I noticed a lot of shady websites use ads with multiple redirects before showing the content of the ad.
I do not want to link to any of these (propably) illegal content distribution sites, but this effect is easily found when browsing through streaming sites for TV series and stuff like that.
Basically, it works like this:
User interaction (mostly click) opens popup
popup shows firstdomain.com without content
redirects to seconddomain.com
redirects to thirddomain.com
...
finally shows the ad, often a legit one, but this varies from sports betting to adult social media
Is there any upside to these multiple redirects? And why are they set up this way?
You're likely to be thrown from one TDS to another
A TDS is a web based gate that is able to redirect users to various
content depending on who they are. A TDS is able to make a decision on
where to send a user based on criteria such as their geo-location,
browser, operating system, and whether or not they have been sent the
malicious content already. There are many legitimate uses of TDSes,
but there are also specific TDSes (Sutra, BlackOS, NinjaTDS etc.)
written for malware actors
Also from here:
As discussed above, TDS are not malicious elements per se within the
Internet ecosystem, as they are very useful for the operation of
e-commerce and online marketing, but also constitute a good malware
distribution platform.
...
To avoid detection and make it difficult to track these downloads, it
is possible to link several TDSs between them
Related
A new client of mine has asked for us top recreate their small recruitment website. The main site is going to be done using Zend Framework 1.11 and mySql.
It is medium/small website for a team of two consultant recruiters which lists available positions with various companies and allows candidates to upload CVs and search for positions as well as displaying general information about the consultants.
They have asked that we also create a site capable of displaying on mobile devices (iPhone and Android) using a sub domain of their main site.
My question was this: Is it possible to point the mobi.myclientswebsitedomain.com to the www.myclientswebsitedomain.com site and simply change the layout used based on the detected device?
What is the best way to achieve this with the least effort?
Many thanks for any advice
John
Point your mobi. subdomain to the same webfolder as your www. domain. In your ActionController write conditional statment which will load different css files depending on the current subdomain.
We are looking at building a b2b application for the iPhone. A major concern is the possible delay in publishing updates to the applications. I would like to believe that all updates will be orderly, but the reality of a newly found bug for a client or an upcoming trade show could mean that updating the application NOW is critical. Even an "expedited" day wait would not be acceptable.
One option I have thought of is having a flag for each page that we send down when the user logs into our server. If the flag is set, then instead of the native screen for a given page, there would be a page with a UIWebView that would get the latest HTML from the web or stored HTML loaded at the time of login.
I would prefer storing the HTML and using it "offline" because a data connection cannot be guaranteed.
The questions are:
1) Does this violate any of Apple's licensing?
2) Is this feasible or is there a hole I am not thinking of?
It doesnt violate Apple's guidelines and as far as I know you are not missing anything here...in fact, we have the exact same problem in my company (which on top of the issue that you have, we have customers that would like to "brand" the app for their users, and thats how we accomplish that) and there are no issues with apple (for now...:)). Obviously, you need to think of user experience implications...hope that helps.
While brainstorming about six years ago, I had what I thought was a great idea: in the future there could be webservice standards and DTDs that effectively turn the web into a decentralized knowledgebase. I listed several areas where I thought this could be applied, one of which was:
For making data avail. directly from a business's website: open hours, locations, and contact phone numbers. Suggest a web service standard by which businesses have a standard URL extended off the main (base) URL for there website, at which is located a webservice. That webservice as well has a standardized set of services for downloading a list of their locations, contact telephone numbers, and business hours.
It's interesting looking back at these notes now since this is not how things have evolved. Instead of businesses putting this information on only their website then letting any search engine or other data aggregator to crawl it, they are updating it separately on their website, their Facebook page, and Google Maps. Facebook and Google Maps, due to their popularity, have become the solution to the problem I though my idea would solve.
Is the way things are better than the way I thought they could be? If so then why doesn't my idea fit the reality? If not then what's holding my idea back from being realized?
A lot of this information is available via APIs, that doesn't mean that it doesn't get put other places as well, through a variety of means. For example, a company may expose information via an API, and their Facebook app might use that API to populate a Facebook page.
Also, various microformats are in use that encapsulate some of this information.
The biggest obstacle is agreeing on what meta-information should be exposed, how it should be exposed, and how it should be accessed.
I'm thinking about doing a mobile version of our website. Some people says it's a good idea to let mobile websites have their own domain name (ie m.domainname.com) as oppose to the same app handling both mobile and desktop requests. What are some pros and cons of these two approaches?
My technology stack is ASP.NET MVC2 + MySQL.
This is more a strategic issue for your business. A lot of the larger vendors seem to use a suffix because it allows the end browser to be sure it is viewing the correct version of the site.
So for example, if I am using my smartphone to view a site - sometimes I will be redirected to the subdomain because there is code that determines through the session exactly what browser (and version) I am running. The redirect will then cause me to go to the new site. A problem arises when a situation arises that the code wasn't written to deal with. If I connected with a bespoke browser - how would the site determine that I was on a smartphone? Sure there is additional metadata that can be gathered - but what happens if my bespoke browse purposefully conceals that information (perhaps because it is not designed to view general web pages)?
The subdomain prefix gives the consumer a choice. They can view the normal site in their smartphone - and risk that the web pages may render incorrectly, etc.. Or alternatively they can enter the subdomain and view the site using the correct CSS for a smaller screen, alternatives to flash, and other technologies that smartphones require to view a site correctly.
If you want to play it safe - use the subdomain approach like we do. The big companies all seem to adapt this approach so why try to go against the grain. Remember - 99.99% of development is just doing something someone else has done before you (more or less) so learn from their mistakes.
I'm nearing the completion of migrating our existing website to a CMS and I've just finished creating all the various contact forms. The CMS I'm using has CAPTCHA built into it's form builder, which is great, but the only method available is the "decipher-the-noisy-image" method.
This approach works well, but it limits access for people who might have reading or sight disabilities. I've worked around this by having a "help" page which allows those with disabilities to contact us by telephone and I'm considering having a single-field form which says "Send us your email address and we'll contact you". Accessibility is of particular importance to me as a web developer, but from an organisational perspective; so is reducing the amount of form spam we receive.
So what I'd like to know is, has anyone in the community had any experience with other CAPTCHA methods and how have you managed to make them accessible to people with disabilities?
As a blind person I find that recaptcha is one of the better CAPTCHA services out there as far as an audio option. The issue with using sms as the only alternative is the fact that many visually impaired users don't have cell phones that allow them to read text messages.
A good captcha, like reCAPTCHA, usually includes an audio CAPTCHA. Also I have seen a site that will
send a SMS message and you enter the code in the sms (Google-gmail will do this).
I am very interested in this because I am implementing a CAPTCHA in jQuery right now.
Many sites, including this one I believe, have an option to play noisy audio with embedded spoken numbers, as an audio equivalent to the traditional CAPTCHA image.
I find the result pretty spooky, actually. Reminds me of numbers stations.
As Michael said, audio with each character of the CAPTCHA text spoken for better or worse is a common option provided. If your CMS is PHP-based or if PHP is available on the hosting infrastructure you are using anyway, here's an open source CAPTCHA application with an audio download option:
http://www.phpcaptcha.org/
I've implemented a production site with phpcaptcha, and it works as advertised.