[Previous] [Next] - [Index] [Thread Index] - [Previous in Thread] [Next in Thread]

Subject: Re: UKNM: ho ho ... oh.
From: Leigh Blue Caldwell
Date: Tue, 14 Apr 1998 12:12:23 +0100

> Richard,
> Actually I would not regard Yell as a respectable site (personal opinion I
> know but none of the people I know who worked on the site rate it highly
> either).
> There is a simple problem here, there are nowhere near enough GOOD
> programmers in the UK (i.e. people who can spec the program, see problems in
> advance and incorporate solutions into the costings). Yes, I am biased
> (after all I write programs for a living ) but I have not meet many
> programmers who I would trust to offload work onto.

This is an interesting point... remind me to bring up some more
examples of this when I don't have a client waiting for me in the
next room.

> Using the Yell Counter as an example there is a vast difference between an
> easy to use counter (as Yell uses) and a spoof-proof version which would
> require a database, various complex queries to validate IP addresses,
> control software and an awfully big hard disc. In cost terms the simple
> version would cost sod all (I know there is Perl version on my Linux box and
> I have both cold fusion, ASP and ISAPI versions on my portable) while the
> spoof-proof version would be nearer �5,000 (minimum). Take you pick but how
> many sites would willingly pay that for a better version of something that
> is free.

No doubt about it. We have implemented various kinds of tracking
systems and the like for clients, but they are never concerned
enough about security to pay the extra to make it proof against
things like this. Or alternatively, in one case, a client decided
not to even put their system online for direct querying (the
provision of price quotes for a service) because they thought their
competitors would send thousands of queries and calculate their

We explained the various ways that this could be combatted
(detection of multiple queries from a single IP number or domain,
queries at regular intervals or with a regular patterns, the
registration of email addresses with the results sent by mail
instead of returned on the Web) but they decided that they'd
rather not either take the risk or make the investment. Better
that, I suppose, than they take the low-cost route and run risks.

I'd agree with you on the price of putting in place a more secure
system...although we might be willing to go down to 4,500 :)
That's if we ever decided to compete on price, which of course we
wouldn't, just as nobody in this industry would dream of doing...

right? :)

See you this evening,

information | Leigh Caldwell, managing director, Internation.
innovation | Allied House, 45 Hatton Garden, London, U.K.
integration | +44-171-242-3200 (fax 3033)
Internation. | blueatinternation [dot] co [dot] uk www.internation.co.uk

  Re: UKNM: ho ho ... oh., Ben Thompson

[Previous] [Next] - [Index] [Thread Index] - [Next in Thread] [Previous in Thread]