SharePoint Users Beware Framesniffers
May 10, 2012
Security is a topic which is getting increased attention, particularly in the SharePoint community. I want to call attention to “Microsoft SharePoint and LinkedIn Data at Risk from Framesniffing Attacks” from ITWire.com. The Safari, Chrome, and Internet Explorer Web browsers are inadvertently allowing hackers to steal information from private Microsoft SharePoint Web sites and mine data from public Web sites like Linked In.
A Framesniffing Attack occurs when a hidden HTML frame loads a target Web site in the hacker’s Web page to mine information about the content and structure of the framed pages. The hacker can then overcome browser securities and read the sensitive information.
As explained in the ITWire.com article:
“Paul Stone, senior security consultant at Context said, “Using Framesniffing, it’s possible for a malicious Web page to run search queries for potentially sensitive terms on a SharePoint server and determine how many results are found for each query. For example, with a given company name it is possible to establish who their customers or partners are; and once this information has been found, the attacker can go on to perform increasingly complex searches and uncover valuable commercial information.”
The problem deals with the X-Frame-Options header that turns off the Web browser framing feature and in SharePoint it is not turned off by default. Microsoft has stated in the next SharePoint version they will set the X-Frame options, but until then, SharePoint gurus, it is up to you to find a solution. If your organization discovers a way to keep its information from prying eyes, you will still need a way to find the data.
Search Technologies implements solutions which are secure and do not impede findability or system performance. For more information, navigate to www.searchtechnologies.com.
Iain Fletcher, May 10, 2012
Staff Sergeant Discusses Managing a SharePoint Implementation Overseas
May 10, 2012
To be able to get the right information to the right people on time and in the right format is key for a successful business, but also imperative in a military situation. We also know that the ubiquitous SharePoint platform can deliver information access in an organization.
On deployment to Afghanistan, Staff Sergeant Jamie Leishman was tasked with managing the vital information flows and data dissemination for over 2000 users across the Brigade. Leishman designed and built a SharePoint service, and the story is shared in the Bdaily Business Network post, “Army Specialist Helping Businesses to Win the Information.”
Ultimately, the deployment of the SharePoint service in Afghanistan significantly improved the ability of the Helmand HQ to process and disseminate information. Leishman said: “One of the key benefits of SharePoint is that it creates a virtual office environment for disparate groups to communicate and collaborate, which is particularly important in military theatre where activity is high tempo and in an ever changing environment. Passing information and orders to people at the right time is critical in the military just as it is in business.
Leishman also comments on the immediate benefits that led to successful user adoption after implementation. SharePoint’s powerful features prove to meet the needs of a variety of customers, including energy firms, airports, government agencies, and nonprofits. But the ubiquitous content management software also has some holes in it, namely search. It seems the search experts at Fabasoft Mindbreeze also understand the importance of meeting customer needs and expectations with clients like the Salzburg City Council and Federal Ministry of Justice in Austria. Dr. Berthold Rauchenschwandtner of the Salzburg City Council has this to say about Mindbreeze:
Fabasoft Mindbreeze Enterprise makes our everyday work easier. Obtaining relevant information fast is something we now take for granted and it has become a key feature of our work and our approach to it. Above all our citizens benefit from it. They receive their information much faster.
Mindbreeze snaps seamlessly into the SharePoint system to give your users an enhanced search and navigation experience with secure, reliable, and efficient action. Read more about the solutions at http://www.mindbreeze.com/.
Philip West, May 10, 2012
Sponsored by Pandia.com
Buying YouTube Love: Is This a Step Too Far?
May 10, 2012
It seems YouTube comments are for sale.
The SEO crowd has a new angle. EzineMark announces that you can now “Buy YouTube Comments to Contribute in the Growth of Your Online Venture.” The write up starts by mentioning how useful YouTube videos can be in a marketing campaign. Naturally, the more comments a company’s video gets, the more exposure the company ultimately receives. So far so good, but such a setup begs for someone to game the system.
Now, apparently, companies are doing just that. We are advised:
“There is a revelation that social media marketing service providers design various packages of ‘buy YouTube comments’ in a different price brackets. The price of the package varies with the number of comments demanded by the owner of an online venture. You can come across packages with numbers ranging from 100 to 500 comments to choose from. You can avail the package of buying YouTube comments in tune with your requirement and budget.”
This particular, um, article is not really worth combing through, unless you get a chuckle from poorly written English. The very idea of buying YouTube comments, though, is an interesting tactic. How long before it is utterly impossible to differentiate between marketing campaigns and organic content? Are we already there?
Cynthia Murrell, May 10, 2012
Sponsored by PolySpot
Data Management Conference Attracts Record Crowd
May 10, 2012
Siemens just completed hosting a PLM conference with an amazing attendance of over 1800 PLM users. Proof of the growing reliance on PLM software these numbers speak for themselves. The conference was covered in the Automation World article, “Siemens PLM Conference Attracts 1,800 Plus”.
Some of the highlights of the conference’s 400 sessions were explained by the article as,
“Significant trends impacting manufacturing and the product lifecycle management (PLM) market according to (Chuck) Grindstaff were Big Data, product complexity, integrated systems and computational expansion. He mentioned Siemens PLM’s commitment to open–open culture, open data, open products and open communities–something reiterated by other executives the remainder of the day.”
Siemens is not the only PLM provider dedicated to the idea of open. As more smaller and midsized companies realize the need for PLM to manage their growing data open source cloud-based solutions are beginning to emerge with more frequency. We recommend companies looking for a personalized data management solution with the best customer service to be found contact Inforbix, a company dedicated to helping clients find, share and reuse data to streamline processes and minimize waste and duplication.
Catherine Lamsfuss, May 10, 2012
Open Source Search: Momentum Building
May 10, 2012
It has happened.
The self-appointed experts have discovered open source search, reveals CIO in “Wide-Open Search.” With exponentially growing amounts of data to contend with, organizations from Twitter and Facebook to the Library of Congress are turning to open source solutions. Such groups, Stacy Collett writes:
“. . . venture into the seemingly untamed world of open-source search applications, not just for the cost savings, but also for the ability to customize and modify applications quickly. Plus, open source has an active community that can help solve related problems.”
All true. Collett points to Lucene, developed by Lucid Imagination, as her open source example, which seems like a good choice to us. She emphasizes that Lucene is a formidable application built for enterprises with sophisticated search needs. Smaller-scale tools based on Lucene are also available, like Elasticsearch.
Lucid Imagination provides an enterprise open source search solution as well as consulting and engineering services. Lucene Solr leads the field in independent enterprise search platforms, with 200,000 to 300,000 downloads per month. As other search application vendors get snapped up by the giant companies, Lucid relies on adaptability. The write up informs us:
“Lucid Imagination plans to move into the business intelligence and data warehousing spaces and enable integration with big-data technologies, [Lucid CEO Paul] Doscher says. ‘If you put traditional data warehouse or business intelligence-type applications on top of Hadoop, in some instances, it’s almost like trying to take this manhole cover of opportunity and shove it through a garden hose,’ he says.”
Nice metaphor.
We’re okay with Lucid, but he mid-tier consultants. . . . Well, mid-tier exists for a reason. You can get profiles of key open source search vendors for free by clicking on the Profiles link at our sister information service, OpenSearchNews.com.
Cynthia Murrell, May 10, 2012
Sponsored by HighGainBlog
Protected: Open Web Analytics and IKANOW as a Key Resource
May 10, 2012
The Case for Reasonable Hours: Fact or Fiction?
May 10, 2012
Inspired by Sheryl Sandberg, Inc.’s Geoffrey James calls for us to “Stop Working More Than 40 Hours a Week.” Though Facebook COO Sandberg has been leaving on time to get home to her kids for seven years, the powerful executive only recently felt she could admit the fact in a culture where long hours are now required for workers to be considered dedicated and, by extension, worthy of raises and advancement. James points out that the excruciating trend has gained the upper hand despite longstanding evidence that working over 40 hours per week actually decreases performance. He writes:
“In the early 1900s, Ford Motor ran dozens of tests to discover the optimum work hours for worker productivity. They discovered that the ‘sweet spot’ is 40 hours a week–and that, while adding another 20 hours provides a minor increase in productivity, that increase only lasts for three to four weeks, and then turns negative.
“Anyone who’s spent time in a corporate environment knows that what was true of factory workers a hundred years ago is true of office workers today. People who put in a solid 40 hours a week get more done than those who regularly work 60 or more hours.”
This logic has shades of Henri Poincaré to be sure, but the advocates of balance have a point. People who just keep on keeping on past their 40 hours are at risk for burnout, which makes them far less productive. Just because you’re at your desk typing or clicking away does not mean you are doing a good job. Anyone who has had to redo work they (or worse, their colleague) did the night before, when intellectually numb and aching to get home to loved ones, can attest to that.
We think that opinions about how long to work are okay. The reality is that hard work often contributes to success. In fact, for some, work is play so it continues around the clock. We prefer the work mode. It validates self concept, generates revenue, and seems more productive than watching random YouTube videos.
Cynthia Murrell, May 10, 2012
Sponsored by PolySpot
Google Strategy Questioned
May 9, 2012
Blogger Dustin Curtis presents his take on Google’s business strategy in “Google’s Coherent Bouquet.” Riffing off of Google Co-Founder Sergey Brin’s line, “We’ve let a thousand flowers bloom; now we want to put together a coherent bouquet,” Curtis questions whether such flower arranging is within the company’s abilities. At issue is the importance of social media and, naturally, the threat of competition from Facebook that continually dogs the search giant. The write up asserts:
“Google has about 150 legacy core products which have slowly evolved into great tools over the past decade, but which were designed and built with the complete absence of consideration for any social interaction. Google+ is an attempt to shoe-horn Google’s legacy products into things that are compatible with a new set of social interaction paradigms.
“My point here is that ‘social’ is a point of view from which to design products and not a ‘layer’ that can be easily draped over existing, non-social products.”
Hmmm. Interesting logic. Curtis insists that a shift like the one Google needs is not going to happen without the impetus of “new and unexpected outside ideas.” Is the self-described “villain” blogger correct? Is Google too set in its ways to achieve social success?
Cynthia Murrell, May 9, 2012
Sponsored by PolySpot
Swiftype: A Challenge Google, SearchBlox, and Blossom
May 9, 2012
The SEO crowd and the newly minted open source search experts are usually insensitive to the challenge of site search. Now an outfit called Swiftype wants to displace Google and its site search / custom search, SearchBlox (an open source Web site indexing service), and Blossom (one of the leaders in hosted search for Web sites and organizations).
Background
“Site search” means indexing a public facing Web site and making the content findable. For the Beyond Search information service, we have two systems at work so we can point out the differences to those who ask us for our professional opinion. The search box visible at the top of the page runs a visitor’s query against an index of the content in the ArnoldIT.com domain. When you entire a query for “mysteries of online”, this is the results list:
When you scroll below the picture of our engineers in action, you will see a second search box labeled “Google Customer Search.” This is a variant of Google’s site search service. When you run the query “mysteries of online”, you get this results list:
The Google index follows the links within the content of Beyond Search so you get a broader results set.
Which is better? There is no better in site search. One can find the answer to one’s question or not. We use two systems to show that in some cases a narrow result set will have higher precision and recall. In other situations, one trades off precision for a broader recall.
Swiftype’s Play
The company has rolled out a Web site search service and an application programming interface for developers. You can view a demonstration of the service at www.swiftype.com. Set up is easy and features:
- Auto complete
- Generates a code snippet to put the search system in a Web page
- Indexing is performed “immediately”
- Analytics to show most popular queries
The company offers a quick start guide, information about the REST API, and information about crawler meta tags. The meta tags allow the developer to direct the crawler to index a site in a specific manner.
The company has been funded by YCombinator and is located in San Francisco. The service is now in public beta and is free. The fee for the service, when it exits beta, will be based on the amount of API traffic it generates.
“Y Combinator-Backed Swiftype Builds Site Search That Doesn’t Suck” provides a positive review of the beta service. The article asserts:
Among other things, Swiftype is supposedly easy to integrate with Tumblr — our own MG Siegler has added it to his blog ParisLemon. In other words, there’s virtually no technical work required from the publisher — something else that distinguishes Swiftype from the various other search products and open source libraries out there. At same time, companies who want a little more control can access Swiftype through its APIs.
Our view is that search in general presents a number of challenges. Site search is one subset of a broader information retrieval issue. For site search, we think that Swiftype deserves a look and a head-to-head comparison with other services. Unfortunately, after 50 years of innovation in search and retrieval, there is room for improvement in findability. Give the Swiftype system a whirl.
Stephen E Arnold, May 9, 2012
Sponsored by IKANOW
Findability and Design: How Sizzle Distracts from Understanding
May 9, 2012
I have been watching the Disneyfication of search. A results list is just not exciting unless there are dozens of links, images, videos, and graphs to help me find the answer to my research question. As far as I know, Palantir and several other analytics companies have built their businesses on outputting flashy graphics which I often have a tough time figuring out. My view is that looks are more important than substance in many organizations.
I read “Designers Are Not a Panacea.” I agree with the basic premise of the write up. Here’s a passage I tucked into my reference file:
Rather than granting designers full control over the product, remember that they need to play nice and integrate with several other aspects of your business. You need to remember that you are building a business not a pretty app. A designer co-founder could help (as could a sales co-founder), but does not offer any guarantees that you will make good business decisions, regardless of how “beautiful” an experience your application offers (not to say that adding more engineers does). Visual aesthetics are rarely enough. Getting a product into the hands of potential customers is important.
The write leaves an important question unanswered: “Why is the pursuit of visual flashiness now so important?”
I have several hypotheses, and I don’t think that some of these have been explored in sufficient detail by either the private equity firms pumping money into graphic-centric search and content processing companies. Here goes and feel free to use the comments section of this blog if you disagree:
First, insecurity. I think that many professionals are not sure of their product or service, not sure of their expertise, and not sure of their own “aura of competence.” Hiding behind visually thrilling graphs distracts the audience to some degree. The behavior of listeners almost guarantees that really basic questions about sample size and statistical recipes used to output the visual will not be asked.
Second, mislead. I think that humans like to look at pictures and then do the “thinking fast, thinking slow” thing and jump to conclusions for social or psychological reasons. The notion of an in depth discussion is something I have watched get kicked into the gutter in some recent meetings. The intellectual effort required to think about a problem is just not present. A visual makes it easy for the speaker and the listener to mislead intentionally.
Third, indifference. In a recent meeting, several presenters put up slides which had zero to do with the topic at hand. The speaker pointed to the visual and made a totally unrelated comment or observation. No one in the audience cared. I don’t think most people were listening. Fiddling with smart phones or playing with iPads has replaced listening and old fashioned note taking. The speaker did not care either. I think the presentation was prepared by some corporate team and the presenter was trying to smile and get through the briefing.
What does design have to do with search? If one looks at the “new” interfaces for Google and Microsoft Web search, I noted that neither service was making fundamental changes. In fact, Google seemed to be moving to the old Excite and Yahoo approach with three columns and a bewildering number of hot links. Microsoft, on the other hand, was emulating Google’s interface in 2006 and 2007.
Visualization systems and methods have made significant contributions to engineering and certain types of mathematics. However, for other fields, visualization has become lipstick designed to distract, obfuscate, or distort information.
In US government briefings, visual sizzle is often more important than the content presented. I have seen the same disturbing trend at analytics and search conferences. Without accountability from colleagues and employers, design is going to convert search and findability into a walk through Disneyland. The walk is fun, but I don’t think an amusement park shares much with the nitty grit of day to day revenue generation from software and services.
Stephen E Arnold, May 9, 2012
Sponsored by IKANOW
-
- Subscribe to Beyond Search
Feature archive
News archive
-
