("http://www.server.com/images/templateimage.jpg");
$white = imagecolorallocate($im, 255, 255, 255);
$width = "241";
$height = "233";
$font = "path to font file that you want to use";
$font_size = 50;
$text = "value returned by database query";
$box = imageTTFBbox($font_size,0,$font,$text);
$image_center = $width / 2;
$text_x = $image_center - round(($box[4]/2));
imagettftext($im, $font_size, 0, $text_x, 140, $white, $font, $text);
header ("Content-type: image/jpg");
imagejpeg($im);
imagedestroy($im);
exit();

Once again I’d like to urge anyone reading this to not use these techniques to intentionally do harm to Myspace or their users. I have not personally spent time thinking about how this can be used in a harmful manner, if any at all. Perhaps Chris Shiflett can shed some light on the security issues with this, if any do exist.

Worlds colliding!

I’ve been reading Johnchow.com for some time now and always enjoy the topics that he writes about. He has openly talked about his efforts to monetize his blog and the technics that he uses to do so. When reading such posts, I often thought about introducing John to a product I was heavily involved in developing at my job called RMX Direct, but the timing was never right. Until now.

Recently, our business development team for RMX Direct purchased a review of RMX Direct by John Chow. I personally think that a lot of his readers, who are small publishers and bloggers, will benefit from this review as the product can and will increase their advertising revenue.

I think RMX Direct is an awesome product, despite my biased opinion. I have been a small web publisher for several years and have always wanted a product like RMX Direct to manage the advertising on my sites. Luckily I had the opportunity to build it, along with all the smart and talented members of the RMX Direct Team. It was a lot of fun building the product and is now even more fun watching it put more cash in the hands of the publishers.

Thanks for the review John!