Representative Expression

Here is an excerpt from a post made to a group that helps/deals with Malware reports on web sites.

I can no longer visit this site through google. "Warning - visiting this web site may harm your computer!" This is just a lie and I think we all know why this site is being persecuted. Keep your personal opinions and the opinions of your investors out of it. The deeper I dig in to the StopBadware.org manifesto the more obtuse your definitions become. A couple clicks and suddenly "Site may harm your computer" turns in to "contains or links to badware or otherwise violates Google's software guidelines." I hope someone sues you silly.

It just goes to show the general level of ignorance out there from people that:

1. Don't understand the size of the problem with regard to the sheer number of infected web sites.

2. Don't understand the dangers to there own machines when visiting such sites.

Infected Web Sites

In one case alone last week, 10,000+ sites were hacked and malware placed onto the sites.

In another case, a leading Advertising Agency that supplies adverts to 1000's of sites, unwittingly supplied an advert that carried malware.

And more alarmingly, a well known Anti-Virus/Spyware/Trojan Software manufacturer had it's own website hacked and malware placed on the site.

When Google or StopBadware report that there is malware on the site, you can bet that there is a very high probability that there is (or was at some point).  The false positive count is extremely low when you consider the number of sites that are listed.

Ok, so I open up today's spam mail folder and there at the top of the queue is a phishing email 'from' the NatWest Bank.

Clicking on the "log in" button takes you to a perfect replica of the NatWest site with a page for visitors to enter in their information to 'verify' their account.

The dead give away was the URL contained a non-NatWest looking domain.  What caught my eye this time, was the fact that I recognised the website that had been hacked.

http://www.companyA.com/folder/folder/natwest.com

rather than 

http://www.natwest.com

Rather than set up their own web server to 'host' the target bank web sites, one method the bad guys employ is to use a 'hacked' website.

In this case, the bad guys had obviously hacked their way into "Company A's" web server (who being an innocent party here, will remain anonymous).
They then uploaded their imitation "NatWest" bank site to which they would direct users from within the phishing email.
In this case, the phishing website would email any data entered into the fake form back to a central account which would be read by the attackers.

At the time of opening this email this morning, it already being detected by several anti-phishing filters, so at least those users would have been protected. (Note: If you haven't installed McAfee SiteAdvisor toolbar for Firefox or IE, then go do it now. It's free and it works).

A couple of years back I took advantage of an introductory offer on a .co.uk TLD domain name.
I can't remember the exact deal, but at the time it was something like £2 for a 2 year registration.

At the time, that was cheaper than my current registrar which worked out at about £1.99 per year, so £2 for 2 years wasn't to be scoffed at (especially when you are registering 50 or so .co.uk's a month).

The first of them is nearing renewal and so the 60 day renewal warning turned up in my inbox, and as I expected they increased their renewal price to £9.99 a year.  I'd already started the transfer to my current registrar so it wasn't a problem. As I said, I was expecting the hike, and I only registered with them to take advantage of saving a packet.

What I didn't expect was an email from Nominet.

Nominet is the Internet Registry for ALL .uk TLD's.

Here is an excerpt from a post made to a group that helps/deals with Malware reports on web sites.

I can no longer visit this site through google. "Warning - visiting this web site may harm your computer!" This is just a lie and I think we all know why this site is being persecuted. Keep your personal opinions and the opinions of your investors out of it. The deeper I dig in to the StopBadware.org manifesto the more obtuse your definitions become. A couple clicks and suddenly "Site may harm your computer" turns in to "contains or links to badware or otherwise violates Google's software guidelines." I hope someone sues you silly.

It just goes to show the general level of ignorance out there from people that:

1. Don't understand the size of the problem with regard to the sheer number of infected web sites.

2. Don't understand the dangers to there own machines when visiting such sites.

Infected Web Sites

In one case alone last week, 10,000+ sites were hacked and malware placed onto the sites.

In another case, a leading Advertising Agency that supplies adverts to 1000's of sites, unwittingly supplied an advert that carried malware.

And more alarmingly, a well known Anti-Virus/Spyware/Trojan Software manufacturer had it's own website hacked and malware placed on the site.

When Google or StopBadware report that there is malware on the site, you can bet that there is a very high probability that there is (or was at some point).  The false positive count is extremely low when you consider the number of sites that are listed.

How Safe Am I?

Gone are the days when the you could say, "But I don't use Internet Explorer, I use Firefox/Opera/Mozilla" or "I'm on a Mac/Linux" etc etc etc.

You must keep whatever system you use patched with the latest updates and with good Anti-Virus/Spyware and Rootkit detection. (If possible, use overlapping coverage from multiple products).

With one worm alone, during 2007 there were over 17,000 variants.   That's around 47 variants a day.  The worm went through multiple mutations a day !!

Most often a virus does not use a single attack vector, but will try a whole series of attacks looking at multiple security holes and it won't give in until it finds one.

Protection from the bad guys and ourselves

Not everyone is vulnerable to being infected and we are talking a very small percentage that are.  But a very small percentage of a large number of users is still a large number of machines that are being added to 'botnets' on a daily basis.  Some reports put this at hundreds of thousands of newly infected machines A DAY! And it's increasing.

Web site visitors must do their part in ensuring that their systems are fully protected, and web masters no matter whether large corporations or an "at home, one man band" must also ensure that their systems are fully protected. That includes any downloaded installations (such as blogs or forums).

Unlike the person above who appears to be in denial of any such problems, the responsibility lies at both ends of the browser! Don't become part of the problem, become part of the fight back!

For those web masters or indeed visitors out there that are not aware, StopBadWare.org is a site that lists sites that contain malware.  This article doesn't discuss how they malware got there, but more the way that Google lists them in its index.

StopBadware.org is a "Neighborhood Watch" campaign aimed at fighting badware. We will seek to provide reliable, objective information about downloadable applications in order to help consumers to make better choices about what they download on to their computers. We aim to become a central clearinghouse for research on badware and the bad actors who spread it, and to become a focal point for developing collaborative, community-minded approaches to stopping badware.

From: StopBadware.org

When a site is listed in Google as having badware on it, a warning is displayed similar to the following:

The contentious part of the above warning is the "This site may harm your computer".
When you click on the link within the Google index to a badware infected site, Google actually displays an information page telling you why you should not visit the site. (Note: I have purposely masked the name of the site above in order to protect the web site owner from being mentioned, the reasons why are discussed below).

If you want to see a warning for yourself, just go to the StopBadware.org site. In the search box, enter ".co.uk" for the search term.
Copy the 'domain name part' part of it but do not include the TLD and enter it in a Google search box.  (So if the domain was www.example-alien-web-design.co.uk, search for "example alien web design" not "example-alien-web-design.co.uk".
This 'should' display a list of search results which will have the warning displayed.
Then click the search result to see the warning page.

My personal thought is that Google should just temporarily remove the site listing from the index rather than apply a label against that site.
You have to ask why Google apply that label and prevent 'its' users from clicking on that link within it's index.
I can only guess at the following:

• Google wishes to protect its users from visiting a site that has malware on it.
  (Google has checks in place, or one would hope that they do, that prevents falsely labelling a site as hosting malware).
  
• Google is also expressing it's desire to help remove malware from the 'internet' by contacting and informing web masters of malware upon the sites it finds.
  It doesn't just list web sites, it does make a concerted effort to contact the web master of the site involved.

Google do have a right to stop users from visiting those sites infected, as potentially one could argue that they could be held responsible for forwarding its users to a site which ultimately costs the visitor time/money or both.
The problem is, that web masters feel that the label Google applies next to their entry in the index causes damage to the reputation of that web site as well as a loss of income. 

So why does Google apply a label?
Some have argued that it is the quickest method to ensure that the web master contacts them and the problem sorted.
(Sticking a big red flag next to your site does tend to bring it to your attention rather quickly when your users start complaining to you, OR, as should be happening, a good web master will find this out when he does his daily/weekly check).

I would rather Google remove the entry from the index altogether, not stick a "label" against the entry.  You can't visit the site from the link in the index anyway (without a spot of cutting and pasting - at least you can't in Firefox with my setup).You could say the link in the index is non-functional, so why bother putting it there in the first place?
Removing the infected site from the index achieves both points from above.

• It prevents Google users from visiting the site.  The result is simply not returned.
  It is no different from the supplemental index, or at least very similar to the supplemental index.
  After all, the StopBadware database is exactly that. It is an index of sites that contain or are believed to contain malware.
  Just like the supplemental index, the results are still there, but you have to search for them in a specific index. 
  
• Google can still contact web masters and let them know that their site has been placed into the 'malware' index as before.

The removal or placement into the "malware" index would be temporary. Rather than display a warning, it doesn't display anything.  No harder to code than it is at present. 

Any decent web master will be monitoring his PR and his SERP placement.  Suddenly dropping off the main Google index should be pretty obvious to them.
And if his visitors complain that they are not finding the web site in the index, that too should draw the web masters attention to a possible problem.

Google will still be trying to contact the web master and the web master should also be encouraged to join Webmaster central (http://www.google.com/webmasters/) to keep an eye on their site anyway...

However, web masters have no right what so ever to complain about the damage to their reputation.  Malware is a problem, and is far more serious to their users than a lot would lead you to believe.  Ok, you could say that around 85% of your visitors would be vulnerable to being attacked by malware (due to the browser type, security settings and whether javascript is enabled). Of of that 85%, at least 50% of them would be very vulnerable, due to no firewall, no or an outdated Antivirus/Antispyware.
So there would be a large percentage of your visitors that could potentially be damaged or effected by malware.

• You cannot say that some malware is less harmful than others.
  Malware is malware. Plain and simple.
  
• You cannot say I have a set of known visitors and I know them to be safe.
  (You are complaining about being in the Google index, therefore you are potentially available to everyone who has access to the Google index).

What damage would be done to your reputation IF, one of your users blogger on a popular forum that they went to www.example.com and they got hacked.  That www.example.com has no protection, or www.example.com has bad security. Or they blame www.example.com for them installing the malware on their computers (regardless of the fact that www.example.com had NO knowledge of the exploit in the first place).
At least an entry in the Google index as at present is temporary and will be removed once Google are assured that the malware has been removed.
An entry on a web site would be within the index for a lot longer (if not ever).
And that's if there was just one entry on one blog.  What you would do if your sites name was spread around the web by a disgruntled visitor (who was infected as a result of visiting your www.example.com)
There is no argument that the web master purposely allowed their site to become infected.
A web master of a major site earning major money will be running a much more secure system than a small time web hosting company (on a dedicated server or a shared web hosted account).  They are less likely to be the victim of an attack.
So it could appear that Google are against the smaller web hosts and web masters since you won't find big web sites listed. That is simply not the case. 
It is just the simple fact that the smaller web site, web host or web master is more vulnerable to attack since they cannot or do not spend money on massive security defenses against malware attacks.

A web master has a responsibility to protect the visitors to their site. (Whether they rely upon the web host to do this , or whether they takes charge is another matter for discussion).
Google have the same responsibility to it's users. They have chosen to protect their users by displaying a warning and not giving a clickable link to the infected web site.

I'd like to hear from Google as to why they chose the method they did, and for them to state why they don't just remove the link temporarily from the index.

A soldiers Story (fictional)

You're on your last patrol before your unit returns home after a 9month stint in Iraq.  You're on point covering for your squad as they return to the Warrior after inspecting a suspected arms dump on the outskirts of Basra.

Spirits are high because tonight's scran in the mess tent will be the last meal before you get home to your mum's Sunday roast.  In 8 hours, you'll be on the plane home in to the arms of the family you've been away from for so long. 

Your squad mates begin shouting, they are pointing towards 3 youths running out of a nearby building.  You are almost at the Warrior when there is an almighty 'whoosh', followed by a loud explosion.

 

When you open your eyes, you find yourself 20ft away from the Warrior.  You can't focus on anything, you can't hear anything. The dust is settling and you begin to see your surroundings. You try to clear the dust from your eyes, but there is something wrong. You look down towards your hand and there's nothing there. In a panic, you try to stand, but you fall over.  The bottom of your left leg is missing. In pain you slump down to the ground as the rest of your unit reaches you.

The next time you wake, you find yourself in the Military Hospital in Basra.  The medics have had to amputate your right arm from below the elbow, you've lost the left leg below the knee, and you are blind in your right eye.
After a week or so, you are transferred to the facility at Headley Court.

The above could have happened to any number of our serving personnel in Basra or in fact any of the current overseas theatre of operations.  But in this case, it's a fictional story. But there have been many of our service personnel over the years who have and are still going through similar experiences.

But the hardship doesn't end there. Once the injured personnel come back to the UK, there is yet more pain to endure, but this time by the families of the victims themselves. 
Often families have to travel hundreds of miles to visit their loved ones.  Living in a hotel or bed and breakfast is fine for a brief business trip or a short holiday, but when the family themselves are having to deal with the emotions involved with supporting an injured loved one, it creates unwanted stress.

In the US an organization known as "The Fisher House" exists which quotes the following on their web site.

Supporting America's military in their time of need, we provide "a home away from home" that enables family members to be close to a loved one at the most stressful time -- during hospitalization for an illness, disease or injury

Headley Court and the SSAFA

RAF Headley Court near Epsom in Headley, Surrey, England deals with with UK Military Forces personnel with physical disabilities obtained during service, and also deals with patients suffering from post-traumatic stress disorder.

With a dedicated staff of around 200, the care it provides is essential to the recovery of the personnel.  In 2005, Major David Bradley of the Princess of Wales‘s Royal Regiment was given a five per cent chance of survival as a result of injuries received whilst on duty in Iraq during 2004. Headley Court played a vital part in ensuring he had the best chance of recovery.

Having family around you during recovery is an important factor (and I know this from personal experience). Not only do families have to deal with looking at the some times horrific injuries to their loved ones, many patients will often reject the attention of their families, pushing them away as a result of their injuries, which causes further stress. 

The Soldiers, Sailors, Airmen and Families Association (SSAFA) exists in the UK to help out where ever it can.

The Soldiers, Sailors, Airmen and Families Association (SSAFA) Forces Help is the leading national charity committed to helping and supporting those who serve in our Armed Forces, those who used to serve, and the families of both.  We provide a reliable, caring and trusted service to more than 50,000 people each year.

36 Grays Lane

 The SSAFA were hoping to provide a home away from home for the family members visiting loved ones being treated at Headley Court, but met with some unexpected resistance from local residents.

It appears that a bunch of NIMBY's have been coming up with all sorts of reasons why 36 Grays Lane should not be used by SSAFA.  To see some of their reasons, visit the 36grayslane web site.

36grayslane has been set up to highlight the actions of the Management Company representing the local residents and to gain support for the SSAFA campaign.
If ever there was a perfect example of the phrase NIMBY, they are it.

It as if they don't want their neighborhood spoiled by having "the lower class" families of our service personal living in their area.
None of their concerns expressed (detailed at this page at 36grayslane have any merit what so ever.

Every single resident who has signed up in protest to the SSAFA proposal should be given a guided tour of Headley Court and spend time with the visiting families.

Each of the residents who signed up, should be ashamed of their selfishness and total disrespect for the families of our service men and women who have given more than most to protect our beliefs and interests.

The people at 36grayslane have a guestbook that you can sign to show your support.

There is also a petition set up on the 10 Downing Street E-Petition site.

The rest of the UK needs to show those residents of Grays Lane who are objecting just how pathetic their actions are.

I wouldn't mind if they founded their objections on anything reasonable, but they are not. Laughable at best.
If it were a travelers camp, nightclub, sex shop or something similar to those, I could see their argument. But the truth of the matter is that the house run by SSAFA would hardly be noticeable. Their argument shows snobbery and contempt beyond belief.

Over at RealTravel.com they have a great online trip planner that allows you to build your itinerary for your complete trip.

Once you have added all of your intended destinations, you can sort out the dates and route that you intend to take.
They also have a great dynamic route map that shows your planned trip in an easy to follow layout.

When trying to organize a trip like this, one of the hardest parts is having to visit multiple sites to find all the information you need.  I've used the site to plan an upcoming trip, and the trip planner made the whole thing painless.

And if you are unsure of the place you are visiting, there are plenty of reviews and photographs from others who been there previously.

It even allows you to create your own notes and any other useful links that you find and save them with your itinerary.

Once you have saved your trip, you can email it to friends and family to keep them informed about your trip. (A great idea for young people to keep parents aware of your plans).

What with all the recent rain and floods of late, I've just only found a great site for checking out the latest UK Weather Radar.

There is one at the UK Met Office but the advantage of the new one I found at Meteox is that they provide an RSS Feed (see below).

They also allow you to define your UK location using a neat Google Map API interface to give a picture of your actual location.

With the weather coming up this weekend, it might be a good idea to use something like this to keep an eye on the rain.

If you want to use the following JS on your site, just cut and paste the following code into your template where you want the feed to be used:

<script language="JavaScript" src="http://yaps4u.net/feed2js/
feed2js.php?src=http%3A%2F%2Frss.meteox.co.uk%2F&chan=y&
num=1&date=y&html=a" type="text/javascript">
</script> 

<noscript>
 <a href="http://yaps4u.net/feed2js/feed2js.php?
src=http%3A%2F%2Frss.meteox.co.uk%2F&chan=y&num=1&date=y&
html=y">View RSS feed</a> 
</noscript> 

This is a partial extract from an article I've written for another website.

You can find the full article available here (PDF | WORD | OOD)

Why you should never use an ISP Mail address for Business

As a member and contributor to various Anti-"spam" forums, this is a subject that often appears.
Now unless you have some technical understanding of how mail works, it is not surprising that many people are not aware of the pitfalls surrounding email.

This document will discuss the issue of using any ISP for email, and examine the various other options available.

The title was intended to be contentious in order to provoke the reader into understanding the concept of why it is potentially harmful to your business not to understand the effects of not controlling your email. It must also be made clear that there are good ISP’s out there with which you could have no problems what so ever, but the points raised below still hold true for ANY ISP.

Contact Email Addresses on your Web Site.

Most companies will provide an email address on their web site as a means of contact.
There are a couple of main reasons why this can lead to problems.

• Masses of “spam”.

• Users unable to send mail to the address.

• User sends mail, but it's not received by you.

Getting No Replies to your Mail?

Imagine you have received an inquiry from a customer.
You send a reply, but never hear anything back.
You send a further reply, but still nothing back.

Or imagine you send out a newsletter from your own ISP mail account.
But you have a really low return rate.

Does this mean that your customers are just not interested in you now?
(Then why would they contact you in the first place).
The chances are that the customer never received your mail in the first place.

You can find the full article available here (PDF | WORD | OOD)

When you search any popular search engine, the results are varied, cluttered and full of results that you generally have no interest in.

Masterseek is a business to business search engine.  Basically it's a yellow pages of nearly all the business links and information that you would ever need or want.  It's global too, so you are not restricted to a specific country.  To that effect, it has a nifty little search for quick searches, and a simple to use Advanced search when you really know what you are looking for, but just don't know where to find it.

To quote from their website

Masterseek® Business Search Engine

Masterseek’s global search engine provides quick and free access to company profiles, contact information, and descriptions of products and services from more than 45 million companies in 75 countries.
You can also search in your own country or worldwide and find business partners, sales opportunities and new avenues to expand your business and increase your company’s profitability
Enter your company profile and showcase your products and services to the global community

Check out masterseek for yourself.

Is it real this time? Can you really get paid for blogging?
No, I don't mean, you sign up and post on someone else's blog and they pretend to pay you in shares or something.
Or, no, I don't mean you join 1000's of other mugs who sign up and basically provide the parent sites content (which they then sell on at 100x what they paid you, or they rake in bucket loads of PPC revenue).

I mean you get paid to blog about what you choose to blog about on your own blog.

If you are going to write something on your blog anyway, what is the harm in checking on Bloggerwave, seeing if your topic is on there and getting paid a few pennies anyway.  Even if its a miserable $10, that's double what you probably (should) be paying for your monthly web hosting costs.  Write one of those a month and all your web hosting is free.

And it might even get you into the habit of blogging more regularly. 
It's a brand new site, but I was asked to check it out for a client of mine.
Sign up process was easy, nice user interface and all in all it appears a pretty good bet.

Remember, you don't have to pay them anything, you just have to post like you was going to do anyway. So what you got to lose just for looking? 
Check out Bloggerwave and make your own mind up...

I was just about to send out a task to the guy that writes articles for me today when at the last moment I thought I would check out the web site requested.

Basically the job description said something along the lines of :

Ashleysboutique.com sells inspired by handbags of Louis Vuitton, Coach, Prada, Gucci, etc. Our target market is USA fashion conscious women.

Fair do's said I.  Should be simple for them to complete.
But then visiting the web site I notice that they sell Replica Purses, Knockoff Handbags, Knockoff Wrist Bands and much much more.  I didn't realize that inspired in the job description actually mean 'knockoff' or 'replica'.  Now 'knocked off' in the UK means stolen, but these goods don't appear to be stolen.

Now admittedly, they do not hide this fact.  And since the site is based is hosted in Canada, perhaps these are legal copies of the originals and what the site is doing is legal too.

When you compare the prices of the goods at Ashleysboutique.com  to those at the original artists sites, there is a big big difference.

Louis Vuitton: luxury leather luggage, French fashion designer

Coach Leather Goods

Prada

Gucci

Now I wonder what these sites think of Ashleysboutique.com.  The site isn't new, so you would think that if it 'were' illegal in the US/Canada, it would have been shut down a long time ago.

Go visit the site and see for yourself.  If it were not for the price, you couldn't tell the difference. (Can't say anything for the workmanship, I've never seen one before).

Two people have been cautioned for using people's wi-fi broadband internet connections without permission.

Neighbours in Redditch, Worcestershire, contacted police on Saturday after seeing a man inside a car using a laptop while parked outside a house.

He was arrested and cautioned. A woman was arrested in similar circumstances in the town earlier this month.

From:  http://news.bbc.co.uk/1/hi/england/hereford/worcs/...

There are those who would argue that leaving your broadband connection open for others to share is harmless. Providing you have locked down access to machines on your internal network, what is wrong with giving away bandwidth that you are not using?

Some argue that drive-by users who enter illegal porn sites, or send massive amounts of spam would be hard to trace and that the owner of the network would held liable for any actions by these free loaders.

Wi-Fi Planet - Securing your Wi-Fi Connection

intelligentedu - 5 Simple Steps to Securing your Wi-Fi Network

Linux.com - Secure your Wi-Fi Traffic Using FOSS Utilities

From Wikipedia - Wi-Fi Social Concerns

Measures to deter unauthorized users include suppressing the AP's service set identifier (SSID) broadcast, allowing only computers with known MAC addresses to join the network, and various encryption standards. Access points and computers using no encryption are vulnerable to eavesdropping by an attacker armed with packet sniffer software. If the eavesdropper has the ability to change his MAC address then he can potentially join the network by spoofing an authorised address.

WEP encryption can protect against casual snooping but may also produce a misguided sense of security since freely available tools such as AirSnort can quickly recover WEP encryption keys. Once it has seen 5-10 million encrypted packets, AirSnort will determine the encryption password in under a second.^[10] The newer Wi-Fi Protected Access (WPA) and IEEE 802.11i (WPA2) encryption standards do not have the serious weaknesses of WEP encryption, but require strong passphrases for full security.

Recreational exploration of other people's access points has become known as wardriving, and the leaving of graffiti describing available services as warchalking. These activities may be illegal in certain jurisdictions, but existing legislation and case-law is often unclear.

However, it is also common for people to unintentionally use others' Wi-Fi networks without explicit authorization. Operating systems such as Windows XP SP2 and Mac OS X automatically connect to an available wireless network, depending on the network configuration. A user who happens to start up a laptop in the vicinity of an access point may find the computer has joined the network without any visible indication. Moreover, a user intending to join one network may instead end up on another one if the latter's signal is stronger. In combination with automatic discovery of other network resources (see DHCP and Zeroconf) this could possibly lead wireless users to send sensitive data to the wrong destination, as described by Chris Meadows in the February 2004 RISKS Digest. [3]

In Singapore, using another person's Wi-Fi network is illegal under the Computer Misuse Act. A 17 year old has been arrested for simply tapping into his neighbor's wireless Internet connection and faces up to 3 years' imprisonment and a fine.^[11]

There has been a lot of talk recently about the possible need for a "Blogging Code of Conduct" and there have been a number of events in the media recently highlighting bad behaviour by some people towards others.  (The recent incidents with Kathy Sierra  come to mind).

I was quoted in a BBC article a few days ago and a San Francisco Chronicle article on Thursday calling for a "Blogger's Code of Conduct" in response to the firestorm that has arisen as a result of Kathy Sierra's revelation that she's been targeted by a series of increasingly violent and disturbing anonymous comments on her blog and on a series of weblogs that appeared to have been created for the purpose of celebrating cyber-bullying.

Tim O'Reilly - First Discussion on Blogging Code of Conduct

We've drafted a code of conduct that will eventually be posted on bloggingcode.org, and created a badge that sites can display if they want to link to that code of conduct.

Draft Blogging Code of Conduct

And the latest story on the BBC about a blog being taken down...

A British diplomat's blog offering his thoughts on Thailand has been withdrawn after insults and accusations were posted on it by members of the public.

http://news.bbc.co.uk/1/hi/uk/6548653.stm

I can't quite see the need for such a "code of conduct" and defiantly not for a badge.
(Though I would respect other peoples use of it if they so choose).
But there is nothing in there that isn't common sense already.
I mean, "Hey!, it's my blog". I can post what I like, about who I like, when I like.
I don't force anyone to read it.
But it's not like I am going to say anything that is likely to upset someone because it's not in my nature.
And I don't allow anonymous comments on my blog and that is for spam reasons, not to prevent any old Tom, DIck or Harry from posting on my blog.
I also moderate all of my comments. If someone posts something I don't agree with, then I remove it, (in fact I just plain delete it).  And that has nothing to do with restricting free speech. I had one guy object before and I just pointed out to him that it was my blog, my website, and I could do what I bloody well liked with it. I told him that I was not stopping him from commenting on my blog, I was just not letting him do it on my own blog using my own resources. I don't have a problem with him making what ever comment he likes on his own blog.

If someone does have a blog and they post material that's is illegal, then don't go back there.
Same goes for someone who insists on making personal attacks of any kind.
They can talk to themselves and post what they want, they'll soon get bored.

IMHO, it is nothing more application of common sense, and anyone who objects to my methods on my blogs, obviously doesn't have an ounce of common sense anyway...

As to the incident with Kathy Sierra, that just beggars belief...

I've reproduced the draft code of conduct below.

This two page cheat sheet also offers a comprehensive reference to grasp of basic to advance Google query building concepts and ideas.

read more | digg story

Handy crib sheet full of information about Google Services, Hints and Tips