A common attack method of gaining access to a login is to brute force attack. That means on a login page, you enter a username, and then put in a random password. If it fails, you repeat. And repeat. Ad nauseum. If the user uses a simple password (eg ‘food’ or ‘password’), after enough attempts you will eventually guess the right password.

So to stop such behavior, software like vBulletin gives you five tries to get it right. If you fail, you get locked out.

Facebook extended it intelligently - if you fail enough times (I think I failed six times), it doesn’t just lock you out - it also redirects you to the password reset feature. Fill that out, and voila! You are back into business.

A nice little touch since vBulletin (and similar) lock you out for 15 minutes, regardless of you trying to reset your password.

Just a nice UI touch to have.

From the nuts and bolts to how you present data to your visitors - you can squeeze speed out in many ways.

The (relatively) popular talk is about optimizing the user-download sequence to wring out as much performance as you possibly can. I’ve talked about this in the context of CSS sprites (great for speed oomph).

But there are other things you can do at the server-level that often get skipped over.

Two quick examples:

Our weather widget is pretty popular. It is now used on over 200,000 unique pages. Every pageview on one those pages = a call to our server. So of course we cache the HTML we output, but that still means our hard disks get hit for every request. So we looked closely and saw that the cache never grew bigger than 2 gb. The solution? A server with 8 gb ram, 4 gb for normal memory options, and a 4 gb ramdisk that is used for the cache output. This saves a lot of wear and tear on the HDs themselves, while letting us respond faster than ever.

Second example - re-writing URLs. Often times people use mod_rewrite through a .htaccess file. The problem with that is say you have a file 5 folders deep: /home/folder1/folder2/folder3/folder4/file-here Every time file-here is called, the server is checking all five folders for the existence of a .htaccess file. If it finds one, it has to open it and read it. The solution is to edit your configuration file (eg apache’s conf file) and put the mod_rewrite there. This way you save five file checks (and potentially one or two file reads) for every single hit.

This is of course just the tip of the iceberg - a lot of other things you can do to wring out more out of your server(s).

Don’t know if that is a word, but frankly don’t care

I went CRT-free 5.5 years ago, and went dualie 4.5 years ago. Best idea ever - my eyes thank me, and having two screens is great for segmenting work.

I just ran into Ultramon, and I can’t believe I wasn’t using this app.

Beyond the various features it does have, each screen has its own taskbar (this is Windows only). It already feels much better

So - how do you keep track of contacts that you met?

At ILM:07 I met about 50 people whose business cards I ended up with. Shamefully there are some people whose cards I look at now and think ‘huh?’ In my defense they have glossy cards which make it impossible to write on. Note to myself and anyone else reading this - glossy cards are cool, but don’t use them.

A contact is more than just a name + email - it is a budding relationship really. So just like we created ePM to handle our project management requirements (enthropia Project Management), we are creating a basic eCM (enthropia Contact Manager) to keep all of our relationships in line. This means companies, people, to-do lists, calendar events, and so forth.

If you haven’t already - it is critical you make sure you are organized about your contacts.

No other way around it really - sometimes you do things that don’t work out. Sometimes you have to change your tracks (after you already changed your tracks).

The recent ILM:07 was fun. I still have about 3-5 posts to write on it. And I will.

But for now - we’ve placed a moratorium on our city sites.

Whew - its 2:10 am, and I’m finally home. We were stuck in the plan for roughly 2 hours due to excessive rain.

Overall - great show. I had a lot of fun and I learned a lot.

But - lets start off with the one negative (or I guess two).

I listened in one the UGC (user generated content) panel. It was a conversation - which I much prefer so that I don’t have to listen to implicit (and sometimes explicit) sales pitches.

So the participants were ZipLocal, Local.com, SuperPages.com, and YellowBot. Now - I don’t want to be the enemy here, but exactly why were ZipLocal or Local.com even on the panel? ZipLocal has had UGC content for roughly … oh, exactly one month today (Dec 1). Local.com has UGC … where?

Regardless - there was a lot of hyperbole on how great and fantastic UGC was. Listening you would imagine you put up UGC, take out your cigar, and puff away with your feet on your desk while people trip over themselves to flock to your website so that they can make you billions. There was very little ‘but to do it properly is tough.’

So when it came to question time - I stood up and essentially asked: “We hear a lot about how great and simple UGC is - lean back and the money will come in. But this seems rather naive - I would imagine there is some effort involved. How do you actually get users involved and participating?”

So what was meant as a question to all four was answered by PremierGuide. But it wasn’t really - I heard about aggregating content and you need to work with everyone. How does that answer my question? While the moderator moved on I wasn’t satisfied. I re-asked my question - that answer didn’t answer what I said, and I wanted something more meaty.

SuperPages.com came to the semi-rescue. She agreed that it was hard, that it was tough, that they try to lead users with suggestions to help participate. I was hoping for more meat - rewards, ‘promoting’ helpful users, pushing away unhelpful users, and so forth. Essentially temper all the exuberance that was bubbling around. At the same time - this was Q&A time, and I can understand and appreciate the response she did give.

And secondly - why weren’t we allowed to ask Marchex any questions? My question I was going to ask:

As a company, you were formed to acquire Yun Ye’s portfolio of domains. At that moment, you were essentially a domain company. So while you are you still part of the domaining community, you have pretty much morphed into a local-oriented site. What do you intend to do with non-geo domains? Are you going to stick with parking them, sell them off, or is there a plan for some other division inside Marchex to develop them? And if your plan isn’t to keep them parked, what will you be doing with non-US geodomains like Beijing.com?

I’m still confused about who Marchex thinks they are (at domain conferences they rarely mention ‘local’) - is this a semi-identity crisis in play here?

As people sometimes lose focus - of all the conferences I’ve attended, this was the most successful one I’ve ever been to. I’m already planning a booth for next years. Still - wanted to start with the flaws before getting into the good stuffs.

Because stats are just so delicious.

Automated them.

If you are doing a task that is repetitive and can be automated - you need to.

If you are doing a task that can be automated - you really need to. Even if it doesn’t seem obvious or is complicated - the hours spent figuring it out is worth it.

Case in point: I am in the process of figuring out some automated analytics. The system interfaces with a dozen partners and sites, all building up information on various sites - revenue, click rate, traffic, etc. If done right it should lead to a profit of $250,000 within the first year. Roughly 100 hours will be spent on the project.

After that it is 95% automated - our partners will then take care of it all. We only get involved in completing payments.

The USD vs CAD chart on Yahoo pretty much sums up my experience with the USD.

Being a Canadian company, when we started we had roughly 1 USD = 1.5 CAD. Now the rate is at 1 USD = 0.95 CAD. And it hurts. My spending power outside of the US has been dealt a blow to the gonads.

But there is an unexpected reversal - our consumer-oriented business is seeing a spike in business outside of the US. Case in point: vB Skins. We charge roughly $600+ USD per custom template (and we’ve done over 100). A year ago I would have said 95% of our customers are from the US. Now I would say it is roughly 40% US, 60% overseas (just last week we sold 5 skins to 3 different EU customers).

So - yes the USD is hurting. But the world is far bigger than the US. This is a grand opportunity.

At least that is how I see it

Andy Sack has posted what he thinks are the two biggest mistakes Judy’s Book made.

The first one is one we have battled with too. How far can we push on our users? MySpace was jump-started with spam-emails to a lot of people - but who remembers that now? Ditto for quite a few other ’social’ sites.

But the other problem was - they pushed national to quickly. They lost focus on the consumer. Which is what I’ve argued with our own site - communities need attention, and going national is the antithesis to that attention. This was a big reason why I never bothered with VCs anyway. They all wanted to go national, and to me that was the surest way of losing focus on community.

You never hear people say “Damn, I shouldn’t have listened to my gut.”