Wednesday, April 29, 2009

Sprout Update

It's been a few months since we were notified that Sprout would ditch their free service, but they didn't officially begin charging until today. For those who don't recall, their original announcement seemed to give a mere two-week grace period, which was not received well here at Truth Rally. Luckily, they didn't stick to that. According to a recent email:
What if I decide not to pay?
All customers have 60 days to sign up for one of the subscription plans (paid or free). After the two month grace period, we will turn off all sprouts for users who have not selected a subscription level.
It looks like the sprout on Truth Rally will live on until at least June 28, unless we replace it or launch the actual site before then. I'm hoping for the latter.

Drupal Security, Part 2

According to Drupal security expert Greg Knaddison, the warning that I referenced in my first post in this series is overblown. He stresses that keeping Drupal's core, modules, and themes up-to-date is the proper focus. He continues:
Much more important than any benefit you get from hiding the versions of Drupal modules you are using is the benefit to the world and the credibility you gain by writing case studies. Then if you do get hacked people will be more likely to help you.
Knaddison is the author of the forthcoming Cracking Drupal, which details best practices on keeping Drupal sites secure. It covers vulnerabilities inside and outside Drupal, how to identify them, and how to protect against them. After reviewing the table of contents, I've decided to purchase a copy and put its lessons into practice. Furthermore, I've decided to lift my self-imposed ban on publicly discussing our Drupal particulars.

Friday, April 24, 2009

Blog Milestone

This is my 100th post. As Peter Griffin said after announcing to his family that he is fat, "Let me give you a minute to absorb that."

Despite my pledge last year to avoid the fate of most blogs (i.e., abandonment), I'm still a little surprised to reach this milestone. Yes, my blogging rate has slowed since last year, but I am still doing about ten posts per month, which I think is respectable for a startup's journal. The decrease is due primarily to our shift in focus from organizational tasks to software development.

Traffic to this blog, on the other hand, has steadily increased over the past two months, thanks primarily to high rankings in Google search results. In particular, my recent post about a scam targeting LLCs has been my most popular to date: It quickly shot past 100 unique page views, each of which hopefully represents an LLC owner who avoided being victimized. Well, make that all but one (see comments).

Monday, April 20, 2009

Corporation Number

As I described in this post on TurboTax Business, our company is organized as an LLC but is taxed as a corporation; for our situation, this is the best of both worlds. This status, however, led to a problem on the California corporate tax form (Form 100), which requires a seven-digit corporation number, but has no provision for LLCs that have yet to be assigned one. I spoke with a representative at the Franchise Tax Board, who instructed me to leave it blank; however, TurboTax Business considered this an error and prevented me from e-filing the return. I ended up entering all zeroes as a compromise.

As it turns out, this solution worked: We have just received a notice from the FTB assigning our LLC a corporation number. The notice instructs us to use the new identification number "on all California corporation income tax returns, payments, and documents" we file with them.

Wednesday, April 15, 2009

Drupal Security

In an effort to help others, I had planned on sharing our experiences with Drupal as we develop Truth Rally; however, I have since learned that this can pose security risks. For example, revealing any installed modules or themes can make it easier for someone to exploit known vulnerabilities. Even revealing the version of Drupal that is used on a site can make it more vulnerable to attack. As a result, I will only be offering general updates on our development. Those of you who are disappointed can thank all the cyber-assholes out there for ruining yet another good thing.

Update: See our policy update here.

Tuesday, April 7, 2009

Annual Review Board Scam

Speak of the devil! Shortly after receiving a warning about bogus solicitations, we were targeted with a scam letter from an organization that calls itself Annual Review Board and is based in Los Angeles. In bold letters, they admonish us to "Remit Immediately" in order to "Avoid Penalties, Fines and Suspensions." Here is a copy of the letter:

They want you to pay $228 for something you can do yourself—just as easily—for $20. Now that's chutzpah. Moreover, it's highly unlikely that they will actually file a Statement of Information (Form LLC-12) on your behalf, which means you could end up missing your actual deadline with the California Secretary of State and thus owe a penalty of $250. I feel sorry for any business owners who wind up paying $498* for something that should have cost them $20. In an obvious attempt to keep their sorry butts out of jail for mail fraud, they include this statement: "This product or service has not been approved or endorsed by any Government Agency, and this offer is not being made by an agency of the Government." Duh.

The form itself appears professional, complete with an official-looking seal featuring an eagle and shield. It also includes the LLC's file number, which is issued by the Secretary of State; however, this number, as well as the LLC's business address, is public record. As for the due date, they apparently just chose a day this month—to add to the urgency—instead of the actual due date. To paraphrase Maxwell Smart, If only they had used their skills for niceness instead of evil.

Update: For information on the legality of this scam, read about the Attorney General's position.

*Swindler's fee ($228) plus late filer's penalty ($250) plus LLC-12 filing fee ($20).

Friday, April 3, 2009

SEO, Part 5

March was the first month in which the majority of visitors to this blog arrived via search results. It is an encouraging milestone, which was achieved by following the SEO strategies described in a prior post. Apparently, one of the most helpful strategies is putting relevant search keywords in the URL, which on Blogger is based on a post's original title (or first several words, in the absense of a title).

Nearly all of the organic referrals to this blog have come from Google, so I was curious about one of the referrals from an unfamilar site called Kosmix. I did a little research, and found that my post on TurboTax Business was that site's top search result on the subject. Cool! After looking a little closer, though, it turns out that Google was ultimately responsible for that referral, too: