GroupHelp.NET - Easy everything!

Phishing, the highly illegal scam of tricking people into revealing their logins and passwords by creating fake emails, Twitter messages, and/or websites, does not actually make phishers a lot of money. A new paper (PDF) by Cormac Herley and Dinei Florencio from Microsoft Research argues that the basic laws of economics still apply to phishing. As phishing becomes easier, and as 'phishing kits' are being sold for less than $100, the actual income for each individual phisher has to come down. Phishing has become a "low-skill, low-reward business."

Sponsor

While, as the authors point out, the media has portrayed phishing as an easy (and illegal) way to make money, the reality is that too many phishers have joined the fray and that the income per phisher has been greatly depressed because of this.

Phishers typically sell the logins and passwords they have harvested through their scams to other criminals online, who can then easily commit identity theft.

Losses from Phishing Have Been Exaggerated

The authors also argue that the economic losses from phishing have been greatly overstated. Herley and Florencio argue that the numbers don't 'survive basic sanity checks,' yet are widely quoted. At the same time, these mythical numbers lead more phishers into the business, which then depresses the per person income even more. According to PayPal's chief information security officer Michael Barrett, phishing "is not even in the top five threats" that could cause losses at PayPal.

Why Phishing Will Continue

The paper, however, also points out that this lack of revenue does not mean the end of phishing. Phishers, the authors argue, are not necessarily making rational economic decisions. Instead, their vision is clouded by by hopes of 'hitting the jackpot' (even when revenue is going down), and a constant barrage of reports of 'easy money' that will lead phishers to believe that revenue will go up again. Also, because phishing is generally considered to be very 'easy,' a constant stream of newcomers will replace the retired phishermen. The authors note that this cycle can only be broken through providing better information about the economic reality of the phishing business to potential phishers.

(hat tip to Steve Ragan at the Tech Herald)

CC-licensed image courtesy of Flickr user ToastyKen

Opera plans to unveil a new version of its SDK today that will allow Opera's partners to create a more uniform browsing experience across multiple devices and platforms. The new version of the Opera Devices SDK now gives developers access to Opera Link, the company's bookmark synchronization service. Once device manufacturers start integrating this, users will be able to easily access their Opera bookmarks from their mobile phone, desktop, or Wii.

Sponsor

Opera's Devices SDK allows hardware manufacturers to build browsers for their hardware devices like TVs, media players, cell phones, or gaming consoles.

This synchronization feature was already part of Opera's desktop browser, but version 9.7 of the SDK will also give developers the ability to integrate it into their own devices. According to Opera's CEO, Jon von Tetzchner, Opera wants to give operators the ability to create a unified experience across their triple-play offerings and on phones, computers, TVs (or entertainment devices like the Wii).

Opera Zoon

The new version of the SDK also includes Opera's new hardware-accelerated zooming capability for devices with small screens. While not as elegant or intuitive as Apple's multi-touch gestures, Opera Zoom, which saw its debut on the Nintendo Wii, does work quite well.

Syncing Bookmarks as Competitive Advantage

Opera already syncs its bookmarks with the online version of Opera Link, but it would be great if Opera also allowed you to sync with other online bookmarking services like Yahoo's delicious. Other devices like the iPhone also allow users to sync bookmarks between the desktop and mobile phones.

Now that web browsing is slowly becoming a standard activity on mobile devices, being able to keep bookmarks in sync is clearly starting to become more important. Opera is in a good position to leverage its experience in cross-platform development here, though Mozilla and other browser developers are also working on similar projects.

Commenting on blogs is - by and large - broken. Designed with the hope of proffering interaction among bloggers and readers, commenting has generally devolved into a series of one-off responses with little actual conversation. Why? It's not designed to facilitate conversations. That's why you see any number of people - Intense Debate and Disqus, most notably - working to provide technology that enhances the conversational dynamic. Now, a new open source project from Jim Jeffers promises to enhance commenting in a way that is both natural and conversational. Meet Encouraged Commentary.

Sponsor

The new commenting features - built using jQuery - take their inspiration from Ubiquity, allowing users to highlight the sections of text that prompted them to comment and immediately respond. Using that context, Encouraged Commentary begins to string conversations and content together.

Encouraged Commentary currently offers three compelling features:

First, highlighting any section of a post avails a "respond" button that allows users to immediately comment. Clicking respond grabs the highlighted text and adds it - in blockquote - to the content of the comment, simply and easily referencing the exact passage that the user is discussing.

Second, working with comments, themselves, offers additional functionality. Highlighting and clicking respond within a comment automatically establishes the familiar "@user" addressing to make the intended recipient aware of the conversation directed at him/her. The highlighted text, again, is brought into the comment for reference.

Third, the connections among comments are tracked. Mousing over any commenter's name reveals a list of his or her other comments in the thread. Clicking on list items allows users to "jump between related comments and responses quickly" - something that threaded conversations have been working to capture. Reply and Quote buttons allow the user to jump into the conversation without highlighting.

Granted, the young project is not without its rough spots. Users are reporting issues with IE (shocking, I realize). And some of the implementation of the concepts could use refinement. No doubt that will come as more people engage in the project.

But those issues are easily overlooked. Because what is most compelling about this approach is the natural conversational dynamic that Jeffers has captured. You do what seems natural: highlight and respond. And you do so with context. That dynamic provides both Encouraged Commentary with content and the "hooks" to track the history of the conversation without adversely impacting the user. What's more, it provides a series of reference points that encourages new users to enter the discussion - and to do so just as easily as the conversation began.

If we see widespread adoption of this sort of thinking, it's quite possible that we may see the conversation returning to comments.

To see Encouraged Commentary in action or to try it yourself, visit Don't Trust This Guy, Jeffers' blog. To download the source code, visit the Encouraged Commentary project on GitHub.

A new report from Forrester presents a cost analysis of cloud-based email systems in enterprises, such as Google Apps or Yahoo!'s Zimbra. In the report, Forrester argues that cloud-based email services are cheaper than running email on-premise for all companies with less than 15,000 employees. What's more, Google Apps is significantly cheaper than both on-premise solutions and other cloud-based email services - even for very large enterprises. This could spell trouble for Microsoft, as we explain below.

Sponsor

Despite the cost benefits, at this point most companies (56%) are looking to implement a 'hybrid' model of on-premise and external email services. Just 19% plan to migrate their entire email base to a hosted or managed email provider.

Forrester's cost analysis (outlined in full in its report) shows that for the "Information Worker" segment, a large portion of many modern enterprises, cloud-based email is often cheaper. Forrester concluded that "cloud-based email is always cheaper for companies with fewer than 15,000 users".

The following chart of various options is interesting, because Google Apps comes out significantly cheaper than Microsoft Exchange Online - and other cloud based email options. Also interesting is that Microsoft Exchange Online Standard is about 10% cheaper than many cloud-based providers - due to its economies of scale no doubt. One wonders whether Microsoft will be forced to drastically reduce its pricing for Exchange Online, in order to compete better with Google Apps; although that of course comes at the risk of under-cutting one of the company's cash cows, Microsoft Office.

Source:" Forrester; the above figures are based a scenario for 15,000 employees with email.

Even as the number of employees increases, Google Apps remains by far the cheapest option. Of course there are other factors to consider other than price, but even so these figures are striking and are likely to be very pursuasive for many enterprises over the coming years.

Lastly, there are some interesting comments in the report about about the low price point of Google Apps. Google told Forrester that it "uses automation and massive scale to achieve an order of magnitude lower cost of service than a typical enterprise." This led Forrester to believe that "Google can make money at this price, and that the service will handle some firms' or users' needs well, including its bigger customers like Genentech and Avago Technologies."

However Forrester noted that it is unsure how much focus Google will give to the service. Also Forrester suggested that Google Apps still needs "better mobile support, an offline email and calendar client, and a clearer view of the product road map."

Note: Forrester released a companion report, entitled Should Your Email Live In The Cloud? An Infrastructure And Operations Analysis, that digs deeper into the technical issues around cloud-based email.