ISGroup

Press Release distribution analysis

Paying for distribution. Is it worth it? Here at ISGroup we have some daily SEO and Social Media tasks concurring with Penetration Testing and Ethical Hacking sessions. Nowadays any sane company do some Media/PR/Communication in-house, right? And while we are in no way experts sometimes we perform better than “real” Media companies, at last from a technical prospective. Our advantage is that we can code BASH (LOL!) and measure results. You can do amazing automation with just CURL wrapped by some logic, and the hacking mindset apply perfectly to Content/SEO/Social automation. Still there are professionals and companies who sell plain Ifttt and HootSuite to customers.

When it comes to Press Release distribution we generally outsource it. One can easily use Odesk and Fiverr to find contractors, after all they should be better specialized and more efficient than us.

If we will keep this method or not is still under discussion, seen the low results we are getting lately. For example a month ago I personally bought a gig from http://fiverr.com/cyberstorm/submit-your-press-release-to-50-top-pr-sites for a side project I’m expanding with Gianluca (not something we earn money from).

This is the Gig description was great:

MANUAL Press Submissions to USA BASED MEDIA. You can gain a wide audience for your site news with 50+ Top P.R website and some free Press Release Distribution sites. USE the PR & Search benefits of the online media with a service that gets results & saves your time & Make Money . PLEASE READ. All press releases must include your contact info at the bottom of the press release. Now you can add one IMAGE & VIDEO with ORDER. Gig Extras 50 more PR site $5 each , you can get up to 300 pr site $30 or 6 gigs.For 600 pr websites $50 or 10 gigs. PLEASE Make sure your press release is well written. Spelling and Grammar will not be checked. ( Press Release is submitted AS IS) I can help you promote your Start up, news business/company, Mobile Apps , kickstarter, indiegogo or any crowdfunding.

With an astonishing budget of 45$ the promise is the publication on more than 300 sities. Ideal for our Press Release about ScadaExposure (http://www.scadaexposure.com/)! The reality was pretty different:

The Results of the campaign are:

  • Published on 109 unique domains, for a total of 131 post;
  • Half of them are not working (not resolving, the ones with “investor” in the subdomain);
  • Only 9 pass a link to our target URL;
  • 8 of them are PR0 sities, like socialjunki.com;
  • 1 PR1 link from prnation.org;
  • The prnation.org service is worth 5$.

In conclusion one can archive better results without the need of outsourcing a Press Release distribution, just use the right free resources and buy the right services from the beginning!

Note to self, many PR resources are free or very affordable:

  • http://comunicatinocost.x10.mx/ [Free, ITA]
  • http://launch.it/ [Free]
  • http://new.pitchengine.com/ [Free(1 Article)+Pay] From $39/Article
  • http://pressreleaser.org/ [Free but not accepting new members]
  • http://prnation.org/ [Pay] From $5/Article
  • https://aap.com.au
  • http://www.1888pressrelease.com/ [Free+Pay] From $15/Article
  • http://www.24-7pressrelease.com/ [Pay] From $49/Article
  • http://www.clickpress.com/ [Pay] From $75/Article
  • http://www.freepressindex.com/
  • http://www.free-press-release.com/
  • http://www.i-newswire.com/
  • http://www.marketpressrelease.com/
  • http://www.mediasyndicate.com/
  • http://www.newswiretoday.com/ [Free+Pay] From $99/Month
  • http://www.onlineprnews.com/ [Free+Pay] From $22/Article
  • http://www.openpr.com/ [Free]
  • http://www.pr.com/ [Free+Pay] From $199/Year
  • http://www.pressreleasecircle.com/ [Pay] From $15/Article
  • http://www.prleap.com/ [Free+Pay] From $79/Article
  • http://www.prlog.org/ [Free]
  • http://www.prnewswire.com/ [Pay] $195/Year
  • http://www.prweb.com/ [Free+Pay] From $99/Article
  • http://www.przoom.com/ [Same people of newswiretoday.com]
  • http://www.realwire.com/ [Pay] From £125/Article
  • http://www.sbwire.com/ [Pay] From $20/Article
  • http://www.scoop.it/ [Free]
  • http://www.vdsys.com/ [???]

 

 

It would be nice to measure the performance level of each service!

Standard
ISGroup

ScadaExposure on the press: SonntagsZeitung and Le Matin Dimanche articles!

Florian Imbach, journalist from the investigative team of SonntagsZeitung and Le Matin Dimanche in Berne, published a really interesting article featuring ScadaExposure.

The text is about the current state of SCADA/ICS security in Switzerland and contains various meaningful examples of actual vulnerable/exposed devices. A French version is also available on the Le Matin Dimanche newspaper.

You can read an extract of the articles on the links below:

SonntagsZeitung http://www.sonntagszeitung.ch/fokus/artikel-detailseite/?newsid=268454

Le Matin Dimanche http://www.lematin.ch/suisse/suisse-installations-merci-hackers/story/22376581

ScadaExposure is the first observatory on the exposure of SCADA devices on public networks. Our methodology and data can be freely accessed and we are always looking for improvements and suggestions, feel free to contact me on LinkedIn (Francesco Ongaro <ongaro.f@gmail.com>) or Twitter (https://twitter.com/ISGroupSRL). Your feedback is greatly appreciated!

Standard
ISGroup, Security Research

Scada Exposure released! Scada Internet Exposure 2013-11

ScadaExposure is the first attempt to create a permanent observatory on the presence of overexposed scada gears. The project is a collaborative effort of Francesco Ongaro and Gianluca Pericoli, aimed to build an open framework for SCADA exposure benchmarking. Knowing the updated index of exposed ICS devices allows to answer many questions of public interest.

Get the Scada Internet Exposure 2013-11 report

Our goal is to obtain fresh data (exposed/vulnerable devices) from public search engines like Shodan and Google and categorize it around three main dimensions: the Temporal axis, the Geographical axis and our Taxonomy.

Temporal axis

Each dataset belongs to a release that refer to a specific time. Our first release is the November 2013 one.

  • Is SCADA exposure higher or lower than before?
  • Is the current awareness and effort level effective in order to secure private and critical infrastructures?

Geographical axis

Results are separated by country. The first release includes Switzerland, Italy and World.

  • Is a country more exposed than another?
  • How is a country relatively exposed? (Indexed devices VS Scada devices)
  • How is a country relatively exposed compared to the world? (Country Scada devices VS World Scada devices)
  • How is a country relatively exposed compared to another country?

Taxonomy

ScadaExposure’s taxonomy is a hierarchy of Vendors, Products and Product versions. Every search query (“dork“) is linked to a Product Version, Product, Vendor or can be generic. Products belong to two categories: Systems and Devices, as described by the Glossary.

  • What is the most exposed vendor?
  • What is the most exposed product?
  • What is the most exposed system type or device class?

 

We would love to know you reaction (scadaexposure@isgroup.it)!.

The project is sponsored by the security company ISGroup SRL.

Standard
ISGroup

Fastweb, la peggiore esperienza commerciale possibile

Estate 2013, Verona pieno Centro Storico, vicino l’ufficio installano un tombino Fastweb con il relativo armadio (circa 100 metri di distanza). Da tempo sul sito sembrava esservi copertura FW Fibra ma quello era un chiaro segnale… Maledetto tombino. Decido quindi di chiamare il centralino e di verificare se effettivamente è possibile usufruire di questa tecnologia.

Dopo innumerevoli rassicurazioni a domande più che esplicite (“Siamo sicuri che è FW Fibra?”, oppure “Non vogliamo l’ADSL, abbiamo già una linea Telecom”, o ancora “Non ci interessa l’ADSL e poi la fibra, attiviamo solo se c’è la fibra da subito”) mi convinco e ordino. Grazie ad una buona dose di prudenza, dettata dal fatto che in ufficio la connettività è fondamentale, chiedo l’attivazione di una nuova linea, separata da Telecom, evitando il disastro.

Puntualmente viene attivata una normalissima linea ADSL, del tutto inutile per i nostri scopi, con meno banda e più latenza di Telecom.

Ecco il risultato:

No Fastweb, non vogliamo pagare una linea ADSL 25€ al mese (per inciso, più di quanto paghiamo adesso) per 12 mesi, anziché 45,37€ per poi sperare che nel giro di sei mesi venga convertita a fibra e ammortizzare i tuoi costi.

Troppa voglia di vendere, offerte poco chiare (evidentemente anche per partner commerciali e chi lavora all’interno dell’azienda) e diritto di recesso inesistente.

Forse é successo solo a noi, forse siamo stati fortunati, ad oggi nessuna risposta da Fastweb che si aggiudica la peggior esperienza di sempre con un fornitore di connettività.

Francesco Ongaro,
ISGroup SRL

Aggiornamento dell’8 Ottobre 2013: All’indirizzo http://comp[..]matori/ si legge “Il Regolamento prevede che, prima di rivolgersi alla giustizia ordinaria, l’utente faccia un tentativo obbligatorio di conciliazione nei confronti dell’operatore.”. Potete anche scaricare il PDF del protocollo d’intesa all’indirizzo http://www.fas[..]ne.pdf. Abbiamo contattato l’Unione Nazionale Dei Consumatori (http://www.consumatori.it/) tramite form online e l’AECI (https://www.faceb[..]Lazio) tramite Facebook ed altre associazioni. Aggiorneremo la lista man mano otteniamo risposta.

Aggiornamento del 9 Ottobre 2013: Vengo ricontattato dall’assistenza clienti che mi comunica che una voce (quella relativa all'”Importo per dismissione servizi FASTWEB” da 78,60 Euro) della fattura non è corretta, dato che ci siamo avvalsi del diritto di recesso, ed è stata imputata per errore (!?). La centralinista afferma di non essere in contatto con l’ufficio legale, tanto meno di poter prendere decisioni caso per caso, mi chiedo quindi perché la voce fosse presente in primo luogo. Quanti altri l’abbiano pagata senza battere ciglio, magari nella stessa nostra situazione, è impossibile da sapersi. Si tratta sicuramente di un errore isolato.

L’importo per “Addebito costo attivazione per recesso anticipato” di 119.00 invece é secondo Fasweb legittimo, in quanto ho disdetto prima dei 24 mesi (due anni!). Mi chiedo come un utente possa avvalersi del diritto di recesso entro 10 giorni ma successivamente ad un periodo di 24 mesi (la logica sembra dimenticata).

Chiedo il numero dell’ufficio legale ma “non può”, “non vuole” e poi “non sa” darmelo, é onere delle associazioni dei consumatori e del mio avvocato scoprirlo.

Il modem non é restituibile secondo il supporto telefonico, peccato che Fastweb mi abbia inviato un SMS che dice il contrario. Non potendoci fidare di alcuna informazione fornitaci proveremo a restituire il modem (chissà come andrà a finire!).

fastweb-modem

Fastweb non vogliamo sconti, vogliamo poter recedere senza spese da un servizio che non abbiamo mai richiesto, del quale i tuoi operatori ci hanno dato errata comunicazione (sara’ tutta colpa loro?). La mia intenzione è quella di aggiornarvi su questa vicenda e farvi partecipi di quanto tempo e denaro per le spese legali sia necessario per ristabilire i propri diritti di consumatore nei confronti di Fastweb.

Standard