7 Tips For a Quick Startup

Le Meur, who came to Silicon Valley four years ago to launch the social-media app platform Seesmic Inc., provided this advice:

1) Don’t focus on the business plan. It’s too early for that.

2) Focus on a small niche, a white space you identify, a need that you think doesn’t have many people addressing it.

3) Choose something that you really care about or have passion for.

4) Execute as fast as you can, building something to address that narrow niche, even if it still has some bugs.

5) Launch super fast.  Reid Hoffman of LinkedIn said, “if you are not ashamed of your product when you launch it, you launched too late.”

6) Focus on the very small group of initial users of that product. Make it a community. Listen to any feedback.

7) Iterate on the feedback you get. That will make your product grow. If it doesn’t, you need to pivot or kill the idea and move to the next one.

http://blogs.wsj.com/in-charge/2011/06/29/a-tip-for-entrepreneurs-hurry-up/

All About Mobile Number Portability (MNP), Complete Guide

Today in this post I will talk about Mobile Number Portability (MNP). Mobile Number Portability is the most awaited in all over India and is finally launched on 20^th January 2011. Haryana is the first state to try it this out, in Haryana it was launched on 27^th November 2010 for testing purpose and more than 80,000 people have changed their mobile network operator using MNP. Now let me tell you what and how of Mobile number portability (MNP)

Let me tell you first how you can change your operator, here how you can

1. Send a SMS “PORT <Your Mobile Number>  to 1900
   Massage Body: PORT 9812345678
   Send to: 1900
2. Now you will receive a SMS from 1901 with a Unique Porting Code with an expiry date and time after which that code will not work if you didn’t port your number before that date
3. Now go to the nearest  Official store of the respective mobile operator you want and collect a form for mobile portability
4. Now fill that form and also in that form you need to give the Unique Porting Code (UPC) which you got while sending an SMS to 1900
5. Then submit that form to that operator from where you have collected it
6. And within seven days your number will get port to new operator

Q.1) What is Mobile number portability (MNP)?
A.1) Mobile Number Portability or MNP let you continue with your current mobile telephone numbers when you are changing from one mobile network operator to another.

Q.2) If I didn’t port my number before the expiry date of Unique Porting Code, will I not able to port anymore?
A.2) In general UPC expires after 15 days from the day you sent the SMS to 1900. And Yes, you will able to port even after UPC get expire but you have to resend the same SMS and you will get a new Unique Porting Code (UPC) which you can use it to apply.

Q.3) Will I able to transfer my current prepaid balance to new operator?
A.3) No, you will not able to transfer your current prepaid balance to new operator.

Q.4) In the process my mobile number will get disconnect?
A.4) Yes in the seven days process your mobile number will get disconnect for two hours, in the night between 11 PM to 5 AM (IST).

Q.5) Will I get charge for porting my number?
A.5) Yes, you will be changed of Rs.19 for porting your number by TRAI (Telecom Regulatory Authority of India), which you need to pay to your new operator.

Q.6) How many time I will able to change my operator?
A.6) As for now there is no limit, you can port your number as much time as you want. But you need to complete 90 days with the new operator after porting.

Q.7) I am currently using my number in West Bengal and want to port it to Delhi, will I able to do that?
A.7) No, you will not able to port your number from one state to another, you need to port within the circle (state).

Q.8) How old my number should be to port it to new operator?
A.8) Your number should be 90 days old before you can apply for porting.

Q.9) Only prepaid or only postpaid subscribers will able to take advantage of MNP?
A.9) Both prepaid and postpaid subscriber can take advantage of MNP.

Q.10) Will I able to take advantage of MNP without carry forwarding my dues of existing operator?
A.10) No, there should be no dues before you port your number to new operator.

Q.11) What are documents I need to carry when I go to apply for MNP?
A.11) You need to carry Proof Of Identity (POI) and Proof Of Address (POA)

Q.12) Will able to shift from CDMA to GSM or GSM to CDMA on MNP?
A.12) Yes you can shift from CDMA to GSM or GSM to CDMA in MNP, just you should have supported mobile for that.

Q.13) Will I able to cancel my MNP request?
A.13) Yes, you can cancel your MNP request within 24 hours from the time you requested for MNP, with a written application.

Q.14) Will I get refund of Rs. 19 porting after I cancel MNP request?
A.14) No, you will not get your refund of Rs. 19 after once you made the request for MNP by submitting the form.

Q.15) Can in use MNP for my landline phone?
A.15)  As MNP is Mobile Number Portability so it is only for mobile not for landline or any other, so answer is No.

Q.16) Will I get a new SIM card from new operator?
A.16) yes, you will get a new SIM from new operator before your number gets ported.

Q.17) Do I have to return my old SIM card?
A.17) No, in any case you don’t need to return your old SIM card.

Q.18) If I have Vodafone number register on my name and I want to transfer it to other person’s name during the process of MNP, is it possible to do?
A.18) No, you can’t transfer the number to the other person’s name during the process of MNP.

Q.19) How will I get to know, now I have to change my old SIM card with the new one or how will I get to know my number is ported to new operator?
A.19) You will get an SMS with the date and time of porting so according to that you can change your SIM card.

For testing purpose I sent an SMS to 1900 and afterwards I got a call from my operator regarding why I want to port my number. So you have a chance to demand what you want from your mobile network operator.  :p

So if you are going to change your operator then do let us know by commenting below and also with the reason so other also can know about that operator. And if I have missed any questions which you want to know regarding MNP do let me know by commenting below.

6 reasons why college is the best time to launch a start up

There’s been a lot of talk as of late regarding young entrepreneurs and the paths available to them; PayPal cofounder Peter Theil is going as far as to give 20 teams of entrepreneurs under 20 a two-year $100,000 fellowship on which to fund their next big ideas. Unfortunately, there simply aren’t that many investors out there to fund ideas from mostly unproven young adults, so it remains up to the entrepreneur to do it on their own.

For young adults, the best place to flex your entrepreneurial muscle is while you are in college — or at the very least when you are young enough to not be bogged down with a career.

College is a great place to start your venture as you have lots of free time, access to a large pool of human capital and your school can provide much-needed support. The following six points are what I have based my college endeavors around:

1. Plan for the “bridge” between college and real life

One of my main goals as a student entrepreneur was financially bridging the gap between college and the post-college world, better known as “real life”. I made it my goal to find a way to make just enough money on my own to not need a traditional job once I’m out of school.

Once you get a job, starting your own company is much harder. You’re committed to working full-time and it’s easy to become comfortable with a steady salary. I understood the chances of hitting a home run with a successful start up was low, but also that getting a full-time job lowered the chances of ever becoming a successful entrepreneur even more.

In my teens I began creating websites for fun, and eventually turned towards making websites for profit. While the sites were functional and cash flow positive, I knew they would never get big enough to sustain me. I used these ventures successively as springboards to my next idea, gradually creating more complex and successful sites.

I knew that if I kept moving, and kept thinking bigger, I could get to the point where I am today — 22 and the owner of an angel-backed start up. The odds of you hitting it big with your first venture are stacked against you, make sure you have experience running a venture, no matter how small, before you begin investing in a big concept.

2. If you’re not technical, NETWORK!

Every campus has teachers and other students that you can learn from. Find them. Find the teachers that are willing to help you create your business plan, marketing plan, or set up other introductions. If you’re not technical, network with peers who are. Sell them on your start up idea and offer equity in exchange for their services. Stop by the computer science building and post some fliers about your project. Someone is bound to see it and catch some interest.

In my case I looked for students who saw themselves as entrepreneurs. I didn’t need someone who could do a task, I needed people who were creative and innovative. One of my team members, Andrew Chalmers, was a semi-finalist in a business concept contest for Entrepreneur Magazine, obviously this was someone who has outstanding business talent and I’m excited to have him working with me.

Also, start networking outside of your campus. For example, you could work as a volunteer at a conference in order to get free admission. I did this for the Techcrunch Disrupt conference this past fall and ended up working speaker registration. I got to meet Peter Theil, Gina Bianchini, Kevin Hartz, and many other CEOs of large companies. I doubt they remember me but it was still an awesome experience to say the least! Opportunity is everywhere, go out and find it.

3. Take advantage of the business competitions on campus

I’ve never really been a fan of business competitions, primarily because of their notorious emphasis on business plans. Your business idea will change so much it’s mind blowing — so much so that writing a business plan could be counter productive.

This year, however, I won first place in the Fall 2010 CSU Chico Business Competition for my current start up, Bizness Apps, which led to my first angel investors. Two teachers involved in the competition were so impressed with my start up that they set up a lunch meeting with my current investors. Take advantage of these opportunities – even if the first place cash prize is only $300 bucks!

You never know who will be in attendance at these events, and at the very least it gives you valuable experience in pitching a concept in a professional setting. By entering business competitions you have everything to gain and nothing to lose. Don’t worry about people stealing your idea – if you don’t win the contest why would a contestant want to steal a losing idea? On the flip side, if you win people will look to you as the person who can pull the concept off.

4. Learn outside of the classroom

Build a library full of business books and read all of them. Learn to read a book in a day or two. Scan through the parts that you’re already familiar with in order to get through the book quickly. I usually aim to read 3-4 books a week. Teach yourself everything you need to know in order to make your start up successful.

Be very selective and know what you are looking to take away from every book. I wanted to focus on effective simplicity, which led me to the book Rework by the founders of 37Signals. When I wanted to learn about the early stages of startup life, I read Founders at Work by Y Combinator founding partner Jessica Livingston, a collection of interviews with largely successful entrepreneurs.

When you set out to acquire knowledge, be sure it’s relevant to your situation.

5. Use your surroundings for business idea inspiration

It only makes sense when setting out on your venture to immerse yourself in something you are knowledgeable and passionate about. In my case I looked towards my obsession with my iPhone, and I began paying attention to how smart phones were changing the way people interacted with businesses.

It wasn’t very long before I realized that there was an enormous opportunity to help the average business owner connect with their clientele on a mobile level. While I knew that a business would love to have a presence in the pocket of their customers at all times, I also wanted there to be a significant value for the person using the app as well. By looking towards my own habits, and that of my peers, I was able to develop a solution that was beneficial to both the business and consumer.

Talk often with your target markets to be sure you’re on the right path. It is so easy to get carried away with an idea that you think is great but offers little to no real value to your clients. It seems obvious, but always pay attention to feedback and structure your decisions around what your environment is telling you.

6. Just do it

This is probably my biggest piece of advice for college entrepreneurs: just do it! There is no better time in your life to start a company. You have little to no responsibilities, you’re surrounded my people who can help you, and now is the best time in your life to take on risk!

Got a business idea you’ve been bouncing around in your head? Just do it. Don’t wait until tomorrow, next week, or next month. Start building traction today.

In my experience, the biggest hurdle of starting a business is actually doing it. When you start a business, it’s fine not to know everything or even have a ‘solid’ business plan. In fact, most companies deviate significantly from their original plan! These things will fall into place and the things you learn along the way will last a lifetime. To get to this point though, you have to stop planning and start doing.

I’m a huge supporter of the “minimum viable product” business strategy, which advocates to move quickly, get your product out fast, and improve your product with feedback. You shove your product out into the market knowing it has bugs, knowing it could be improved — but you do this to simply start building your business.

By implementing this strategy you are building traction everyday. You stop thinking and you start acting. This is the single biggest step for an entrepreneur. Just do it!

Google AdSense Optimization Tips

1. Don’t Feel Shy – If you are seriously willing to monetize your website with AdSense, make sure that you place advertisements in prominent locations where visitors will notice the ads.

2. The best performing ad units for AdSense are 160×600, 336×280 and 300×250. For text only ads, you should go with the 336×380 format but in all other situations, 300×250 may be a better format since it is most popular among advertisers and also supports rich media. 160×600 can easily fit in the sidebar of your blog.

3. Web visitors have a very short attention span and majority of them may simply leave after a quick glance. Their eyes follow a F pattern so you can get good results if the Google ads are placed in the areas colored red on the heat map. Sidebars and leaderboards at the top are often ignored.

4. Depending upon the layout of your website, you should consider placing the first unit somewhere in the middle of the page and above the fold.

5. Even kids would know that AdSense works best if there are no borders and that the background color of the ads matches with the background of the page. That may not always be true and sometimes colored backgrounds (like light yellow or very light grey) can convert better – look at the top AdWords unit on the Google search page.

6. If you have a website with a dark theme (like a black background), experiment using a contrast color scheme for Google ads.

7. While it is a good idea to use section targeting around the main content, you should skip adding the section targeting tags for the comment section in your blog because the comments may not exactly convey what the page is all about. The aim is to increase the relevance of Google Ads.

8. Site visitors generally look for a search button at the top left region. Use the word “search” in the submit button else some visitors may not notice them. AdSense doesn’t allow publishers to pre-populate search boxes with keywords. Always use a second search box at the bottom of your pages and if possible, host site search on a separate sub-domain as regular readers can easily remember that address.

9. I recommend using only text ads for the first Google Ad unit but place another 300×250 unit in the sidebar (or somewhere below the fold) – these generally serve CPM based ads and will therefore help you monetize visits from places like Digg and StumbleUpon even when the bounce rate is very very high.

The CPM of ad units will decrease as you come the page but that may not be the case with link units – they are small, text based, can fit in even small locations and perform brilliant.

10. These are recommended ad placements for a website depending upon the design (two-column or three-column). If you write long articles, try fitting an ad unit somewhere in the middle of the article or at the bottom because when readers are done with reading, they’ll probably look for more resources or related information.

11. Once your new ad placement is live, make sure you test the AdSense layout with help of your grandma or subscribe to a professional mouse tracking service like CrazyEgg to know how people interact / navigate your content.

12. Sometimes traffic flowing in from Image search engines can earn you more AdSense Revenue than regular web traffic. So upload good quality images and use text captions with alt tags to make sure that blog images rank good in Image Search results.

13. Flickr is another great source of traffic (especially from Yahoo!) and you may also use it to indirectly improve your organic rankings.

14. You can also increase relevance of Google Ads on your site by linking to authority websites using descriptive anchor text. This will also help improve your organic ranks since outgoing links and citations carry weight in the eyes of the search engine who may then consider you as an authority for that niche.

15. Look for variations in Google Analytics – AdSense reports. If you are seeing impressions for a page but no CTR or CPM, chances are that the page may be serving PSAs or the ads aren’t relevant enough. You may also use the AdSense Sandbox to figure out if visitors from other countries are unable to see ads on some page that have low (or zero) CPM.

Also see: How to Enable Analytics in AdSense

16. Placement targeting is an excellent opportunity for you to market your site to potential AdWords advertisers. Therefore always make it a practice to use descriptive text when describing your AdSense channels.

17. Archives, Tags, Category or Author pages in a blog aren’t good landing pages and are hard to monetize as well. Redirect their Google juice to single post page using NOINDEX, FOLLOW tags.

18. Reward your regular visitors (I call them influences) with ad-free content. AdSense in feeds is not a loved option either so you may have use the feed footer to find spammers & feed scrappers.

19. If you run a multi-author blog, you can very easily implement AdSense Revenue sharingthrough channels. Assign a separate channel to each other and use that number for his or her blog posts.

20. AdSense Premium sites like CNN,  New York Times, About.com, etc. generally have dedicated AdSense account managers to help them optimize their Google ad units. You can study their layouts and probably implement some of the techniques in your own blog(s).

With Google AdSense, one should never feel complacent because there’s always a chance to improve earnings provided you are willing to experiment. The software theory – “If it ain’t broke, don’t fix it” doesn’t really apply here.

Javascript Injection

JavaScript Injection Overview

JavaScript is a widely used technology within websites and web based applications. JavaScript can be used for all sorts of useful things and functions. But along with this comes some additional security issues that need to be thought of and tested for. JavaScript can be used not only for good purposes, but also for malicious purposes.

Using JavaScript an individual can modify and change existing information within a form. It can be used not only to change form input tags, but also the cookie's that are currently set in the browser, and any other value within a website or web application. Any type of parameter manipulation that you want to perform can typically be done with Javascript injection.

To execute any javascript within a current session, a user would enter the specific javascript commands within the browser's url bar minus the http://. All javascript commands must start with the javascript: tag followed by any javascript command that will be executed. All javascript is ended with a ; so a user could enter multiple javascript commands, as long as each command ended with the ;

JavaScript cookie modification

Using JavaScript a user can modify the current cookie settings. This can be performed with some basic JavaScript commands. To view the current contents of your current cookie/s, use the following JavaScript command. Put this in your browser's URL bar.

javascript:alert(document.cookie);

This command will popup a box which lists your current cookies. A malicious user could use javascript to change values in the cookie. For example lets say a web application you are testing sets an authorization cookie to true when a user has successfully logged in and passed the authorization test. To change the values within the cookie, a malicious user would execute javascript like the following from the url bar within the browser.

javascript:void(document.cookie="authorization=true");

This would cause the current cookie parameter authorization=false to be changed to authorization=true. Which the malicious user might not have passed the original authorization test. The malicious user has just bypassed the authorization test and gained access to the sensitive content. As you could imagine, this could cause severe problems in privilege escalation, if the malicious user could use JavaScript injection to bypass the correct authorization process.

If you are testing for JavaScript injection and wish to see if the cookie has been altered you would execute a command similar to the following, except you would want to replace the cookie name and value with the cookie you desire to test. Start with the javascript command to alter the cookie and then tack on the javascript alert function to view what the cookie was changed to. For example

javascript:void(document.cookie="authorization=true");javascript:alert(document.cookie);

You should now be able to see the new cookie parameter in the popup box.

JavaScript HTML Form modification

You can also use javascript to modify any value with an html form, including hidden forms, and disabled forms. The following is an example of how you would set an input tag named email within form number 0 (or the first form on the page)

javascript:void(document.forms[0].email.value="test@test.com");

You will need to view the source code of the html page to determine what needs to be changed and how to change it. Verify the form number and set the correct number. The first form is always 0. Next look for the html tag you wish to change. Finally add the new value you want the html tag to be. This will allow you to modify the information within the html form.

How to protect against Javascript Injection

Always validate the input received against a whitelist. If you use a blacklist you could and probably will come up against encoding issues. Always use a whitelist when validating input.

Do not rely on client side validation to validate the user input. Client side validation is great for helping the user input correct data. But a malicious user will not use this and could bypass the client side validation. Client side validate is should never be considered as a security fix. Using javascript to validate input should not be used. As you can see javascript is very easy to change and modify on any html page.

Additionally validate the input every time, not just when the data is initially accepted. For example if you set a cookie, make sure that cookie is the same value and it is correct on each and every request. A malicious user could modify and change the value anytime during the session.

Injecting javascript into existing pages

Not only can you use javascript to manipulate parameters, cookies, but you can also inject javascript into dynamic pages to cause the page to render differently, do something else, or some other malicious thing. Think of a XSS attack.

Come back soon and we will post some examples of this.

Using JavaScript is difficult. Isn't there an easier way?

Actually there is an easier way to test for any type of parameter manipulation you can do with javascript injection. Using some type of proxy that allows you to manipulate parameters on the fly is much easier. You can do this with a number of different applications. I've included a list of some of the proxy applications that allow you to do this.

• Paros Proxy
• TamperData

There are many, many more security testing proxy tools, this is just a short list of a few of the quick, easy, and nice tools to use.