goowy media blog

What follows below is a somewhat lengthy and probably somewhat boring discussion with regard to some common problems related to email.  For those who want to skip the boring parts, please take a look at our faqs which describe, among other things, a common phishing attack and some issues associated with SPAM messages not sent from our servers.

During the past couple of years there has been a lot of talk revolving around improving the email protocol - SMTP (Simple Mail Transfer Protocol) - to essentially make it somewhat less simple.  The largest deficiency within the protocol is that lack of authentication which can determine that the sender of an email is really who they say they are. 

This deficiency leads to lots of SPAM and Phishing attacks. And although there are multiple possible solutions for this (sender ID, sender policy framework, domainkeys and others), we can safely assume that the larger problem will not be implemented (and therefore solved) across the Internet anytime in the foreseeable future.  For this reason, we wanted to inform the goowy user community of two types of specific issues we have seen in the past few months.

Phishing
Phishing is generally an attempt by someone with less than stellar morals to trick you into thinking that they are someone that you trust - and then getting you to submit additional information to them.  In many of these instances, our SPAM filters will determine that a phishing attack is going on and will action that message according to your Junk Mail settings.  However, there instances where the message gets by our filters and/or you may be looking through your Junk Mail folder to ensure that legitimate mail was not improperly categorized.  Here is an example of phishing email which is made to look like it is being sent by PayPal:

Dear PayPal User,

We recently noticed one or more attempts to log in to your PayPal
account from a foreign IP address.

If you recently accessed your account while traveling, the unusual log
in attempts may have been initiated by you. However, if you did not
initiate the log ins, please visit PayPal as soon as possible to update
your account:

https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run

Changing your password is a security measure that will ensure that you
are the only person with access to the account.

Thanks for your patience as we work together to protect your account.

Sincerely,
PayPal
----------------------------------------------------------------
PROTECT YOUR PASSWORD

NEVER give your password to anyone, including PayPal employees. Protect
yourself against fraudulent websites by opening a new web browser (e.g.
Internet Explorer or Netscape) and typing in the PayPal URL every time
you log in to your account.
----------------------------------------------------------------
Please do not reply to this email. This mailbox is not monitored and
you will not receive a response. For assistance, log in to your PayPal
account and click the Help link located in the top right corner of any
PayPal page.

PayPal Email ID PP321

Clicking on the link will actually take you to a site that looks like PayPal, but really isn't.  If you were to type in your username and password into this site, your PayPal account would really be compromised.  Likewise, there are emails being sent as if they are coming from us at goowy - telling you that your account is suspended.  If you get an email like this, make sure you delete it without opening any attachments and/or clicking any links in it.  We will never contact you individually to tell you there is something wrong with your account and asking you to take a corrective action.

Fake SPAM
SPAM has been around for a long time and has many distinct flavors.  There is one particular flavor of SPAM that we don't have any control over.  As mentioned previously, it's extremely simple for someone to impersonate any other user when sending email.  Since the intent of such a person is simply to get their message out to you, they actually want to ensure that replies to their messages don't go back to them (as this would add to their bandwidth, management, etc. costs).  And this results in two more problems:

1. Emails can be sent from any system with fake "From" and "Reply To" addresses.  People do this to make you think that we are responsible for the SPAM, but we really have no control over it.  The only way to know whether we sent the message or not is to look at the message headers, as described in this faq.
2. Since it's possible for someone to send an email as anyone else, it's possible for those people to actually send as YOU!  Of course you never sent the email, and so the original email will not be in your sent items, but any replies or more likely bounces, actually will go to you.  And unfortunately, there's nothing that anyone can do about this to prevent you from getting these types of messages - your only recourse is to delete them when you see them.

This should hopefully shed some light on these issues and give you greater insight.  If you have thoughts on this topic, please let us know.

- Gary (Chief SPAM Guy)

Flash 8 - Here we come!
We've been working with the folks over at Macromedia for quite some time.  A lot of our users actually found out about us through our "Site of the Day" - either back in June or the updated one in August.  They've recently written a case study about us, listed in their showcase and we're even mentioned as a place to see the Flash Player in Action. 

We've actually been running a version of goowy(re) for Flash 8 for quite a while, but we found that it wasn't getting a lot of use.  After doing even more research, we realized that over 65% of our users have already upgraded to Flash 8, but it seems that we weren't directing enough of you over to our Flash 8 implementation.

So here's the news...  we've changed our main site from Flash 7 to Flash 8.  This means that anyone that accesses our site with Flash 7 will be asked to upgrade.  Those of you on computers where you don't have the ability to upgrade Flash will still be able to access our Flash 7 version.  However, we strongly encourage those of you that can to upgrade to the Flash 8 version.  There are numerous improvements to the Flash 8 version, which will benefit the vast majority of our users, and this is the platform that we will build on for all future functionality.  In effect, although we will continue to maintain the Flash 7 version for the foreseeable future, development will no longer be done on that version.

So what are some of the benefits of moving to the Flash 8 version of goowy(re)?

• Smilies!  A ton of our users have been asking for smilies, and they're finally here.  Unfortunately, this is currently only available for Windows users running Internet Explorer 6.  In the near future, we'll be bringing this to our Firefox users, and we'll try to get to the other browsers soon after that.
• Improved Editing - Again, this applies to Windows users runing Internet Explorer 6, but the editing experience is significantly improved.  Functionality such as strikethrough text, full alignment and the ability to remove formatting are new additions, but the overall experience is much more fluid than previously.
• Attachment Uploading - One last feature for Win IE.  We now utilize the Flash uploading component to inform you of the status of the upload and minimize the liklihood of experiencing problems.  Once again, this will be rolled out to other browsers in the near future.
• Inline HTML Viewing - Finally, something for our Firefox users (at least on Windows).  You can now see HTML messages inline, without having to click the "View HTML" button.  As mentioned previously, we'll be bringing HTML editing to you in the near future as well.
• Increased Performance - Across all browsers and operating systems, Macromedia has done an excellent job of improving the performance of Flash.  We would recommend and upgrade for this one reason alone.
• Clearer Fonts - Again, Macromedia has improved the crispness of the fonts displayed with Flash.  This is pretty clear in face to face comparisons and definitely improves the overall experience.
• Attachment Downloading - We now utilize the Flash components to either open attachments or to allow you to download them.  In the near future, we'll be adding a "Save All" functionality to make it easier to save all attachments in an email.

This release is another example of our believe of continuous improvement versus delayed perfection.  We know that there's more to do, but we're confidant that this will release will be a significant improvement for the majority of our user base.

We welcome your comments to this release, once you have had a chance to explore it...

- Gary

The four of us have been aggressively building goowy.com for just about 18 months, and we're finally in a position to bring on some extremely talented individuals to join us on our journey.  We're looking for kick-ass people with great experience and vision - but we also want to ensure that we keep our lean, mean and ultra-fun culture alive and kickin.

We have six positions open, but the reality is that we are going to be extremely selective in determining the additions to our team, and as such, we'd expect to fill these positions over the next four months. Our most immediate needs are in the areas of Flash development - we just have too much to get done without help in this area - and in marketing.  If you fit the bill for these jobs and think you'd fit in with us, send an email to jobs@goowymedia.com.  If you're not the right person, but may know someone who is, send them our way!

- Gary