Matthew T Grant


Tall Guy. Glasses.

Vot Are You Voorking On?

299311799_75ebae8abe_mI’m in the middle of a bunch of projects right now.

One project has me writing about security in the cloud.

Apparently, security concerns are one major obstacle to adoption of the cloud, in spite of the many advantages this computing model offers. My client is trying to change all that.

Another project has me mapping out a strategy for a blog focused on outsourced (sometimes called “offshore”) product development (OPD).

While the offshoring of IT services is hardly new, for the last several years we’ve seen outsourcing move up the value chain to include what were once considered core functions like R&D and new product development. As you might imagine, there are myriad challenges associated with this approach. My client is trying to solve (some of) them.

In addition to the above, I’m doing content strategy (“what kind of content do you need to generate leads, close sales, and improve search rank?”) and development (actually producing the stuff) for an array of B2B firms.

Bigger-picture-wise, I’m exploring various business models for content marketing services. If you’ve got ideas about that, let me hear ’em!

PS. The title question of this post was posed by Irini Galliulin to Ensign Chekhov in the classic Star Trek episode, “Way to Eden

Image Courtesy of Dollie_Mixtures.

Secret Teachings of the Botnet Masters, or “Have You Had Your Daily SQL Injection?”

2942203842_59f1e655b2_mDid you know? “[Infected] URLs have really and truly become the most dangerous force in the world of cybercrime.”

Well guess what? One method used for corrupting them is called “SQL Injection.”

I learned about SQL Injection while exploring the weird world of botnets: vast networks of “zombie” computers used to produce spam (“90 percent of all e-mail worldwide is now spam“) and steal information from people. Turns out computers are enlisted into these vast zombie armies via websites that have been infected with malware (sometimes called “badware“) using technique’s like SQL Injection.

(On the continued use of this rather mature hacking method, Matt Hines wrote, “Once again we’re seeing that when it comes to online malware and data theft, attackers seem to have little motivation to create altogether new breeds of assaults, as well-known practices such as SQL injection remain so effective.”)

I did not realize that there were people on Earth known as botnet masters (as in the phrase “the topologies used today by botnet masters“). Nor did I realize that there are competing botnet developer kits and that descriptions of them, such as this one from Damballa‘s Gunter Ollman, read surprisingly like rather typical techie on-line reviews:

Zeus is an interesting DIY malware construction kit. Over the years it has added to its versatility and developed in to an open platform for third-party tool integration – depending upon the type of fraud or cybercrime the botnet master is most interested in. Along the way, many malware developers have tweaked the Zeus kit and offer specialized (and competing) major versions of the DIY suite (for sale). As such, the “Zeus” kit has morphed and isn’t really even a single kit any more. You can find Zeus construction kits retailing between $400-$700 for the latest versions – dropping to “free” within a couple of months as pirated versions start circulating Torrent feeds.

I think I understand how the sales process works for these kits (which go for between $400-$700). What I don’t understand is how the marketing function works for them.

For example, is there a hard division between sales and marketing in these organizations? Do the kits have product managers? What kind of market research leads to the final decision to go with this or that set of features? Is there after-sale support or is that all community based? And so on.

Can anybody out there give me some answers (without, you know, assimilating me into a botnet)?

BTW: The botnet masters have found a novel business benefit for social media: they use it to avoid detection. Marketers take note.