Hey #pubconners it’s snacktime again so that means I’m doing what everybody else is – rushing to the conference room so I can snag a seat next to a power outlet. A snack sounds good though, so if you’re coming to salon F I’m at the last row of tables and I’ve saved a seat (and a power outlet) for whoever brings me a tasty treat.
In a few minutes we’re going to start the Rogue SEO tactics session featuring Giovanni Gallucci, Carolyn Shelby (better known as @cshel) and Steve Plunkett. It’s awesome that we’ve got 2 black hat sessions planned, and this one should be pretty awesome.
Remind me if I get time to ask Steve why he blocks me on Twitter. Also, remind me that I owe @cshel several beers too – so if you see her buy her one from me. She deserves it.
As always you shouldn’t try these things on your site, you should just be aware of them because others may be using them.
Alright it’s almost time to start. Let’s get into it!
Giovanni is up first. He says he’s been doing this so long that the first search engine he worked on had a hand crank. Giovanni works now as a photographer, but he didn’t have any experience so he had to think like a hacker to cheat/fake his way until he was accepted in the industry.
SEO is just like photography. You need to have the right tools to go with the tips and strategies.
When you’re doing social engineering, it may feel sleezy but you have to build relationships that you can exploit to get something done. It’s ok to do something for free to build our portfolio, but NEVER if they’re the one asking for it. That just devalues your services and establishes your value at $0.00. It’s different when YOU’RE the one asking.
If you’re going to do this stuff, leave a small footprint. Don’t be an idiot and go talk at a conference about black hat techniques (whoops!)
Tip: If you want a press pass to something, Go print one at Kinkos. Nobody will question it. Tell people you are what you want to be (You’re a writer not a blogger) and they’ll give you that respect. Also, know the law and know what your rights are. When it comes to sites, know the TOS and make sure you’re complying.
Whenever a laywer sends you something on their letterhead, that’s all it is – a letter. When somebody’s going to sue you, they don’t send you a threatening letter; they just sue you.
If you want to start a black hat campaign, don’t jump for the cookie jar first. Do your solid white hat SEO first, then enhance it with black hat if you need to. You can’t succeed with JUST black hat SEO.
Tip: Stuffing images with aperture meta data CAN impact your rankings. Interesting.
Steve is up next. He’s started off by asking if anybody is an agent of any law enforcement agency. He wants to talk about ethics and liability. He mentions Giovanni not getting a job offer because the employer saw that he spoke on black hat SEO.
Interestingly the same people here who have been sued by their clients are also the ones who have gotten their clients sued. Coincidence?
@dannysullivan: Black hat typically means things that you do that are against the search engine guidelines.
Based on his surveys, nobody here is using many black hat techniques – or at least willing to admit it.
@mattcutts: SEO dodgeball: BH try to sneak in too manyballs. WH can file a reconsideration and come back to play again.
Steve doesn’t do linkbuilding – at all. If you want to buy links, buy one from Yahoo for $299. That’s all you need. As somebody who works on large brands here, I agree. I have little to no need to do link building for my clients.
Steve ends with saying “Report spam. Google will love you for it.” Caution from @cshel though: In high school you don’t rat somebody out for having drugs in their locker if you have drugs in your own locker. That’s true.
Speaking of @cshel, she’s up next to talk about risk aversion and mitigation. She cautions that some of this stuff could get your thrown in jail.
Nice people have bad habits. They don’t like confrontation and conflict. They trust people before they distrust them – which is a huge mistake. And sadly they believe life is fair. Nice people are so out of touch with reality.
A little paranoia is healthy. Alway sassume the worst, asses threats early and protect your assets. You need to maintain a war chest because when it’s go time it’s go time and you need that plan now. Just like having a heart attack. You don’t take an aspirin and make a dr. appointment, you go to the doctor.
Ok let’s look at types of badness.
• attacks of convenience. (Script kiddies, spammers looking to exploit your resources.) it’s like somebody looking for open car doors in a parking lot. best way to protect yourself, don’t have open doors.
• attacks with intent are different. They want YOU and will do whatever it takes. Competitors, disgruntled employees, that kid you picked on in 3rd grade who’s now grown up and living in his mom’s basement plotting against you.
Types of security:
Obscurity (nobody knows about you)
Physical security (the best firewall is useless if your server is in the open)
Superior Litigation (people don’t attack you because they’re afraid of being sued out of existence)
Trust is the biggest liability of all. Make sure you’re shredding everything. Don’t give everyone admin access. Run background checks on employees and vendors. (if they owe large sums of money to the IRS that’s a bad sign.) If it’s really sensitive or important, do it yourself. Have a worst case scenario plan just in case. No plan? How much time can you afford to be offline if one happens? I’ll bet it’s longer than it takes to make a plan.
Firesheep! great Firefox extension that let’s somebody sniff you out over public wifi and basically become you and assume your cookies. Note: this might be a violation of wiretap laws, but that won’t stop people from doing it.
Other ones include FaceNiff for android (which I think Steve is demoing at the table and it shows several accounts on it.) He also just pointed at me too, so I’m kind of worried now. Time to log out of Facebook.
If you can’t beat somebody in the SERPs, just pull a Tanya Harding and take them out.
There’s also a lot you can do by tying them up with lawyers. If you have the opportunity to sue somebody it can be fun – and at the bare minimum cause them lots of financial hardships. Remember, the law makes everyone equal but justice goes to the highest bidder – and most people don’t have the money for lawyers.
Reiterating: Cease and Desist letters just broadcast that you don’t have a legal leg to stand on. Since it’s almost hunting season I’ll change this anecdote: You don’t fire a warning shot before you shoot your 12 point buck, you just shoot him.
Use your legal abilities WITH your mad SEO skills. Monitor your competitors for opportunies to exploit them. Even social info can be used as a wedge. Cheating scandals, money problems, desperation, etc. These people might be willing to sell their share of the business rather than give it to their spouse.
notes: Dignity and an empty sack is worth the sack. Dignity and fair play are mutually exclusive. Great list of “reading” from @cshel but she moved the slide before I could copy them down.
Now it’s time for Q&A
Q: what are link wheels?
A: they’re sites where you post the same crap and link back to your website. Just like your social media account.
another tip: Don’t write anything down. ever. it WILL be subpoena’d.
Q: If you find yourself under an attack you need a backup plan, what type of plan should you have?
A: Ideally don’t get attacked. If you can identify the attacker your plan should be to take them out.
somebody pointed out that hilariously, Carolyn’s website isn’t loading now. Is somebody ironically DDOS attacking her during her black hat presentation? That would be kind of funny.
Wake up! The lights just came on super bright. #OwMyEyes.
Good point: Look out, script kiddies who grew up on IRC are now in their 30’s and 40’s and working in corporations.
A good takeaway would be that there’s no discrete between white hat and black hat.
And that’s it. Hope you enjoyed my coverage, and maybe I’ll see you at the next conference. If I do, bring me that freaking treat.