Is Google indexing pages from Twitter and messing with your analytics?

I just Googled for “WordPress RC” to find the release notes for the 3.5 Release Candidate.  I clicked on the result for and was taken to the correct page, nothing out of the ordinary.  I then copied the URL to share in team chat and noticed that the URL was quite long; there were some query string parameters.  The complete URL was:

The utm_source and utm_medium parameters are used by Google Analytics to segment traffic by source.  Normally you would expect to end up on this URL if you clicked from the WordPress Twitter feed.

Continue reading

Storm news roundup 13-01-12

Our favourite web(ish) stories from the week…


“The Raspberry Pi has started to be manufactured – in the Far East. The start of manufacturing is an achievement to be celebrated. The device, which will cost around £16-23, packs some serious punch:

‘HDMI for connection to a TV, USB for the keyboard, SD card for storage, and runs Linux on an ARM chip, with OpenGL ES 2.0 for the graphics. Its 700MHz ARM-11 processor is supported with 128MB of on-board memory.’


The more expensive Model B chip will also come with 10/100Mb/s Ethernet. However, the fact that a UK charity is having to build a UK designed piece of hardware outside of the UK is not to be celebrated. They tried, boy did they try, but there was one significant stumbling block:

‘Simply put, if we build the Raspberry Pi in Britain, we have to pay a lot more tax. If a British company imports components, it has to pay tax on those (and most components are not made in the UK). If, however, a completed device is made abroad and imported into the UK – with all of those components soldered onto it – it does not attract any import duty at all.’

Now to my mind, that is just about as backwards as a tax system can possibly be when you want to encourage a resurgence in manufacturing in the UK. If you agree, please sign this E-petition.


“The Education Secretary Michael Gove announced to broad acclaim (often from those of us unaccustomed to agreeing with him on anything much) from those in the software industry that the ICT curriculum is going to be overhauled, with a greater concentration on the fundamentals of computer science, logic and programming, rather than teaching people how to use products like Word and Powerpoint.

Gove summed it up pretty well: ‘Instead of children bored out of their minds being taught how to use Word and Excel by bored teachers, we could have 11-year-olds able to write simple 2D computer animations using an MIT tool called Scratch. By 16, they could have an understanding of formal logic previously covered only in University courses and be writing their own apps for smartphones.’ “


“The Google ‘Search, plus your world‘ feature (put simply: Google+ network activity pops up as search results) has dominated lots of tech headlines this week. One of the most interesting pieces about it was this one on The Daily Beast which suggests that Google is actually doing this to break into Facebook’s walled garden, albeit in a fairly spectacular roundabout route…”

Felix, Liam and Andrew all picked up on the SOPA blackout story:


“Reddit and I Can Has Cheezburger will be closing their sites on the 18th January in protest of the SOPA internet censorship bill, and Wikipedia editors are having a fierce debate whether to join in”


“Next Wednesday, the ‘front page of the internet’, Reddit, will be turning off for 12 hours, to protest the proposed US law known as SOPA. They hope to encourage more websites to join them, with a few names stepping up to make a stand.”


“In news that can only further galvanize the growing anti SOPA coalition, the latest internet juggernaut has chosen to side with the likes of Reddit and Mozilla to send a message of defiance to the proponents of the impending ‘Stop Online Piracy Act’.

In what is being hailed as one of the most monumental days in the internets history, internet comedy auteurs ‘I can haz cheezburger’ has allied itself to the anti SOPA cause, choosing to blackout all aspects of it’s hilarious meme-based original content on the 18th of this month.

I can only say i’m glad that i can one day say to my future children that I witnessed it – the day the Berlin wall fell, the day Nelson Mandela was freed from his years of incarceration, and the day went dark in protest to SOPA”

The cookie monster

As many people will remember, a while back ICO caused a bit of a stir by announcing an…interesting…new law all about cookies.

In short, the law says this:

“The rules previously required websites to tell you about cookies they used and give you information about how to ‘opt out’. Most organisations did this by putting information in their privacy policy. The new rules require in most cases that websites wanting to use cookies get consent”

Even shorter: whereas you used to have to give the option to opt out of cookies, now you have to ask people to opt in.

The first question is how this affects behaviour. The best place to ask this question (thanks for the heads-up, Matt!) is the ICO site itself, which is one of the – presumably very few – organisations actually enforcing the law right now. The first thing you notice on their site is a horrible great banner slapped across the top, advising you to opt-in. Amusingly, it turns out they do actually place a cookie without asking your consent, because it is “essential for parts of the site to operate”. (Note this for later, folks, it may be your get-out clause…).

This is all pretty horrible visually but as ever those designer types will find a way. What is more disturbing is the effect this’ll have on the functionality underlying your site. A huge number of web sites and apps these days rely on the setting of cookies, often to retain state between visits. If you log into a site, go away for a bit and come back again to find you’re still logged in – that’s almost definitely a cookie at work.

This is all fine though, right, cos any visitor seeing that banner is just going to click the link for “a better web experience”? Um, no. Not in the slightest. Here’s ICO’s visitor figures, taken from a RFI.

I’ll leave you to work out when the cookie header was implemented:

(Note that this doesn’t mean that ICO lost ~90% of their traffic. It does mean that 90% of people didn’t check the box. If you’re web-savvy you’ll notice that viewing the ICO HTML source shows no sign of a Google Analytics tag when you first go to the site. Then if you check the box and consent, the GA code appears. The missing 90% is simply not being measured, rather than not being there…)

For those who missed the history, there was a panicked moment as ICO tried to enforce this law and then almost immediately decided that they were going to give businesses a year to comply. Just recently the conversation came up again on a forum I follow and in response I threw out a tweet to ask what my web developer friends were doing about it. Mostly the answers went all a bit ostrichey: heads buried, hands over ears and “we’re relying on the fact that something this ridiculous won’t happen”, or “that old law? That got buried, right?”. Well, no. ICO claims that from May 2012, organisations have to comply.

On the surface, this is clearly ridiculous. Not only do you – as MD of ecommerce site, or web developer, or web agency, or… – have to go back to all your sites and ensure that you have the opt-in available, but you also have to re-write any functionality which relies on cookies. If you don’t, you’re going to lose that 90% too, ‘cos people aren’t going to click your checkbox, either.

One of the worries which has been aired particularly amongst my museum / not for profit / government / public body web friends is that this will lead to a two-tier scenario. Commercial organisations clearly won’t take a 90% hit, or even spend the time retrofitting their technology to make it work in a cookie-less world – but those in these public bodies will be forced to comply.

The other bit that concerns many people greatly is that web analytics – which has undergone a rather lovely evolution since Google Analytics arrived on the scene – is going to be thrown back a good 5-10 years by this move. I remember spending entire days crunching log files back in the early 2000′s, and it’s not a world I want to return to. There are some solutions out there, but they’re not established in the way that GA is.

So far there seem to be few answers, and lots – and lots – of questions….

Google SSL policy has had minimal impact on Analytics. So far.

Just over a couple weeks ago Google announced that they going to default to serving search results over HTTPS for logged in users. A consequence of the change is that the search query the user was performing is not passed through when the user clicks on a result. The SEO community had a bit of a hissy fit about this and we at Storm were worried that this would hamper our marketing efforts. However, panic ye not, as the reality is not proving to be the predicted end-of-the-Interwebs-as-we-know-it.

Today I stumbled upon a custom Google Analytics report tweeted by Avinash Kaushik which helps you measure the impact of Google’s change.  You can try out the report by  clicking here when you are logged into your analytics account.  Be warned however, the % of visits metric shown on that report represents a % of all visits, not just search.  So to determine the impact on organic search you need to do some manual work.

Armed with this new tool I thought I’d check out the impact on Storm’s site and a number of our clients.  The results: unbelievably dull.

Just under 1% of searchers for Storm Consultancy were logged in and using HTTPS.  If I exclude this blog from the data, that falls to 0.3%.  Looking through some of our bigger clients the highest impact I could find was 1.5%.  Not massively significant!

However, there is a caveat which is keeping these numbers artificially low for the time:  The change has only been applied to – so UK users going to are not yet being served over SSL.  I expect that the majority of our clients and our client’s clients fall into that group.

It’ll be interesting to see what effect there is when the change comes across the pond and then over time as Google+ grows.

Things Storm bookmarked this week / 26-10-11

This week…

Dave pointed me to the fact that Google have given their App Store a bit of a facelift. As he points out – “to say that it had a ‘hint of iTunes app store’ is possibly an understatement” – but he’s also right, it’s pretty well put together and always worth spending a bit of time poking around..

From Adam – a neat little Gem which implements scheduled background tasks in Ruby. “It provides a simple way to specify any number of jobs on easily customisable schedules. It can call into other Ruby functions in your code, perform rake tasks or execute arbitrary command line commands.”

Liam “Apple” Gladdy gave me this: a sexy little iOS-app-screen-like web GUI in coffeescript - Now I find I need to go and look up what “coffeescript” is…

And from me – this utterly awesome video/sound piece: “Entire Musical Compositions Made from Just One Line of Code“. Totally tremendous on sooo many levels :-)

Storm news roundup 21-10-11

Our favourite web(ish) stories from the week…


“Further amusing news in the ongoing saga of this government’s continued attempt to become the Galactic Empire of the UK’s internet with this story from Techdirt yesterday – with news that a parliamentary committee is suggesting that websites need to reveal the identity of anonymous posters, or be liable for what’s in those comments.

With this following the recent passing of legislation that will require UK internet users to ‘opt in’ to be able to access pornographic material at home, it seems only a matter of time before we’re level-pegging with China on the internet freedom scale.”


“This week I just want to share an infographic with you. Brought to you by the folks at MacRumors, it shows the pricing point of Apple goodies vs the average Windows PC. It goes to show how much more we value Apple. Whether we admire the innovative, highly polished products or simply yearn for the little Apple logo on the back, is for you to decide:”


“Seems that my endless moaning about the new Google web app design has gone entirely unheeded – no great surprise there :-) - Google have just announced that the new design will be rolled out to Google Reader shortly – also this video leaked out from somewhere on the web, showing a similar revamp of Gmail.

I like minimal as much as the next person, but after some months using the new design Google Docs, I still find the total lack of keylines and edges pretty difficult on the eye. When I’ve tweeted, lots of people have agreed – but clearly someone at Google has a vision, and that’s what they’re going to do…”


“deviantARt developer David Lynch has discovered an XSS vunerability in third-party ad code used by notable news nodes including CNN, The New York Times, Mashable and Fox News. As an entertaining example, he included an external Javascipt to add spinning CSS animation to all their images; but the method could be misused in a much more mischievous manner.”


“Google are going to enable SSL by default for users who are signed in ( – Secure? Yes. Web Friendly? No. – You see. By doing this, google are preventing websites find out what you searched for. This is more than a little bit of a pain, because your web analytics software won’t know what you were looking for, which is how we web developers know how to better tailor content to you!”

Things Storm bookmarked this week / 19-10-11

Things we liked this week:

Adam popped me over this rather nice interview with Peter Norvig giving a run down of AI techniques employed by Google. It’s a long piece but well worth a read as it explains how some of the magic actually works..

For once, Paul didn’t focus on the fail – this time his link (via @elliottkember) is all about testing in Ruby. It’s a tool called Heckle which will systematically break your code in every conceivable way, while running your tests. If a test doesn’t fail * then you need to get writing more. He tells me it’s a great tool for ensuring the quality of your tests, and therefore your code. [ * wait up, a fail! ]

Nicola sent me this interesting post about continual improvement and development – some really interesting stuff in there both for designers and anyone else wanting to up their game..

Liam sent over a couple: Firstly is a rather nice jQuery timeline plugin, called Timelinr (of course!). Second is the new homepage at Liam tells me that DesertBus is a charity event in which a bunch of Canadians play a mini-game from Penn and Teller’s never-released video game on Sega CD in which you drive a bus in real time, back and forth, until you get bored. They do it for charity every year – he helps them out with a bunch of graphing code of donations over time and other such analytics. Good work!

For me, it has to be the totally non-tech-related story about Fauja Singh finishing the Toronto Marathon in 8 hours 25 minutes. Pretty slow, you might think, until you realise the guy is 100 years old. Singh apparently ran his first marathon at age 89 and has since run seven more. He attributes his success to “ginger curry, cups of tea and ‘being happy’”. An amazing, inspiring story..

Finally, Andrew pointed me to this story over on TechDirt. I’ll let you read it and get cross all on your own, but in short – don’t ever point out a blindingly obvious security flaw on a bank website – it might get you into a lot of trouble. Shocking.

Storm news roundup 30-09-11

Our favourite web(ish) stories from the week…


“This week I became increasing concerned by Facebook’s policies and privacy, with various changes coming up which are concerning. The biggest of these for me is Facebook’s request to form a PAC, or Political Action Committee. This will give Facebook the power to give money to political candidates they choose, as well as collect money to funnel into political candidates. Facebook stores an awful lot of data on people and trends which could be very useful for someone standing for political office, and it worries me that my data could be used that way.”


“This week saw Amazon unveil their new Kindle lineup including the Kindle Fire – their first offering in the tablet market. At a ridiculously competitive price and with all of Amazon’s content ready to purchase I think it’s sure to be a success. But there was one feature of their announcement that caught my even more. Their new web browser, Amazon Silk. Silk is a split browser, part on the device, part in the cloud. Nobody has worked out quite what will happen where, when it’ll do it or won’t and how the magic occurs. We just know that Amazon say webpages will load faster. Lovely.

However, this does raise a couple of questions. Firstly, as web developers, we have Yet Another Bloody Browser to test in when we launch a new site. Silk is based on the WebKit rendering engine, so hopefully it will be sane, but browser manufacturers love to changes things just enough to piss us off. The second question concerns privacy. With Silk, Amazon is, by default, receiving and interpreting the content of every page you look at – including encrypted traffic. This may trouble you personally or you may not care – but the Data Protection Act will probably have something to say about it. The legality of Silk is being raised as a potential reason for it’s no show outside of the US. Time will tell.”


“Google made those of us who remember when it burst onto the search scene and promptly wiped out the competition feel very old, by turning 13. They celebrated in the usual way with a doodle. Storm favourite also chose to celebrate it – in their own inimitable style

Also on my list: launched their new developer friendly payment platform that doesn’t require a merchant account, but costs about the same as PayPal and has an exceptionally nice APi, with lots of client libraries already available. Fingers crossed this will help shake up an industry that seems to think that excessive charges, awful APIs and terrible user experience is somehow ok.”


“Well everybody likes winning really don’t they! One offline thing we’ve all really liked this week was our evening at Bath Racecourse for the Bath Business Awards. We came away finalists in both the Small Business and New Business categories, and I was lucky enough to pick up Young Business Person of the Year – which goes to show what a fantastic team we have here, without whom I wouldn’t have stood a chance. You can read a little more about it over on the Storm site.”


“My winner for ‘Mildly amusing shitstorm over nothing’ award this week goes to the Carsonified hiring-a-designer debacle that sprung up yesterday.
Part of the application process for the job was to design and code a one page dashboard app. It seems that a number of designers took exception to being asked to do what they deemed ‘spec work’ and the fact that some people already busy with client work would be ruled out of the running was also raised. My take on the issues? Suck it up. For such a fine opportunity you should be prepared to go above and beyond the call of duty, your present circumstances be damned. I think it is a brilliant test of somebody’s talents to be asked to design something on the fly, and is definitely a technique i will be using in future Storm interviews”


“Well, given that Adam chose to write about Silk (dammit, I wanted that one…!), and Liam stole the endless rant interesting paragraph I had composed about Facebook….

I guess the thing that caught my eye this week was probably news that everyone’s favourite browser – Chrome – is likely to take 2nd most popular browser spot sometime in December 2011. Pretty impressive stuff, although when you consider how blazingly fast it is, maybe not a huge surprise…”

Storm news roundup 23-09-11

Storm’s favourite web stories from the week…


“This week I’ve been induced into a Video Game coma with the launch of Gears of War 3 and OnLive, and the EuroGamer expo yesterday in London.

It’s not all play though – The OnLive service ( is a technical masterpiece.We’re huge fans of the technical challenges faced on the Internet, and that spans more than just our websites and apps. Streaming High Definition video is always a challenge, but pushing back control button data in as near realtime as possible to allow responsive gameplay – and have it actually work – is a game changer for Video Games. I don’t see it replacing your consoles for a while, but for younger kids, the price and cost of entry (basically free, but you can buy a standalone OnLive console if you don’t want to use your PC) make OnLive’s outlook very positive.”


Facebook Music to be killer… Facebook is announcing a new deep integration with Spotify which will ‘revolutionize’ the way we listen to music. Songs users listen to will be scrobbled to Facebook who will then use that data to populate your new Timeline (link somewhere) and produce recommendations from your social graph.

This all sounds very similar to – which scrobbles tracks and then produces recommendations based on friends – so not terribly revolutionary. I don’t actually see the new UI for this yet so it’ll be interesting to see how Facebook have implemented this, but given the large user base I’m pretty excited to see the recommendations it produces. I’m also really pleased for Spotify who should get a shed-load more paying customers on the back of this.”


“It’s been a bad week for online security in general and SSL specifically.

Dignotar, the disgraced Certificate Authority thoroughly hacked some months ago and was the source of fraudulent certificates thought to have been used to snoop on Iranian dissidents has been closed down. The whole mess has graphically demonstrated the fundamental flaw in the SSL certificate system: that it’s based on us trusting CAs not only to be honest, but also to be competent. Apple also got a lot of flack for taking a very long time to remove Dignotar’s certificate from OS X, and a bug prevented users from doing it themselves.

Moxie Marlinspike has a good writeup on the fundamental problems with our current model of trust on the internet, and why a DNSSEC based alternative being proposed won’t work

In other news, researchers Duong and Juliano Rizzo gave details of a vulnerability at the heart of the TLS 1.0 protocol. While TLS 1.1 and 1.2 are not susceptible, upgrading browsers, applications, and servers is proving to be rather more complex than expected.”


“This week I’ve almost solely been working on branding projects- it’s certainly my favourite discipline as a designer and the thrill of exploring and experimenting with a logo until it finally clicks is so enjoyable I often leave work with a sense of confused guilt about having had so much fun during a work day.

All this branding at Storm conveniently coincides with the ‘Brand New Conference’ which took place on the 16th- a conference held by Brand New, a popular blog chronicling corporate and brand identity work amongst high profile companies and corporations. Brand New have just released videos from the conference, the previews of which I have been enjoying this morning. It is a unique insight into the practises of the most prolific branding agencies today and at $5 each they’re very reasonable. Now where’s the Storm credit card…?”


The internet is more important than food, according to a worldwide survey carried our by Cisco this week. I’m currently in two minds as to whether this is a sad reflection on humanity as a whole, or simply a nod towards the social revolution of the past decade.

The points made by the survey are compelling: Facebook is where people ‘start’ dating, more of the worlds business in conducted online than ever before and even physical activities are today augmented by the ‘internet in my pocket’ delivered by smartphones.

This was less ‘breaking news’ to me than it was a quick pinch in the arm to take 20 seconds from my day to consider how royally buggered we’d all be without internet. Scary huh!


“I’m slightly obsessed with the trajectory that social networking is taking, what with the public opening of Google+, Facebook F8, and also a reminder email midweek from those chaps at Diaspora that they’re still going. The Diaspora email struck a chord with me – even though they’ve been an age in producing anything solid, they talk about the authenticity of connections made via good social tools. At the opposite end of the spectrum for me is the Facebook direction – and no-one summed it up more coherently than this post from Slate entitled Not Sharing Is Caring. To me, this all goes back to the classic Kevin Kelly post – we need better curation, not more sharing.”


The Failing To Do A Post For The Storm Blog Cake StickCarrot Publicly Name And Shame Fine (TM) goes to….Felix…who not only failed to write a news piece but also failed to turn up at all this morning…

He With The Hair gets to buy cake next week :-)

Things Storm bookmarked this week / 21-09-11

Another week, another bunch of interesting web happenings. Here’s a few you may be interested in:

Google+ opened their doors to everyone, with a whopping great homepage arrow thingy. At roughly the same time, I stumbled across this rather frank assessment of the service: “perfectly adequate, fun to stumble onto but completely irrelevant…”.

Many in the tech industry are taking this angle, ready to write off the service as a rather poor third (or fourth..) place to do social. Our very own Paul Leeder is of the opinion (and are many others) that Facebook is likely to be the winner in this space for the forseeable future, with – what – 750 million users..

Personally, I don’t see this as an either-or situation and reckon it’s too early to call – Google has an unbelievably wide reach and the means to lever that reach across their web estates. Still, the question about how, where and whether it fits is going to get bounced around even more now the site is open to the public..

Liam sent me a post from Engadget suggesting we might soonish be seeing the appearance of Google Voice in Europe. Not the “call some people from chat” bit which has been around for a while, but hopefully the “one number to rule them all”, which is more compelling. Having said that, the post says deployment “hinges upon legal and regulatory issues” so maybe we should forget the whole thing for at least a couple of years…

Two security stories did the rounds – Apple “dropping clangers” with OSX password security and then this other Register piece about SSL:

BEAST is like a cryptographic Trojan horse – an attacker slips a bit of JavaScript into your browser, and the JavaScript collaborates with a network sniffer to undermine your HTTPS connection,” Trevor Perrin, an independent security researcher, wrote in an email. “If the attack works as quickly and widely as they claim it’s a legitimate threat

Interesting (if slightly scary) stuff..

Finally, Adam got very excited about this video, all about the future direction of C# and Visual Basic. Apparently it includes “making asynchrony a first-class citizen in the language”. I have no idea what this means, but it sounds kinda interesting :-)