reference

051223 - WotD: resumption

Book page

resumption

From December 12th 2005 issue of Fortune magazine, the title of the article is "Conspicuous Resumption" about the large bonuses for CEOs of public companies.

From the Merriam Webster online dictionary,

    an act or instance of resuming or a return to payment in specie (in the same or like form or kind)
I'm guessing the latter.

050612 - WotD: brio

Book page

brio

From a reference about Roland Barthes' Mythologies, which I happened across from yesterday's CultureKitchen about page:

"They all have a brio and a punchy topicality typical of good journalism."

From Merriam Webster's online dictionary:

    enthusiastic vigor
similar to vivacity and verve.

050611 - WotD: semiotics

Book page

semiotics

From CultureKitchen's Liza's Biography, which I happened across from the Blogher Friday night dinner list:

"The thread that runs through my interests is very Barthes-ian. The one book that I keep referring back to his Mythologies. Even though it was the first book to look at every day life through the lens of semiotics, it is still relevant today; especially with the impact of digital media, and the endless aesthetic possibilities that it offers, on the production of every day life. Think PhotoShoped [sic] porno vis-a-vis the the "normality" of cosmetic surgery. "

From Merriam Webster's online dictionary:

    a general philosophical theory of signs and symbols that deals especially with their function in both artificially constructed and natural languages and comprises syntactics, semantics, and pragmatics

MySQL: dumping data from a single table

To dump data from a single table, use the --tables option. Otherwise, mysqldump may interpret the table name as a database name

mysqldump -p -T mySubdir --tables myDB myTable

How to Estimate a Web Site Project

Book page

From: http://www.webdevbiz.com/article.cfm?VarArtID=5

How to Estimate a Web Site Project

How to Estimate a Web Site Project

There's no getting around it - almost every web site client you'll ever have will want a cost estimate before work begins.

If the prospect makes you anxious, you're not alone. Estimating a web project is not easy to do, even for pros. In fact, some very skilled web developers I know use systems of estimating which have more in common with consulting a Magic 8-Ball than with detailing time and costs - basically, they make wild guesses. Although this may get the unpleasant task over with quickly, it's not helpful for keeping clients happy or for running a viable business.

But with some preparation and organization, estimating can be done with reasonable accuracy, and without any permanent damage to your mental health.

A Few Thoughts on Free Estimates

Some web developers offer free estimates as a matter of policy. I believe that this can be problematic, especially for very small companies, and so recommend giving it due consideration before publishing that offer.

The reasoning is simple: estimating well takes time, and not every estimate will net you a contract. Depending upon your market and the tone you set with your business, you may get a lot of "shoppers". Shoppers are looking to get estimates from several companies and compare them, and you may very well be only a pawn in their process of finding the supposedly "best deal" - or worse still, in driving the price down with someone who they've already decided to work with.

If this turns out to be the case, it's not the end of the world, of course - but how many times a month do you want to spend several hours (or more) working for someone for no pay? Of course, that decision has to be up to you.

In my business, we provide an estimate for free if we think that an accurate specification can be determined and written up within a couple of hours. If we feel that it's a complex enough project that it will take us 5-10 hours or more of meeting, talking, researching, and writing and re-writing the specifications, we charge for that time. We tell the client that we'll be spending valuable consulting time with them, determining their needs, and that we'll produce a detailed specification document and cost estimate. This information is obviously of value whether or not they decide to work with us. If they do decide to work with us, the cost of the specification-development phase is applied to the total cost of the project. Either way, their money is well-spent.

After all, developing a web site is not the same as painting the living room or fixing a leaky faucet. Free estimates and convenient price-shopping may be commonplace in a lot of industries, but they aren't necessarily appropriate for complex creative and technical work.

But whether or not you're being paid for your time, the process should be the same.

A Five-Step Process

Estimating is essentially a five-step process:

  1. Determine what the specifications are for the site
  2. Break these specifications down into as many smaller tasks as possible
  3. Figure as accurately as possible the amount of time each task will take
  4. Add up the total hours and multiply by your hourly rate
  5. Add a percentage for contingencies, add expenses, and total it all up

Determine what the specifications are for the site. This is usually the most difficult part of the process. Clients often don't have a clear idea of what they want; they need your help to clarify and articulate what kind of web site they have in mind. This can be done through in-person or telephone meetings and emails, but you have to take the wheel, and you often have to persevere through a certain amount of uncertainty, hesitance, and outright fogginess.

It's helpful to have a list of the various aspects and features of web sites to help you and the client through this process. Your conversations need to cover every aspect of the proposed web site, including:

  1. Total number of pages
  2. What kind of navigation bars or menus
  3. More than one page design?
  4. Number of custom graphics needed
  5. Number of graphics provided by the client
  6. How design-intensive a site do they want?
  7. What type of text content, provided in what form?
  8. Interactive forms? How many fields?
  9. Database-driven applications? (Detailed description of all functionality is needed)
  10. Administration areas?
  11. Domain registrations or changes?
  12. Hosting arrangements?
  13. How important is search engine positioning?
  14. Will any client training be necessary?

You won't get all of this information worked out in a single conversation. For me, the process usually involves a series of conversations and email exchanges. After the first consultation, I go over my notes, usually typing them up so that they're easier to read. I then write out a "sketchy" specification, usually somewhat vague at this point. This makes obvious what information I still need.

For instance, the client may have told me, "We want to display photos of the houses our firm has built", but I need to know more. How many photos? Displayed in what way? With thumbnails linking to larger photos? Will they need captions? In what form will he be providing the photos? These questions are jotted down for the next conversation. When I have a complete list of questions, I phone the client, making sure he has some time to spend, and I ask him the questions one by one. The discussion is usually far from linear, and may jump from one subject to the next, but I make sure that I'm in charge, and that I get the information I need. Remember, the client doesn't know how to write a specification for a web site - you do. The tangents and side-trips often provide valuable information too, so I try to be sure to listen well.

A friend of mine recently took a sales seminar, and came back very excited about what he had learned. Basically, he said, he learned that he needed to really, really listen to his potential clients and customers. This is crucial during the specification-development phase. But again, be sure that your questions are answered, and that an unfocused or overly chatty client doesn't waste everybody's time.

Always take notes when conversing with a client. Even if they are just scrawled notes, make sure you commit the crucial points of the conversation to writing, and be sure to date it.

The information you have after this second meeting may be enough to write up a detailed specification. Add the information you've gained to your sketchy specification document, and see if you can flesh it out enough that you feel you are very clear on what's expected of you - and that the client will be very clear on what he is getting for the estimated price.

A note on pinning the client down on specifications: web site clients are notorious for figuring out what they really need and want only after a contract is signed and work has begun. This is so common that there's really no point in fighting it - it's almost guaranteed that the specifications will change. No problem - but make it clear to your client that when the specifications change, the cost estimate will change as well. Say this more than once during this phase: "This specification is only a snapshot, so that I can provide an estimate. If you add or subtract significant content or features, the cost estimate will definitely change. When that happens, I'll provide you with a written description of the change and the difference in cost."

You may need more conversations, or a series of emails, to clarify the specifications. Don't rush it! Be sure that you have enough information before you commit to an estimated cost total.

Break the specifications down. Now, take each part of the specification document and break it down into as many actual tasks as possible. For instance, "Gallery of 30 photos of 6 different houses" might involve:

  1. Receiving and sorting out client's photos
  2. Cropping, sizing, optimizing, and renaming photos
  3. Working with client to figure out how to present photos
  4. Creating thumbnails
  5. Building pages
  6. Receiving client's feedback, correcting and refining gallery page design

Figure how much time each task will take. This part of the process requires a little brow-furrowing. For each task in your list, make your most honest estimate of the time it will require. Be realistic. You may want it to take one hour to build an entire page draft, but the reality is probably going to be closer to three or four hours. Give yourself enough time to do a good job! And remember - this type of time estimate is almost always short. Be generous!

Add up the total hours and multiply by your hourly rate. Even if you don't plan to charge the client by the hour, but rather by the project, figuring by the hour is the only reasonable way to go, as it's the only real available objective measure of "how much work". The client doesn't need to know anything about the hours you're estimating it will take you, but you should know this.

Figuring your hourly rate is beyond the scope of this article; we're assuming here that you have decided what you need and want to earn for each hour you work "on the clock".

Add a percentage for contingencies, add expenses, and total it all up. The "contingency allowance" is something that experienced web and graphic designers don't even question. Underestimating is so universal that providing a cushion against your own probable inaccuracy is highly advisable. Between 10-20% is typical. Expenses, of course, are any out-of-pocket costs such as the price of graphics purchased, paying subcontractors, etc. Add it all up, and there's your total!

Stand your ground. You may be tempted to shrink the total estimate down, fearing that your potential client will find it too high, but resist that urge. You came up with as accurate an estimate as possible, and it makes no sense to lower it. The client may or may not like your price, but if you offer to do the job for less than what is fair for you, no good can come of it. Stand your ground! You won't get every job, but the ones you do get will go much smoother if your estimate was accurate and fair.

UPA Conference notes

Notes from UPA Conference, that I had all over the place:

Tracking the bell curve of a league

  1. What's the level of play?
  2. More vets or more beginners?

Captain fee rebate

Mixed core: core of 6-8 players, drafting the rest of the players

During draft, show only 10 players so that people don't draft just friends

SBUL: before games skills session

Rule books for SJP&R

Fortune 20 Best Bargains for 2005

GUIDE 2005: The 20 Best Bargains in the Market

FORTUNE
Monday, December 13, 2004
By Yuval Rosenberg and David Stires

Every investor loves a soaring stock price. Problem is, we often chase those hot stocks after they've reached the ozone. Yes, most of us would do well to use the discipline of a value investor and learn the fine art of rooting around in remainder bins. If you can separate the unfairly maligned and the turn-around prospects from the stocks that deserve their outcast status, you can make quite a pretty penny. With that in mind, we tracked down top value managers, big-picture strategists—and threw in a couple of growth gurus for good measure—and got them to recommend cheap, unloved, overlooked, or simply underappreciated investments. We asked them for their single best pick right now. We can't guarantee you'll sell high, but here are some ideas on how to buy low in 2005.

ALTRIA GROUP MO
PRICE: $59
DAVID DREMAN Scudder Dreman High Return
They say that breaking up is hard to do, but Altria Group (the former Philip Morris) has decided it's the best path to happier shareholders. Altria's stock is up some 14% over the past 52 weeks. But despite a commanding market share, it trades at 11 times 2005 earnings, lower than some weaker tobacco rivals. With the stock weighed down by three major lawsuits against cigarette maker Philip Morris, CEO Louis Camilleri has acknowledged that once the litigation picture improves, the company plans to split into two or three units to unlock shareholder value. Call it the RJR strategy: First diversify into consumer goods, proclaiming it the solution to your tobacco woes; then unload those same divisions some years later on the theory that you'll do better if you focus on your core strength. A 180-degree turn it may be, but profits have been dwindling at Altria's Kraft Foods as a result of low-carb diets and high commodity prices. And whatever your feelings about cigarettes, the truth is they make money.

The spinoff—whose timing is uncertain—is one reason contrarian David Dreman continues to like Altria stock. "The sum of the parts is worth more than the whole," says Dreman, who runs more than $11 billion in various funds (including 17.3 million shares of Altria as of Sept. 30, 2004) and has averaged returns of nearly 15% a year over the past ten years at Scudder Dreman High Return Equity. The market effectively treats the U.S. operations of Philip Morris as worthless, he notes, even though the division earns about $4 billion a year. Analysts say that Altria could fetch $75 a share or more if the businesses are broken up.

AMEREN AEE
PRICE: $48
RICHARD BERNSTEIN Merrill Lynch
"If I could buy a Bentley for the same price as a Volkswagen, why wouldn't I buy the Bentley?" That's how Rich Bernstein, chief U.S. strategist for Merrill Lynch, explains his market outlook for 2005, namely that high-quality dividend-paying stocks remain the best bets. Lower-quality stocks, Bernstein says, have gotten expensive, reaching valuations similar to those of higher-quality companies. The longtime bear still expects low-single-digit returns in 2005. And he notes that the S&P 500 has eked out annualized gains of just 2% from June 30, 1998, through November 2004. In that kind of low-return market, Bernstein says, dividends become ever more important.

That's one reason Bernstein advocates the utilities and consumer-staple sectors in 2005, with health-care and pharmaceutical stocks earning honorable mention. Investors have been shunning utilities and consumer staples. But he predicts that earnings growth won't flag in those sectors as much as it will elsewhere, and risk-weary investors will turn to them for safety.

One stock he recommends is Ameren, a St. Louis-based power utility that serves customers in Missouri and Illinois. The shares have a P/E of 16 based on estimated 2005 earnings, slightly above average for a utility. But Bernstein is enamored of Ameren's electrifying 5.25% dividend yield, which he says is reason enough to buy (though he thinks the stock has room to rise too). "People should be thinking about very modest returns and the most certain way of getting those modest returns," Bernstein says. "If you get a 5% dividend yield, you're basically there."

BERKSHIRE HATHAWAY BRKB
PRICE: $2,802
WALLY WEITZ Weitz Value
In uncertain times for the stock market, who better to trust your money with than Warren Buffett? The legendary investor has been building up cash of late—his Berkshire Hathaway concluded its third quarter with a $38 billion hoard and another $23 billion in fixed-maturity securities—meaning that Buffett is primed to pounce if he spies a bargain. "The thing he does even better than running the company day to day is identifying and having the courage to commit to very big opportunities," says fund manager Wally Weitz, who has made Berkshire a top holding.

Berkshire's insurance business got whacked by this year's hurricanes, and its stock dipped after New York attorney general Eliot Spitzer announced his probe of the insurance industry. (Berkshire has not been implicated thus far.) Still, the businesses are solid, and Weitz says Berkshire's share price represents a discount of "at least 20% or 30%" to the company's underlying business value.

Forget the facile comparisons between Weitz and Buffett (two straight-arrow value investors based in Omaha). Weitz's record stands up pretty well on its own. His flagship Weitz Value fund has averaged 17% annual gains over the past decade and has beaten the S&P 500 by nearly ten percentage points a year over the past five years. Weitz himself has been husbanding his money; as of the end of the third quarter he had 24% of the fund's assets in cash. But he's still happily holding on to Berkshire. "I think it's a pretty compelling value," he says.

CHEVRONTEXACO CVX
PRICE: $53
SUSAN BYRNE WESTWOOD Holdings Group
More than anything else, energy prices have been troubling the collective mind of Wall Street in 2004. Crude-oil prices that topped $55 a barrel helped the energy sector gain 31% through November, and many money managers say the oil patch is still the place to be. "If you're looking for free-cash-flow-generating, dividend-increasing machines, it's got to be the oil companies," says Susan Byrne. Those are just the kinds of companies Byrne looks for at Westwood Holdings Group, the Dallas firm she founded in 1983, which has more than $4 billion under management, about 15% of which is in energy stocks.

Byrne says that despite the sector's gains, oil stock valuations still don't reflect the price of crude. "If it stays at $35, they're very undervalued," she says, "and if it stays at $45, they're just ridiculous." (For more, see "Three Ways to Make Money in Energy Stocks.") One of Byrne's favorites is ChevronTexaco. The integrated oil and gas giant trades at a discount to rivals in part because it has been carrying heavy debt. But ChevronTexaco has used its gushing greenbacks to retire its obligations, and as of the fourth quarter of 2004, Byrne says, the company's cash on hand equals its debt. And ChevronTexaco offers a higher dividend yield, currently 3%, than many of its competitors. Byrne expects the company to use its cash to make the payout even richer, adding to its appeal.

CITIGROUP C
PRICE: $46
RON MUHLENKAMP Muhlenkamp
Ron Muhlenkamp typically stuffs his portfolio with battered stocks that most investors won't touch. During the tech boom in the late 1990s, Muhlenkamp was scoring with dowdy, smaller bargains like Stanley Furniture. The payoff: The fund has returned 17.9% annually over the past ten years, outpacing the S&P 500 by six percentage points a year.

So it might seem surprising that his top pick now is Citigroup. Yet it makes sense: The $100 billion financial giant has taken hits from Enron, WorldCom, and other scandals. But Muhlenkamp says those problems are largely in the past, and CEO Charles Prince is improving corporate governance and risk management. "Citigroup is a good company and a great franchise," he says. What's not to like? Shares trade for just 11 times next year's forecasted earnings, a sharp discount to the S&P 500's P/E of 16, and sport a juicy 3.5% yield. Citigroup simply is, if you'll pardon the phrase, a cash machine, earning an estimated $21 billion in 2004. And Muhlenkamp expects profits to grow 12% a year, nearly twice the market's rate. "Even if the P/E doesn't change," he says, "a 12% return will be pretty good."

COVANCE CVD
PRICE: $39
BILL D'ALONZO Brandywine
An avid hunter, Bill D'Alonzo has traveled as far as Alaska, Argentina, and New Zealand in search of game. But D'Alonzo has bagged some of his most valuable prizes hunting for stocks from his Delaware office. Like any smart hunter, D'Alonzo likes to thoroughly understand his prey. He looks for stocks whose earnings are growing at 20% a year or more but are not burdened with inflated P/E multiples. He seeks out companies that will exceed Wall Street expectations and bring a "sizzle factor"—a management change or other catalyst that will get investors excited. His team not only researches prospective investments but also examines competitors, suppliers, and customers.

One recent pickup that D'Alonzo expects to show some sizzle is Covance, a $1-billion-a-year contract research firm for pharmaceutical and medical-device companies. Covance, based in Princeton, N.J., has increased its operating margins from 6.4% in 2001 to 14.1% in the third quarter of 2004. But shares suffered in recent months following the company's announcement that CEO Chris Kuebler would be succeeded in 2005 by COO Joe Herring. D'Alonzo isn't worried about the management transition, because Kuebler will stay on as chairman and Herring has been well groomed for his new post. And analysts expect the company, which trades at a 2005 P/E of 21, to step up earnings by 22% next year, making shares look cheap. Particularly in the wake of Merck's Vioxx recall, D'Alonzo adds, Covance may benefit as drug companies look for added credibility while they race to replenish their pipelines. "The Vioxx situation," he says, "makes involving a third party in the development process more appealing."

ELECTRONIC ARTS ERTS
PRICE: $52
SPIROS "SIG" SEGALAS Harbor Capital Appreciation
Sometimes you can find a value opportunity in a growth stock. That's good news because the past few years have not been kind to fans of fast and furious equities. Still, Sig Segalas, veteran manager of the $6.8 billion Harbor Capital Appreciation fund, argues that growth shares could be poised for a comeback. Corporate earnings expansion is expected to downshift in 2005, and Segalas says that slowdown will provide "unique opportunities" for investors who can sniff out exceptional earnings potential. Come to think of it, that sounds suspiciously like a value philosophy. Whatever you want to call his approach, Segalas zeroes in on stocks whose profits he thinks will jump 15% or more over 12 to 18 months, ideally those with strong defensible characteristics—a powerful brand, for example, or superior technology.

One favorite is Electronic Arts, which could be dubbed a growth stock in a value moment. EA, for those of you without kids, is the leading videogame maker and home to titles such as Madden NFL 2005 and The Sims 2. Based in Redwood City, Calif., Electronic Arts has a balance sheet to fantasize about: It has no debt and $2.5 billion in cash. And, Segalas says, with three new videogame platforms on the horizon—Sony's PlayStation Portable and PlayStation3 as well as Microsoft's new Xbox—the company will pump up profit margins in coming years and see earnings explode. Before that new-product cycle kicks in, though, profits may stagnate as the company sells games for aging systems and incurs development costs for the next-generation consoles. That, says Segalas, spells buying opportunity right now. "For a halfway-patient investor," he says, "I think the stock goes over $60."

FOREST CITY ENTERPRISES FCE.A
PRICE: $55
MARTY WHITMAN Third Ave. Value
Real estate stocks have been soaring, with the typical real-estate investment trust (REIT) rising 22% a year since 1999. But veteran value hound Marty Whitman is entranced by one stock that now fetches a restrained P/E of 12 times projected profits: Forest City Enterprises, a real estate holding company with about $1 billion in sales. Founded in 1921 as a lumber dealer, the Cleveland company has expanded to include everything from offices and hotels to apartments and master-planned communities. The company typically targets fast-growing parts of the country where real estate costs are high. Forest City is currently redeveloping the Los Angeles subway terminal and building a skyscraper for the New York Times Co. "It's the biggest blue chip you've never heard of," says Whitman, whose small-company stock fund has returned an impressive 15.3% annually over the past ten years.

Unlike most real estate firms, Forest City is structured as an operating company rather than as a REIT. That means it doesn't have to pay out all profits as dividends. While that causes a relatively low yield, it also allows the company to reinvest more earnings in the business. Forest City generates robust cash flow. And its eclectic portfolio stabilizes operating results, making the stock a strong performer. Says Whitman: "They've been superior to any other real estate firm in building value over the years."

FREDDIE MAC FRE
PRICE: $69
JIM GIPSON Clipper
The lead manager of the Clipper fund, Jim Gipson, offers Douglas MacArthur's well-worn quote, "Old soldiers never die, they just fade away," to make the case for embattled Freddie Mac, the $37 billion mortgage-finance giant. Gipson says its two intertwined controversies—the mortgage lender's accounting and how it should be regulated—are slowly receding, giving investors a prime opportunity to buy at an unusually attractive price.

Shares plunged in 2003 amid the accounting scandal that culminated with Freddie admitting it misstated earnings by billions of dollars in an attempt to show steady growth. But Gipson, whose large-stock value fund has posted a stellar ten-year 16.7% annualized return, says a stock resurgence is on the horizon. New CEO Richard Syron, a 61-year-old economist and former regulator, has made cleaning up the accounting mess his top priority and plans to have up-to-date financial results by March 2005. Gipson says the push to abolish the company's regulator and create a more aggressive agency is also fading (though Freddie could hit a few bumps if sister Fannie Mae encounters more trouble). In the meantime Freddie continues to generate a hefty 20% return on equity, significantly higher than the average S&P 500 company. The result, according to Gipson: "A very profitable company selling at under ten times 2005 estimated earnings."

HEINEKEN HINKY
PRICE: $32
TWEEDY BROWNE Global Value
Heineken is a champagne stock selling at a beer-budget price. So say the managers of Tweedy Browne Global Value, a top foreign-stock fund that has gained 12% a year in the past ten years. With $10 billion in sales, Heineken is the world's third-largest brewer, marketing its Heineken, Amstel, and other brands in more than 170 countries. The company has been clobbered by everything from the weakening dollar to smoking bans in bars in the big American market. Its share price has been on a gradual slide for several years.

Though the Tweedy Browne managers don't expect Heineken's U.S. troubles to disappear anytime soon, they argue that investors have overreacted to the headlines. They point out that the Americas account for only 12% of the company's total sales volume. Meanwhile CEO Thony Ruys is expanding into emerging markets in Russia (where beer is making inroads on vodka), China, and Africa. Like many other deep value managers, the Tweedy Browne team invests when a stock is priced at a steep discount to what it figures another buyer might pay for the company in a takeover. Given Heineken's recent woes, the stock sells for about 15 times forecasted 2005 earnings. That ratio might not seem like something to get hopped up about, but it's below that of peers such as Anheuser-Busch, which has a P/E of 17. And given Heineken's growth prospects, the stock is a relative bargain. The Tweedy Browne managers believe the shares are priced at 30% less than their true worth.

INTERPUBLIC GROUP OF COMPANIES IPG
PRICE: $13
DAVID WILLIAMS Excelsior Value & Restructuring
Corporate restructurings can be painful, but they've proven profitable for David Williams, manager of the $4.2 billion Excelsior Value & Restructuring fund. By homing in on stumbling companies in the midst of reorganizations or in consolidating industries, Williams has beaten the S&P 500 in ten of the past 12 years and averaged annual gains of about 17%, more than five points better than the S&P 500.

One current favorite is Interpublic Group, the world's third-largest advertising and marketing conglomerate. Interpublic's stock has been bludgeoned by a brutal industry downturn, bungled acquisitions, and a continuing SEC investigation into a past earnings restatement. Shares plunged from more than $34 in early 2002 to as low as $8 in early 2003. Yet Williams and other value mavens have been snapping up shares. Its P/E of 21 makes it look a bit pricey, but Williams predicts that earnings will continue to improve as the industry recovers from its slump and management reduces costs and restores margins. As that turnaround finally takes hold, Williams says, the stock should see significant gains. "It might be as high as $18," he says, "if everything works out well."

JOURNAL REGISTER JRC
PRICE: $19
JOHN ROGERS JR. Ariel
Forget bulls and bears. John Rogers says investors should emulate Aesop's tortoise, which is why he picked it as his firm's emblem and "Slow and steady wins the race" as its motto. Rogers considers only stocks trading for less than 13 times the next year's earnings, or a market capitalization at least 40% below his estimate of the company's value. By definition, the approach requires patience—he typically holds stocks for three to five years. But it works: The Ariel fund has increased 16.4% a year over the past decade, outperforming the S&P 500 by more than four points a year.

Rogers's favorite bargain is Journal Register, a small newspaper publisher with 27 dailies including the New Haven Register, Connecticut's second-largest daily. Although the stock is up slightly since he purchased it, Rogers figures that it's still about 30% undervalued. With roughly $400 million in sales, the New Jersey company pursues a "clustering" strategy, owning and operating several papers in the same market. The idea is to spread sales and back-office functions across several publications, keeping profit margins high. Acquisitions have driven up debt, depressing the share price. But with its ample cash flow, Rogers says, Journal Register will start to pay down its debt. That means, he says, that the company's shares should move out of the discount bin.

LLOYDS TSB LYG
PRICE: $33
DAVID HERRO Oakmark International
As he considers the state of today's global markets, David Herro says that Europe, one of the most troubling regions from an economic perspective, is also the most appealing from an investment perspective. At first blush that notion might seem incongruous, but it's right in keeping with Herro's value-based approach. As manager of the $4.5 billion Oakmark International fund since 1992, Herro combs foreign markets for high-quality businesses—those earning above-average returns and using free cash wisely—trading at low price/cash flow ratios.

These days he likes what he sees in blue-chip European multinationals such as Diageo and Nestlé as well as in financial services companies such as London-based Lloyds TSB Group. The fifth-largest bank in Britain (not related to renowned insurance exchange Lloyd's of London), Lloyds TSB Group stumbled badly in the bear market, hurt by its acquisition of an insurance company, Scottish Widows, in 2000.

Lloyds has made some progress of late by divesting foreign operations and improving core British operations. As a result, earnings per share increased 6% in the first half of 2004. Herro argues Lloyds' share price has been punished because investors fear that growth will be limited and the dividend, which yields an astonishing 7.5%, may have to be cut. Herro sees things much differently: "You get a bank that gets 20%-plus return on equity, has a great retail franchise, and has a new management team which has realized that this company may have rested on its laurels a little bit." Most important, he says the powerhouse dividend should be secure.

ROYAL DUTCH PETROLEUM RD
PRICE: $57
SARAH KETTERER Causeway International Value
Each week Sarah Ketterer and her co-managers at Causeway International Value screen 3,400 companies in 24 countries to uncover cheap, dividend-paying ideas. Their global bargain approach has steered their young fund to a 16.4% annualized gain over the past three years, trouncing the Morgan Stanley EAFE index by six points a year. Ketterer's buy signal is now flashing on Royal Dutch/Shell, whose shares plummeted in January after the company announced that it had overstated reserves by 24%.

The good news, says Ketterer, is that the scandal has finally spurred the world's No. 3 oil and gas player to simplify its awkward structure. Subject to shareholder approval in April, Royal Dutch/Shell will merge its two interlocking but separate entities—Royal Dutch Petroleum of the Hague and London-based Shell Transport & Trading—into a single company with a single board and chief executive officer. The long-contemplated move addresses criticisms that the structure not only confused investors but fostered the transparency and accountability problems that led to Shell's huge reserves revision. That should allow Shell to wipe out what Ketterer calls the "unjustifiably large" discount to peers such as BP and Exxon Mobil. While those stocks fetch about 15 times projected profits, shares of Shell's two holding companies go for about 11 times expected earnings. Using a very conservative estimate of $30 for a barrel of oil, Ketterer calculates the stock could run up by 20%. And of course the 4% dividend yield doesn't hurt either.

TUPPERWARE TUP
PRICE: $19
BOB OLSTEIN Olstein Financial Alert
Tupperware used to be known for the belching sound made by its containers, but the kitchenware maker has experienced some hiccups of its own. U.S. sales sagged after the Orlando-based direct seller put its products in Target stores, undercutting its main distribution channel—those famous Tupperware parties, which account for some 90% of North American revenues. Party bookings and recruiting of sales representatives sagged, and profits sank from $90 million in 2002 to $48 million in 2003.

Tupperware is still recovering from the blunder—it pulled out of Target in September 2003—but those woes haven't scared off Bob Olstein, the veteran manager of the Olstein Financial Alert fund. Olstein built his reputation as a financial sleuth in the 1970s with the well-known newsletter The Quality of Earnings Report. He established his own firm in 1995 and has returned nearly 10.5% annually over the past five years. The key, he says, is steering clear of catastrophic losses. "I'm more interested in not getting in trouble than in hitting home runs," Olstein says. To achieve that he digs through corporate numbers to determine the true financial health of prospective investments, keeping a close eye on cash flows. He likes what he sees at Tupperware. The company is steadily rebuilding its party sales. As a result, Olstein says the shares could be worth as much as $24. In the meantime, there's an enticing 4.6% dividend yield.

TURKISH INVESTMENT FUND TKF
PRICE: $13
RUDOLPH-RIAD YOUNES Julius Baer International Equity
Talk about a Turkish delight. Since Rudolph-Riad Younes recommended the Turkish Investment fund—which now holds stakes in 20 of that nation's companies—in our 2004 Investor's Guide, shares have gained more than 70%. Yet Younes thinks the $63 million closed-end fund, managed by Morgan Stanley, should continue to climb. "I really believe Turkey is one of the most interesting investment ideas over the next ten years," he says.

Younes, who has co-managed Julius Baer International Equity since 1995, considers both macroeconomic and company-specific factors in picking stocks for his diversified portfolio, which now bulges with nearly 270 names. The fund has generated a 12.7% annualized return over the past ten years, which places it in the top 1% among international stock offerings. Why his taste for Turkey? The country continues to make economic progress as it strives to join the European Union, Younes says. And whether or not it ultimately enters the European Union is less important than moving toward an "open, corruption-free, and dynamic economy"—something he says the country is doing. As long as that remains the case, the Turkish Investment fund should continue to post strong gains.

WASHINGTON MUTUAL WM
PRICE: $41
BILL NYGREN Oakmark Select
Washington Mutual, Bill Nygren's longtime favorite stock, has taken a beating lately. After riding the housing boom to become the nation's largest mortgage bank, with nearly $20 billion in sales, the Seattle thrift has been hammered by rising interest rates, which have crimped profits. It's a testament to Nygren's knack for sniffing out bargains that despite WaMu's woes, the stock is actually up 6% this year. And with a rich 4.5% dividend yield, WaMu pays out wads of cash.

Nygren has delivered a five-year annualized return of 14.5%, placing his large-stock value fund in the top percentile in its category. And the Chicago manager remains a huge WaMu fan. Shares are still selling for less than 60% of what he figures an acquirer would pay for them. Meanwhile the company, he says, is transforming itself from a mortgage lender into the leading nationwide retail bank for the middle class. WaMu's retail bank, he notes, is growing at a double-digit rate. And he thinks CEO Kerry Killinger's plan to cut $1 billion in costs from the mortgage banking business will boost that division's profits. Trading for 11 times estimated 2005 profits, the stock looks cheap. Nygren thinks WaMu shares could hit $60 in a couple of years.

WYETH WYE
PRICE: $41
TOBIAS LEVKOVICH Smith Barney
Too much, too fast. That's how Tobias Levkovich, chief U.S. equity strategist at Smith Barney, describes the market rally sparked by November's elections. Yet while Levkovich anticipates a near-term pullback, he displays tempered optimism about 2005, projecting that the S&P 500 will end the year at 1225 or higher, a 3% bump from the current 1189.

Levkovich is gravitating toward large-cap stocks these days. What's more, says Levkovich, "we think the areas that are kind of out of favor, where the earnings revisions have come down, where valuations are starting to be compelling—like pharma and media—are far more interesting." In media, for example, Levkovich points to a steady rebirth in ad spending. And while product-liability issues (read: Vioxx) and concerns about drug reimportation have pounded pharma shares, the stocks' valuations "are similar to what we saw in 1994 during the big health-care reform push," Levkovich says, adding, "These stocks look very poised for outperformance."

He recommends drugmaker Wyeth, which trades at around 15 times earnings. (Citigroup owns more than 2% of its shares.) The stock has been hurt by liability worries related to the diet drug combination fen-phen, but Levkovich says Wyeth has already set aside large reserves to cover those costs. He also points to a solid drug pipeline and the potential for future stock buybacks or dividend hikes. "The cash flow," he says, "is still phenomenal."

Creating an SSL cert

Book page

From: http://slacksite.com/apache/certificate.html

Generating an SSL Certificate with Apache+mod_ssl

Generating an SSL Certificate with Apache+mod_ssl


Introduction

This document is intended to be a quick guide to generating and installing an SSL certificate on an Apache web server with the mod_ssl module. While this is not an overly difficult process, it does involve running several long commands with numerous options. This document should be all that you need to walk you through the process of generating the certificate and installing it in your web server.

This document does not attempt to discuss compiling or installing Apache and mod_ssl. For detailed instructions on that topic, please see "Building Apache with mod_ssl and Other Modules". This document also does not attempt to discuss detailed configuration of SSL hosts in Apache. Details will be provided on setting up a basic SSL virtual host that should work in nearly all standard circumstances. Ralf Engelschall, the author of mod_ssl, maintains excellent documentation at http://www.modssl.org/docs. For information on more advanced configurations or special situations, please refer to the full documentation. In addition, the openssl toolkit provides fairly extensive man pages, which are also available in HTML format at http://www.openssl.org/docs/


Brief SSL Primer

This section will serve as a very brief introduction to SSL, the Secure Socket Layer. Cryptography is a very extensive topic which literally fills volumes of texts. The following is an extremely simplified view of how SSL is implemented and what part the certificate plays in the entire process. There may be some small inaccuracies in an effort to present the information in the easiest possible format.

Normal web traffic is sent unencrypted over the Internet. That is, anyone with access to the right tools can snoop all of that traffic. Obviously, this can lead to problems, especially where security and privacy is necessary, such as in credit card data and bank transactions. The Secure Socket Layer is used to encrypt the data stream between the web server and the web client (the browser).

SSL makes use of what is known as asymmetric cryptography, commonly referred to as public key cryptography (PKI). With public key cryptography, two keys are created, one public, one private. Anything encrypted with either key can only be decrypted with its corresponding key. Thus if a message or data stream were encrypted with the server's private key, it can be decrypted only using its corresponding public key, ensuring that the data only could have come from the server.

If SSL utilizes public key cryptography to encrypt the data stream traveling over the Internet, why is a certificate necessary? The technical answer to that question is that a certificate is not really necessary--the data is secure and cannot easily be decrypted by a third party. However, certificates do serve a crucial role in the communication process. The certificate, signed by a trusted Certificate Authority (CA), ensures that the certificate holder is really who he claims to be. Without a trusted signed certificate, your data may be encrypted, however, the party you are communicating with may not be whom you think. Without certificates, impersonation attacks would be much more common.


Generating a Private Key and CSR

The openssl toolkit is used to generate an RSA Private Key and CSR (Certificate Signing Request). It can also be used to generate self-signed certificates which can be used for testing purposes or internal usage. The utility used to do all of these tasks is known simply as openssl. It should be installed in the /usr/local/ssl/bin directory. You may want to add this directory to your PATH, or copy or link the openssl utility to a directory that is already in your PATH so that you do not have to type the full path to the executable. The examples below will assume that openssl is in a location that is accessible to you without using the full path to the command.

The first step is to create your RSA Private Key. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text. We will use several files as random seed enhancers which will help to make the key more secure. Text files that have been compressed with a utility such as gzip are good choices. The key is generated using the following command, where file1:file2:etc represents the random compressed files.

$ openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out server.key 1024

The command will prompt you for a pass-phrase and then store the key in the file server.key. It is critical that the pass-phrase be secure and not forgotten. If either the key is lost, or the pass-phrase is forgotten, the certificate will be useless! It cannot be stressed enough how important the private key is to the certificate. If the private key and pass-phrase are compromised, the certificate will have to be revoked, costing you the price of the certificate all over again if you have paid an authority for the certificate. It may be a wise idea to back this file up to secure media, such as tape or diskette.

One unfortunate side-effect of the pass-phrased private key is that Apache will ask for the pass-phrase each time the web server is started. Obviously this is not necessarily convenient as someone will not always be around to type in the pass-phrase, such as after a reboot or crash. mod_ssl includes the ability to use an external program in place of the built-in pass-phrase dialog, however, this is not necessarily the most secure option either. It is possible to remove the Triple-DES encryption from the key, thereby no longer needing to type in a pass-phrase. If the private key is no longer encrypted, it is critical that this file only be readable by the root user! If your system is ever compromised and a third party obtains your unencrypted private key, the corresponding certificate will need to be revoked. With that being said, use the following command to remove the pass-phrase from the key:

$ openssl rsa -in server.key -out server.pem

Once the private key is generated a Certificate Signing Request can be generated. The CSR is then used in one of two ways. Ideally, the CSR will be sent to a Certificate Authority, such as Thawte or Verisign who will verify the identity of the requestor and issue a signed certificate. The second option is to self-sign the CSR, which will be demonstrated in the next section.

During the generation of the CSR, you will be prompted for several pieces of information. These are the X.509 attributes of the certificate. One of the prompts will be for "Common Name (e.g., YOUR name)". It is important that this field be filled in with the fully qualified domain name of the server to be protected by SSL. If the website to be protected will be https://www.server.com, then enter www.server.com at this prompt. The command to generate the CSR is as follows:

$ openssl req -new -key server.key -out server.csr

A sample CSR generation session is shown below, with sample responses shown in bold:

$ openssl req -new -key server.key -out server.csr
Using configuration from /usr/local/ssl/openssl.cnf
Enter PEM pass phrase:Enter pass phrase here
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New Hampshire
Locality Name (eg, city) []:Nashua
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Domain.com, Inc.
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:www.domain.com
Email Address []:webmaster@domain.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:


Generating a Self-Signed Certificate

At this point you will need to generate a self-signed certificate because you either don't plan on having your certificate signed by a CA, or you wish to test your new SSL implementation while the CA is signing your certificate. In my experience dealing with Thawte, it can take up to a week or more before receiving your signed certificate. The time it takes to receive the certificate will vary based on how quickly they receive your required documentation. This temporary certificate will generate an error in the client browser to the effect that the signing certificate authority is unknown and not trusted.

To generate a temporary certificate which is good for 60 days, issue the following command:

$ openssl x509 -req -days 60 -in server.csr -signkey server.key -out server.crt


Installing the Private Key and Certificate

When Apache with mod_ssl is installed, it creates several directories in the Apache config directory. The location of this directory will differ depending on how Apache was compiled. If using my instructions on compiling Apache, the config directory is /usr/local/apache/etc. The directories mod_ssl creates include ssl.crt, ssl.csr, and ssl.key. These are good locations to store server certificates, CSRs, and private keys, respectively. If there will be multiple SSL enabled hosts on one server, it may be good practice to name the files with the fully qualified domain name of the SSL enabled host.

When adding SSL enabled virtualhosts to the web server, I prefer to keep all of the SSL virtualhosts in a separate file. This insures that all SSL hosts can be easily found in one location and helps to keep the httpd.conf file from growing too large. The SSL virtualhosts will be kept in a file called ssl.conf. In order for Apache to recognize and parse this file, it must be included in the httpd.conf file with the following directive:

Include /usr/local/apache/etc/ssl.conf


Configuring SSL Enabled Virtual Hosts

Extensive examples of SSL configurations for a virtualhost are included as part of the /usr/local/apache/etc/httpd.conf.default file installed with mod_ssl. Please refer to this file and to the mod_ssl documentation for more detailed information on configuration options. A basic SSL enabled virtualhost will appear as follows in the ssl.conf file:

# SSL Virtual Hosts
<IfDefine SSL>

<VirtualHost _default_:443>
ServerAdmin webmaster@domain.com
DocumentRoot /usr/local/apache/share/htdocs
ServerName www.domain.com
ScriptAlias /cgi-bin/ /usr/local/apache/share/htdocs/cgi-bin/
SSLEngine on
SSLCertificateFile    /usr/local/apache/etc/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/etc/ssl.key/server.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /usr/local/apache/var/log/ssl_request_log \
        "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

</IfDefine>

This will create an SSL virtualhost named www.domain.com, which is accessed via port 443 (the standard port for https) on the default IP address of the web server. It is possible to add as many additional virtualhosts as there are IP addresses that the web server listens to. Simply add additional virtualhost blocks inside of the <IfDefine SSL> and </IfDefine> tags. Due to the nature of the SSL encryption of the HTTP traffic, it is NOT possible to have name-based (HTTP1.1) SSL virtual hosts. To create a new SSL virtualhost on a different IP address, simply replace _default_ with the IP address of the virtualhost.

After adding the virtualhost to the ssl.conf file, Apache must be killed and restarted in order for it to recognize the new virtualhost. Unfortunately, this is one of the rare instances where a simple HUP signal will not work. After restarting the server, depending on whether the encrypted or unencrypted key was used, Apache will prompt you for the pass-phrase(s) of the SSL virtualhost(s). Enter the pass-phrase(s) and the web server will start.

Now, point your favorite browser to the new virtualhost you just created, remembering to use https:// instead of http://, and you should be greeted with a warning dialog if you are using the self-signed certificate. Acknowledge the dialog and the page will continue to load, protected by SSL. The status bar of your browser should be graced by the 'lock' icon, which signifies the page is protected via SSL. This is all there is to it!

Global Voices Covenant 0.2

From the Global Voices website:

We believe in free speech: in protecting the right to speak --
and the right to listen. We believe in universal access to the
tools of speech.

To that end, we want to enable everyone who wants to speak to 
have the means to speak -- and everyone who wants to hear that 
speech, the means to listen to it.

Thanks to new tools, speech need no longer be controlled by 
those who own the means of publishing and distribution, or by 
governments that would restrict thought and communication. Now,
anyone can wield the power of the press. Everyone can tell 
their stories to the world.

We want to build bridges across the gulfs of culture and 
language that divide people, so as to understand each other 
more fully. We want to work together more effectively, and act 
more powerfully.

We believe in the power of direct connection. The bond between 
individuals from different worlds is personal, political and 
powerful. We believe conversation across boundaries is 
essential to a future that is free, fair, prosperous and 
sustainable - for all citizens of this planet.

While we continue to work and speak as individuals, we also 
want to identify and promote our shared interests and goals. We
pledge to respect, assist, teach, learn from, and listen to one
other.

We are Global Voices. 

Pages