Say "shareware" to most administrators at commercial software package companies, and they think of adolescent computer programmers pushing free or $19 software package — inconsequent, bug-ridden utility programs or games — out to masses of buyers for fun and really little benefit.
Well, we are here to inform you: It's time to reconsider shareware.
Lesson 1: Shareware is not for great software business enterprises.
Foremost, when we state "shareware," we are talking of a commercializing process, not a industry model. Lots of really commercial, very fruitful, very earnest software corporations successfully apply the shareware method to get their good into the hands of prospective customers.
"There is a great misinterpretation on what shareware is," states Dave Collins, chief executive officer of U.K.- Established software commercializing business firm SoftwarePromotions Limited Company. "It is merely any variation on the try-before-you-buy example.
"One of the big myths is that shareware is out-of-date — that's it is modest. In my impression, that could not be further from the fact. Some of the largest firms apply it — Symantec and Microsoft and WinZip, to advert just a couple. You will not find the notion 'shareware' on their internet sites, but they've trial editions available, and this is accurately what the shareware example is."
"Nothing distributes your software package better than itself," states Sharon Housley, Vice President of commercializing for software developer NotePage in House of Hanover.. Housley's as well on the directorate of the Shareware Business Awards Foundation (SBAF), the governing committee for the yearly Shareware Industry Meeting (SIM).
"Shareware estalishes trust with your client, in that you are willing to allow them apply it, examine it." she states. "Also, if you do not do it, your competitors will."
Lesson 2: There is no income in shareware.
Once again, shareware is a commercializing method, not a expose scheme, and as a commercializing scheme there is a batch of evidence that it does act. In a nutshell, if you are able to apply shareware to change leads into gross sales, there's lots of income to be earned.
"I envision two-person corporations that are getting 4 million downloads a year," states Phil Schnyder, chairman of askSam Systems in Oliver Hazard Perry "This one developer commenced out doing a game that they allow men download over the 'Internet, and now they are in Wal-Mart and getting big money."
Housley offers additional instance:
"Marshall Magee is one of the initial to rework $ one million in one year on the shareware example. In his SIC demonstration, he stated that he initially stuck his Automenu computer program for Department of State up there for free and somebody proffered him $ twenty for it.
"Marshall paused, and the buyer asked if $ twenty was not enough. Marshall stated, 'No that's lot,' but asked for a check so that he could demonstrate his dad that's there's profit to be earned in software industry. In his 2nd year, Marshall's gross sales were $2.5 million. In year 3, they were $ten million.
Lesson 3: Shareware software package is inferiority and frequently oversimplified.
" Ours is complicated software package," Housley states. "It's high-end electronic network software. Once you propose shareware, you build documents that are as easy to apply as imaginable, you build slide shows, you build Web demonstrations. To state that yours is too complicated for shareware is just an apologise."
"To several, shareware has a minus intension of low measures and amateurism," Collins states. "But you do not have to consume the notion to adopt the commercializing technique. The word 'shareware' has no relevancy to the clients. It has about as much relevancy as acknowledging the make of the exercise that the dentist applies in my mouth.
"As a matter of fact, corporations using shareware model are much more tractable to the demands of their consumers. If there's a missing feature, evaluators point it out instantly, and small developers can apply those alterations or additions comparatively rapidly."
Lesson 4: Shareware just acts for low-priced goods.
" The cost tag may be anything in the least," Housley states. "Ours increases $2,000." Schnyder states his medium initial sales event is about $500, "but several of those return and order thirty copies" — which is an advance instance of the shareware pattern making on all cylinders.
It's believably real that if you offer just a $50,000 certify, you will have a more difficult time achieving mileage out of shareware — but that's a gossip on your sales pattern, not on software complexness nor cost.
Briefly, if your sales model demands a sales repp to make an in person call, you are probably to get less bang for your dollar from whatever try-before-you-buy model, whether you name it shareware or pilot projects.
If, on the other hand, about all of your sales action happens over the phone or the World Wide Web, shareware can expand your access and multiply your close ratio.
Within particular vertical recesses, those close levels will make your brain spin: Housley states that the business average for purchases from shareware downloads is about 1 percent, merely NotePage systematically closes ten to twenty percent. And amongst those who call in to get an activating key code that unlocks modern software characteristics, seventy to eighty percent end up purchasing.
Bear in mind, NotePage is attaining those sales without a sales repp ever adverting the deal.
Well, with those first myths out of the way, let us get into manoeuvres: How may you make the shareware technique trade for you?
Advice: Put a time restriction on your tests.
"The right portion of time depends on good," Collins states. "If it's complex, report a network control application, the more longsighted the better — sixty days would not be too long. If it is a consumer app, report a registry cleaner, the criterion is thirty days."
Schnyder proposes a 30-day run of his database good. "Several are relocating to a 14-day, but I believe it's app-specific," he states. "If the user has to place information in, then you require to go longer. Only if it is something like a junk e-mail filter, then it is best to keep it shorter."
Saturday, February 27, 2010
More than 100 companies targeted by Google hackers
The hackers who broke into Google two months ago have gone after more than 100 companies, according to an estimate by security vendor Isec Partners.
Researchers have been closing in on the unidentified criminals responsible for the attack over the past month. In the process, they have uncovered another 68 so-called command-and-control servers, used to control the hacked machines.
Investigators had already identified 34 hacked companies after examining the single command-and-control server used in the Google attack, and the discovery of another 68 servers could mean that many more companies were compromised than previously thought. "It's easily over 100 companies," said Alex Stamos a partner with Isec Partners.
In the weeks since Google went public with details of the hack, informal discussion lists have sprung up, including security experts and staffers from companies that have been compromised. In those discussions, "that list of control machines keeps getting longer and longer," Stamos said.
The code used in the attacks, known in security circles as Aurora, has been in use for at least 18 months, Stamos said. But the security industry was unaware of Aurora until Google discovered the intrusion last December. That allowed hackers to get onto corporate networks undetected.
Other technology companies, including Intel, Adobe, and Symantec, have also been hit by the attack, which investigators have traced back to China.
To break into victim companies, the hackers sent carefully targeted e-mail or instant messages to victims, hoping to trick them into visiting Web pages or opening malicious documents that would then attack their computers.
The worst part of the attack is what happens once the initial victim has been compromised. The hackers then use a variety of techniques to acquire additional usernames and passwords and fan out across the targeted company's network, downloading sensitive data, which is then moved offshore.
This type of targeted attack is not new, but it is dangerous because it is so good at circumventing traditional security measures, said Rob Lee, a computer forensics instructor with the SANS Institute. "We've been dealing with [these attacks] for five years," he said. "They're basically going around all the security appliances via email."
Not all of these attacks have been linked to Aurora, but Lee said that "there have been hundreds of companies infiltrated."
Stamos agreed that traditional security products such as antivirus and intrusion detection systems are not enough to stop the attack. "The interesting thing to me about these attackers is they're very patient," he said. "They'll spend a lot of time writing custom malware to get around people's antivirus."
"They'll use a social network to learn about one person in the company, and then will send emails or chats messages as that person's friend," he added.
ISec Partners has published technical recommendations for companies to follow in order to mitigate the Aurora risk.
http://www.computerworld.com
Researchers have been closing in on the unidentified criminals responsible for the attack over the past month. In the process, they have uncovered another 68 so-called command-and-control servers, used to control the hacked machines.
Investigators had already identified 34 hacked companies after examining the single command-and-control server used in the Google attack, and the discovery of another 68 servers could mean that many more companies were compromised than previously thought. "It's easily over 100 companies," said Alex Stamos a partner with Isec Partners.
In the weeks since Google went public with details of the hack, informal discussion lists have sprung up, including security experts and staffers from companies that have been compromised. In those discussions, "that list of control machines keeps getting longer and longer," Stamos said.
The code used in the attacks, known in security circles as Aurora, has been in use for at least 18 months, Stamos said. But the security industry was unaware of Aurora until Google discovered the intrusion last December. That allowed hackers to get onto corporate networks undetected.
Other technology companies, including Intel, Adobe, and Symantec, have also been hit by the attack, which investigators have traced back to China.
To break into victim companies, the hackers sent carefully targeted e-mail or instant messages to victims, hoping to trick them into visiting Web pages or opening malicious documents that would then attack their computers.
The worst part of the attack is what happens once the initial victim has been compromised. The hackers then use a variety of techniques to acquire additional usernames and passwords and fan out across the targeted company's network, downloading sensitive data, which is then moved offshore.
This type of targeted attack is not new, but it is dangerous because it is so good at circumventing traditional security measures, said Rob Lee, a computer forensics instructor with the SANS Institute. "We've been dealing with [these attacks] for five years," he said. "They're basically going around all the security appliances via email."
Not all of these attacks have been linked to Aurora, but Lee said that "there have been hundreds of companies infiltrated."
Stamos agreed that traditional security products such as antivirus and intrusion detection systems are not enough to stop the attack. "The interesting thing to me about these attackers is they're very patient," he said. "They'll spend a lot of time writing custom malware to get around people's antivirus."
"They'll use a social network to learn about one person in the company, and then will send emails or chats messages as that person's friend," he added.
ISec Partners has published technical recommendations for companies to follow in order to mitigate the Aurora risk.
http://www.computerworld.com
Microsoft Uses Court Order To Cripple Waledac Botnet
Microsoft is cracking down on botnets through the legal system -- and winning. The software giant launched a legal assault this week against networks of compromised computers controlled by hackers, and a federal judge in Alexandria, Va., agreed to its request to deactivate 277 infringing domain names.
The story began unfolding on Monday when Microsoft filed a suit specifically naming a botnet known as Waledac and 27 "John Doe" defendants. Microsoft alleged the cybercriminals broke federal laws with their scheme to create bot-herders that could be used for spamming, click fraud, denial of service, and distribution of malicious software.
According to The Wall Street Journal, Microsoft attorneys asked U.S. District Judge Leonie Brinkema to issue a restraining order under seal to allow the software giant to secretly sever communications channels to the botnet before its masterminds could reestablish links to the network. VeriSign subsequently had to temporarily shut down the domain names.
Inside Operation b49
Waledac is one of the most active spam bots -- with the capacity to send about 1.5 billion spam e-mails a day -- and is one of the 10 largest botnets in the U.S. It steals sensitive information, turns computers into spam zombies, and establishes backdoor remote access.
In fact, security experts estimate Waledac has infected hundreds of thousands of computers around the world. Microsoft's recent analysis shows that about 651 million spam e-mails attributable to Waledac were directed to Hotmail accounts alone between Dec. 3 and 21.
"The takedown of the Waledac botnet that Microsoft executed this week -- known internally as Operation b49 -- was the result of months of investigation and the innovative application of a tried-and-true legal strategy," said Microsoft Associate General Counsel Tim Cranton.
No Silver Bullet
Microsoft also been taking additional technical countermeasures to downgrade much of the remaining peer-to-peer command and control communication within the botnet, Cranton said, and will continue to work with the security community to mitigate and respond to this botnet.
"Three days into the effort, Operation b49 has effectively shut down connections to the vast majority of Waledac-infected computers, and our goal is to make that disruption permanent," Cranton said. "But the operation hasn't cleaned the infected computers and is not a silver bullet for undoing all the damage we believe Waledac has caused. Although the zombies are now largely out of the bot-herders' control, they are still infected with the original malware."
As Altimeter Group partner Michael Gartenberg sees it, cybercriminals need to be fought not only on both the technology level and the legal level. Microsoft had to think fairly creatively to find a legal principle with which it could challenge the bot herders, he said.
"At a time when computers are beyond the notion of nice to have and need to have to mission-critical, the idea of people simply attacking these systems without any means of stopping them is not acceptable," Gartenberg said. "It's good to see Microsoft on the forefront, working to stop these types of attacks and working through the system in powerful and creative ways."
The story began unfolding on Monday when Microsoft filed a suit specifically naming a botnet known as Waledac and 27 "John Doe" defendants. Microsoft alleged the cybercriminals broke federal laws with their scheme to create bot-herders that could be used for spamming, click fraud, denial of service, and distribution of malicious software.
According to The Wall Street Journal, Microsoft attorneys asked U.S. District Judge Leonie Brinkema to issue a restraining order under seal to allow the software giant to secretly sever communications channels to the botnet before its masterminds could reestablish links to the network. VeriSign subsequently had to temporarily shut down the domain names.
Inside Operation b49
Waledac is one of the most active spam bots -- with the capacity to send about 1.5 billion spam e-mails a day -- and is one of the 10 largest botnets in the U.S. It steals sensitive information, turns computers into spam zombies, and establishes backdoor remote access.
In fact, security experts estimate Waledac has infected hundreds of thousands of computers around the world. Microsoft's recent analysis shows that about 651 million spam e-mails attributable to Waledac were directed to Hotmail accounts alone between Dec. 3 and 21.
"The takedown of the Waledac botnet that Microsoft executed this week -- known internally as Operation b49 -- was the result of months of investigation and the innovative application of a tried-and-true legal strategy," said Microsoft Associate General Counsel Tim Cranton.
No Silver Bullet
Microsoft also been taking additional technical countermeasures to downgrade much of the remaining peer-to-peer command and control communication within the botnet, Cranton said, and will continue to work with the security community to mitigate and respond to this botnet.
"Three days into the effort, Operation b49 has effectively shut down connections to the vast majority of Waledac-infected computers, and our goal is to make that disruption permanent," Cranton said. "But the operation hasn't cleaned the infected computers and is not a silver bullet for undoing all the damage we believe Waledac has caused. Although the zombies are now largely out of the bot-herders' control, they are still infected with the original malware."
As Altimeter Group partner Michael Gartenberg sees it, cybercriminals need to be fought not only on both the technology level and the legal level. Microsoft had to think fairly creatively to find a legal principle with which it could challenge the bot herders, he said.
"At a time when computers are beyond the notion of nice to have and need to have to mission-critical, the idea of people simply attacking these systems without any means of stopping them is not acceptable," Gartenberg said. "It's good to see Microsoft on the forefront, working to stop these types of attacks and working through the system in powerful and creative ways."
No Explicit Category for iPhone Apps After All?
Looks like there won't be any 'Explicit' category for apps in Apple's App Store after all, as the Cupertino company reportedly removed the option from the App Store submission software.
"It's not going to happen anytime soon," an Apple representative said, according to a developer quoted by Gizmodo, after Apple removed over 5,000 adult-themed applications from the App Store, and a new 'Explicit' category was rumoured to bring them back.
Gizmodo's report follows another report from PCWorld sister publication MacWorld, who independently confirmed the existence of the new 'Explicit' category, after the Cult of Mac blog first reported on the story.
One thing we know for sure though. The 'Explicit' category for the App Store was available and developers found it when they had to submit apps in the App Store. What is unclear is whether this category will actually appear in the App Store forefront.
Apple is yet to release a statement on the matter, which leaves plenty of space for speculation on both sides of the issue. Several applications banned from the Apple App Store made headlines over the last year, including the latest adult apps, raising the question on whether Apple should be the nanny of the App Store.
The 'Explicit' option is well known to customers of the iTunes store, who had seen it for songs and videos for years now, but why shouldn't this be allowed in the App Store? The iPhone already has parental control settings for apps in the App Store, but the complaints that led to the removal of the adult content from the store tend to prove that they are not enough in some cases.
MacWorld's Serenity Caldwell outlines the irony sexy apps in the App Store, who explains that Apple told developers "under no circumstances would the company distribute applications with inappropriate content, yet by February, these ‘sexy apps' somehow numbered in the thousands before being pulled."
Apple is clearly using double standards for adult-themed apps, as the company admitted it is selective about which apps it allows in. Many adult apps though, can still be found in the App Store, as my colleague Ian Paul rounds them up.
"It's not going to happen anytime soon," an Apple representative said, according to a developer quoted by Gizmodo, after Apple removed over 5,000 adult-themed applications from the App Store, and a new 'Explicit' category was rumoured to bring them back.
Gizmodo's report follows another report from PCWorld sister publication MacWorld, who independently confirmed the existence of the new 'Explicit' category, after the Cult of Mac blog first reported on the story.
One thing we know for sure though. The 'Explicit' category for the App Store was available and developers found it when they had to submit apps in the App Store. What is unclear is whether this category will actually appear in the App Store forefront.
Apple is yet to release a statement on the matter, which leaves plenty of space for speculation on both sides of the issue. Several applications banned from the Apple App Store made headlines over the last year, including the latest adult apps, raising the question on whether Apple should be the nanny of the App Store.
The 'Explicit' option is well known to customers of the iTunes store, who had seen it for songs and videos for years now, but why shouldn't this be allowed in the App Store? The iPhone already has parental control settings for apps in the App Store, but the complaints that led to the removal of the adult content from the store tend to prove that they are not enough in some cases.
MacWorld's Serenity Caldwell outlines the irony sexy apps in the App Store, who explains that Apple told developers "under no circumstances would the company distribute applications with inappropriate content, yet by February, these ‘sexy apps' somehow numbered in the thousands before being pulled."
Apple is clearly using double standards for adult-themed apps, as the company admitted it is selective about which apps it allows in. Many adult apps though, can still be found in the App Store, as my colleague Ian Paul rounds them up.
Subscribe to:
Posts (Atom)
