Lee Cow Tris

My Space and The Outside World

Archive for category Information Technology

How Ads Affect Our Memory!

Feb 18

Posted by Tris in Business, Information Technology | No Comments

I partly read this article but I’m now stuck with homework so I don’t have time to read them all. Bookmark is a stupid way to re-read things that I found for myself (actually I never check my bookmarks). Thus, I share this on my personal website for everyone to read it, as I will also.

——————————

A new study suggests that marketers shouldn’t fixate on the number of people who click on ads. According to the research, just seeing an ad on a Web page can impact memory. The findings could have a significant impact on the way online advertising is made and metered.

Credit: Technology Review

Typically, to be considered effective, an online advertisement has to elicit a response–usually a click of the mouse–from a potential customer. But Chan Yun Yoo, an assistant professor at the University of Kentucky’s School of Journalism and Telecommunications, found that when people view Web advertisements, they store information in two different types of memory: explicit and implicit.

Explicit memory involves facts learned through conscious interaction, while implicit memory involves unconscious retention. Explicitly remembered information includes ad slogans, product benefits, and website addresses. In contrast, implicit memory might only come into play when external stimuli trigger concepts. For instance, a consumer might only recall a brand of toothpaste from a television ad when he or she discovers it while browsing in a store. Or the consumer might develop an unconscious affinity for a certain brand despite not knowing specific facts about it.

Subjects who paid attention to a banner advertisement were more likely than those who didn’t to recall whole words and facts from the ad–facts stored in explicit memory. All ads had the same level of impact in the unconscious explicit memory, however, whether or not they’d been clicked. Yoo’s findings are relevant because they challenge the assumption that online advertising is only effective when it gets a direct response from the viewer. His study was published in the spring 2007 edition of Journalism and Mass Communication Quarterly.

Donna Hoffman, codirector of the Sloan Center for Internet Retailing at the University of California, Riverside, says that Yoo’s research applies traditional ideas about media impact to the Internet. In other mediums, such as television, advertisers do not typically assume that audience members will interact with the ad. Hoffman says the notion that banner ads may have some impact on perception begs the question, “What are the most effective ways to advertise in the new medium?”

Yoo says that the implications of his work are twofold: advertisers “need to reconsider the objectives of Web advertising” and use “impression-based metrics more than performance-based metrics when it comes to measuring the effectiveness of Web advertising.” Click-through rates, which represent the percentage of people who clicked on an ad after viewing it, might be useful to determine whether an ad elicited an immediate response. But ad impressions–that is, the number of times an ad is displayed–might be a better measure of the impact required to build a brand image.

Many advertisers offer companies and individuals both impression- and performance-based measurements. Google’s Adsense allows revenue to be collected in number of impressions or per click. Popular video-sharing website Revver relies mainly on click throughs, but it recently introduced impression-based advertising.

Heather Luttrell is president of online marketer IndieClick, based in Los Angeles, which charges according to impressions. The company’s goal is to connect retailers with viewers who are highly relevant to the advertiser, ensuring an attentive audience.

“Clicks are not the most important thing,” Luttrell says. How people find the site is not as important as tracking what they do once they go to the site. IndieClick found that click throughs accounted for only a fraction of the increased site activity created by an ad campaign. On a consistent basis, Luttrell says, site statistics “showed seven times more traffic at that destination site than we would have shown through click through alone.”

Yoo recommends focusing on targeting neither explicit nor implicit memory but, rather, both. A larger campaign might not be based exclusively on click-through behavior, he says, and many of the implicit effects of online advertising are not yet fully understood.

Source: http://www.technologyreview.com/Biztech/19275/

Tags: , ,

Tris won triple first prizes in IT Challenge – Monash University

Oct 8

Posted by Tris in Day-2-Day Entries, Information Technology, Projects | 16 Comments

Hi everyone,

That was amazing that I’ve won triple first prizes in IT Challenge held by Monash University. Wow wow wow =D!  My project was about an online system that helps students practice before tests which is modified with some new features and solutions. A month working alone, day by day, and I’ve reached my goal in which I’ve never thought about how successful it will be, yes never mind about that.

I used the same package as usual: PHP/MySQL/Javascript (AJAX). Hopefully, I will share my source code for everyone soon, just for intellectual purposes only.

I’m trying to get a visa as soon as possible to fly to Melbourne by late Oct. Hope it will be ok and I will be attending the awards ceremony with a special digital festival there ^^

This is a screenshot of my position ranking in Monash University website. You guys can check it here: http://www.infotech.monash.edu.au/promotion/competitions/it-challenge/results-2009.html

10/2009
Tris.

What if Windows 8 was touch-input only?

Sep 27

Posted by Tris in Information Technology | 9 Comments

With the news that Microsoft are bringing out a touch-screen tablet which could rival that of Apple’s alleged tablet device, it made me consider what is next for future operating systems.

Some would argue that Windows 7 was designed in and around touch capabilities, as the operating system finally included multi-touch technology which Microsoft had perfected since the “Longhorn” days.

With the Ribbon being integrated into most common programs and the operating system being designed for finger-input, you can tell Microsoft has made a significant push on the touch-screen user.

Bearing this in mind, could the next wave of operating systems – “Windows 8″ specifically, expected to be released in 2011 which by then anything could go, be based on a touch-only interface?

(And of course, I say Windows because I have yet to visit or experience an office or university environment which has a network of over 25 non-Windows machines. It just doesn’t happen).

Mary Jo Foley already has a snapshot of what we can expect in Windows 8 but it doesn’t really tell us about what the hardware will be; the hardware will most likely be out of Microsoft’s hands, unless they decide to make specific devices for their own operating system like Apple do with the Mac.

Because technology is moving forwards so quickly, it is difficult to determine what the next generation operating system could even support, let alone take advantage of. Windows 7 is lucky to have multi-touch support because another six-month delay to the multi-touch technology and it may not be supported in it at all.

As with Pandora’s Box theory, once it is out there in the world, you cannot take it back. Touch is most certainly a viable way of data input and will never leave post-modern operating systems. It first arrived in Windows XP and since then has grown from strength to strength; perhaps not as much as people first thought, however.

Who knows, really? By 2011, the success of the “Courier” tablet, the hardware touch-screen device which Microsoft are developing, could prove so popular that the entire concept of mobile hardware could change entirely. Perhaps the death of the laptop can be seen upon the horizon?

Of course, with their other supposed prototype, “Codex”, which works as a dual-screen journal-like touch device which allows multiple positioning and adjusting, using a Filofax-type device with electronic functionality is sociologically interesting on multiple levels. It is as if we are oxymoronically regressing yet progressing by holding onto a relic of the past only to develop into an electronic device which encourages better collaboration and productivity.

The video is here, but be sure to hold on for the initial conversation in the first scenario; the most uncomfortable, scripted and blatantly obvious acting is about 40 seconds in.

Touch technology is steadily improving and has even twisted my arm round to a touch-way-of-thinking. It is interesting to see what’s next and how viable touch will be. However I cannot get over the thought of working in the university library with a single touch-screen monitor and no keyboard, tapping on a hard surface as I write one of my criminology essays.

The keyboard, as in line with Pandora’s box theory, is out and serves its purpose well. It is a technology which has struggled to be improved over the course of the last three decades because it does exactly what it needs to. Besides the ergonomic design of these methods of input, the technology works. If it isn’t broken, why fix it?

As for data input in the next version of Windows, or any future operating system for that matter, touch will still be in second place to the keyboard, no doubt.

So, what if Windows 8 was touch-input only?

Reference: http://blogs.zdnet.com/igeneration/?p=2892&tag=nl.e539

Tags: , , ,

Coding techniques for securing PHP app in a shared hosting environment.

Sep 19

Posted by Tris in Information Technology | 2 Comments

I’ve just read ‘em on PHPTalk, I don’t visit there every often, but still looking for some interesting articles. And the topic now is using some coding techniques to secure your PHP app in a shared hosting environment.

I’ve trimmed the post for some parts we don’t need to read (such as server’s configurations). We focus on the coding techniques only. Although these issues have been talking for bunches of times over the Internet but there are still some basic things that programmers got missed.

(Reference: http://www.phptalk.com/forums/index.php/topic,6455.0.html)

Since its inception in 1994 as a set of basic development components, PHP has grown into one of the web’s most powerful development engines, having since been installed on literally millions of servers worldwide. And although PHP offers both the versatility and the built-in functionality to run in a reasonably secure fashion, most of those servers are configured in such a way that PHP scripts are at high risk for compromise.

[...]

General practices for PHP application security

At this point, I’d like to briefly go over just a few coding techniques you can use to increase the security of your application. Please understand that this is by no means a comprehensive list, and simply adhering to the suggestions below does not ensure that your application is secure. However, you should make it a point to be security conscious when writing code, rather than trusting your environment to eliminate or mitigate any potential attacks on your application.

1. Sanity-check your data

- This is probably the simplest and most effective way of preventing exploits in your application. Sanity checking just means that if you’re expecting the user to enter a number, make sure you actually received a number. If you’re expecting a string with alphanumeric characters only, verify that that’s what you got. Also, never trust this kind of validation to javascript only, as javascript can easily be disabled on the client side. Finally, never pass user data directly to an SQL query without validating it first. While PHP’s magic_quotes mechanism is great for helping to prevent SQL injection attacks (an attack where a user can enter data in such a way as to run their own arbitrary queries), again you should not rely exclusively on the environment for your application security.

2. Check the type and extension of uploaded files.

- Allowing file uploads is inherently risky, but very often it’s a necessary part of an application. PHP allows you to gain a lot of information about uploaded files before they’re ever written to their final destination, so make use of the information contained in the $_FILES array to ensure that you’re getting the type of file you’re expecting. A basic way of validating the file type is simply to ensure that the extension of the file indicates that it is (or is purported to be) the type of file you’re expecting. A common exploit for upload scripts is for an attacker to upload a malicious PHP script to your site, then browse to the uploaded script to gain control of your files. Even a basic check to make sure that, for instance, only files with a .jpg extension are allowed to be uploaded would prevent this type of exploit. However, I also recommend verifying the MIME type of the file, which is contained in the $_FILES array under the key ‘type’, and will look like: “image/jpeg” or “application/pdf”. Be as restrictive as possible – rather than validating against a list of extensions that are NOT allowed (php, exe, etc), check to make sure that the extension and/or MIME type matches a small group of file types that ARE allowed.

3. Use a .php extension for ALL files with PHP code contained in them.

Often I come across files in PHP projects that have a .inc extension, because they are meant to be included, not browsed to directly from the web. This is a common condition, but there’s a potential security issue here if those files contain any sensitive data (e.g. database passwords). Because .inc files are not parsed by the PHP interpreter, they can be passed directly to the client side if they’re available via a web request, which would allow anyone to read the php code directly. Hopefully the directory these files reside in is denied read access by webserver rules (see below), but even so, there’s no sense in risking an accident where the user ends up being able to browse directly to the file. Use .inc.php.

4. Make use of your webserver’s access control rules (e.g. .htaccess)

- Even if all the php files in your application have a .php extension as discussed in #3, you should still make use of your HTTP server’s access control to prohibit any files in sensitive directories from being served via the web. For instance, if you keep your database passwords in “include/db.inc.php”, this file, and all files in the include/ directory should be prevented from being served via the web. Even though the .php extension will ensure that client-side users can’t read the code if the PHP interpreter is functioning, there is the potential condition that the HTTP server has loaded without the PHP interpreter. Botched upgrades or configuration errors can sometimes cause this condition, and in the event that someone browses to a PHP file without the PHP interpreter ever having been loaded, they will again see the code just as you do when editing the files. In Apache, disabling directory access is usually as simple as creating a file called .htaccess (note the leading period) in the directory, then adding the line: “Deny from All” (no quotes) to that file and saving it.

Tags: , , , ,