The Good NET Guide

Posts Tagged ‘database’

Company meetings are a nearly universally hated thing. No matter what line of work you’re in, most are simply a waste of time. And even when they’re important and necessary, they’re still likely inefficient. A new startup aims to show you just how wasteful they are.

MEETorDIE is an online tool that asks you to put in information about your meeting, including what company you work for, what industry you’re in, how big the company is, how long the meeting is, and who is attending. When you submit that information, you’re taken to a page that shows how much money your company wasted with that meeting. Below that, you can see the aggregate statistics for how much money your company has wasted on meetings total.

Depending on how wasteful your meeting is, MEETorDIE’s mascot, Goolah, will be shown in different precarious situations incorporating imagery from other popular startups, such as Foursquare and Twitter. More importantly, MEETorDIE suggests how the money being wasted during these meetings might be better spent, such as donating money for drinking water for Africa.

On the main page of the site you can also see other people around the world bitching about their meeting. And anyone can comment anonymously on these meeting notes.

MEETorDIE calculates the amount of money being wasted by pulling information from a number of online resources including the Department of Labor. If your company is in their database, they can also pull the average salaries for the people in the meeting to give you an accurate estimate on how much money your company is wasting.

MEETorDIE is the first project by the Mountain View-based bootstrapped startup Vaporware Labs. The company was started by former EA and Apple employees.

In my last post, I discussed how the gap between the web and enterprise-computing worlds has narrowed. Some of the Valley’s developers are now building web-based systems that make old-world transaction processing seem like child’s play. After all, Twitter processes more transactions per day (in the form of messages) than the systems of many large corporations process in a month. Applications that would take years to design and develop can now be built in weeks.

I called on Silicon Valley entrepreneurs to rescue the California government—to help rebuild its legacy systems. I also went out on a limb and “bet” that an unemployment check-processing system that California State had budgeted $50 million to upgrade could be rebuilt from scratch for a tenth of the cost, in a fraction of the time.

To my surprise, Joanne Moretti, Senior Vice President of Product Marketing at software giant Computer Associates, posted comments saying I was naïve and clueless. Her demand: “don’t kick something you know absolutely squat about”. It was clear that my post had angered her. But what I think was behind these comments was the need for her to defend her aging product stream. She claimed that CICS/IMS (tele-processing monitors developed in the ’60s), “are two of the fastest transaction engines in the world, and could very well be valuable pieces of a well designed well integrated environment”. (Joanne, no hard feelings, but I don’t think that you’re going to sell any CICS/IMS systems in the Valley. And please ask your CEO, John Swainson, about my background. During his days at IBM, he licensed my technology to provide the backbone for IBM’s large-scale client–server systems-development tools).

But on the flip side, two entrepreneurs agreed to step up to the challenge. Jeff Whitehead, CEO of Real Time Matrix (who I had mentioned in my post), wrote:

We accept the challenge.

Real Time Matrix will make a $5 million bid to produce a 100% non-proprietary system to process California’s unemployment checks upon receipt of detailed specifications, and we’ll deliver the solution in less than a year.

I invite the State to reach out so we can help to free you from the strangle hold that companies like CA [Computer Associates] have been exerting. We’re here, able and willing to help.

Disclosure: Jeff worked at both of my startups. He has a reputation for delivering more than he promises. So I take his words very seriously.

Another entrepreneur who agreed to take the challenge is Scott Broomfield, CEO of Veeple, which provides cloud-based online video support. Here is part of what he wrote:

I will also rise to the challenge (along with Jeff) of delivering a solution to process CA’s unemployment checks, subject to seeing the detailed specification for $5M within one year of the sign-off of the system spec or FRD.

Note the qualifier in my acceptance of the challenge; that we could do it within 1 year of the time the FRD (Functional Requirements Doc) is signed-off. We would build it using COTS tools and databases and deliver the solution securely in the ‘Cloud.’ As some have noted in this amazing thread, often the issue with time and cost has more to do with government processes and regulations than with the technology. That said, as long as we have access to the State’s databases and as long as we can read AND write to those databases, we will do it for $5 million.

Scott is rightfully nervous about government bureaucracy. But he and his CTO, Craig Sproule, too have a solid track record of building large-scale enterprise systems. I believe they too can deliver what they promise.

To be clear, we’re talking about a system that processes payments for fewer than 1 million individuals. One reader wrote that he believes he could run the entire system from his laptop (and fit the database on a 32GB flash drive). I’m sure the system is much more complex than this. But I have little doubt that a new, stand-alone system could be developed for less than $5 million. I suspect that Jeff and Scott see this as a good alternative to raising venture capital and that that’s why they’re throwing their hat in the ring.

Does anyone else want to bid? Do I hear $4 million? ….

I also wanted to reach out to California State CIO, Teri Takai, and CTO, P.K. Agarwal. Teri/P.K.: I know you’re doing your best to modernize the legacy you inherited and that you have made great progress. How can we balance the scales so that entrepreneurs like Jeff and Scott have a chance to take on the giant state contractors who win all the bids and reap the fortunes? I think you’ll agree that we can save taxpayers many hundreds of millions of dollars and greatly improve public services if we get this one right.

Photo credit: Flickr/Matthew Smith.

Editor’s note: Guest writer Vivek Wadhwa is an entrepreneur turned academic. He is a Visiting Scholar at UC-Berkeley, Senior Research Associate at Harvard Law School and Director of Research at the Center for Entrepreneurship and Research Commercialization at Duke University. Follow him on Twitter at @vwadhwa.

Here’s the skinny: The new Cobra XRS 9970G and XRS 9965 both feature a 1.5-inch full color touchscreen. Neat, eh

Go here to read the rest: 
Cobra brings touchscreens to its radar detector line

Earlier today news spread that social application site RockYou had suffered a data breached that resulted in the exposure of over 32 Million user accounts. To compound the severity of the security breach, it was found that RockYou are storing all user account data in plain text in their database, exposing all that information to attackers. RockYou have yet to inform users of the breach, and their blog is eerily silent – but the details of the security breach are going from bad to worse.

The first issue is that RockYou attempted to downplay the entire incident, first by covering it up by not notifying users and then downplaying it in an official statement as being an issue that only affected ‘older’ applications. The hacker responsible for the initial breach published a small portion of the dataset he had retrieved and was able to show that not only did he have access to their entire database, but also passwords were stored in the clear. This matter now appears worse than originally suspected as the dataset also contains a table where RockYou have stored user credentials for social networks and other partner sites.

The database consists of a table containing partner data, and another table that has stored the credentials for those partner sites that users have entered. This includes social networks such as MySpace but also webmail accounts.

Data UserAccount [32603388]
================
1|jennaplanerunner@hotmail.com|mek*****|myspace|0|bebo.com
2|phdlance@gmail.com|mek*****|myspace|1|
3|jennaplanerunner@gmail.com|mek*****|myspace|0|
5|teamsmackage@gmail.com|pro*****|myspace|1|
6|ayul@email.com|kha*****|myspace|1|tagged.com
7|guera_n_negro@yahoo.com|emi*****|myspace|0|
8|beyootifulgirl@aol.com|hol*****|myspace|1|
9|keh2oo8@yahoo.com|cai*****|myspace|1|
10|mawabiru@yahoo.com|pur*****|myspace|1|
11|jodygold@gmail.com|att*****|myspace|1|
12|aryan_dedboy@yahoo.com|iri*****|myspace|0|
13|moe_joe_25@yahoo.com|725*****|myspace|1|
14|xxxnothingbutme@aol.com|1th*****|myspace|0|
15|meandcj069@yahoo.com|too*****|myspace|0|
16|stacey_chim@hotmail.com|cxn*****|myspace|1|
17|barne1en@cmich.edu|ilo*****|myspace|1|
18|reo154@hotmail.com|ecu*****|myspace|1|
19|natapappaslie@yahoo.com|tor*****|myspace|0|
20|ypiogirl@aol.com|tob*****|myspace|1|
21|brittanyleigh864@hotmail.com|bet*****|myspace|1|myspace.com
22|topenga68@aol.com|che*****|myspace|0|
23|marie603412@yahoo.com|cat*****|myspace|0|
24|mellowchick41@aol.com|chu*****|myspace|0|
25|baiko0o@aol.com|may*****|myspace|0|
26|indahamzah84@hotpop.com|lov*****|myspace|0|

The initial exploit took advantage of a trivial SQL injection vulnerability, a technique that has been well documented for over a decade. The method of vulnerability is extremely basic in execution, yet catastrophic in impact – which RockYou, and the sites users, are now learning the hard way. It is more of a surprise that this had not happen sooner – as the RockYou platform is a swiss cheese of security vulnerabilities and poor practices.

Where RockYou Went Wrong

Poor password policies

RockYou account creation only enforced password of a minimal length of 5 characters, there was no requirement for mixed-case, numbers or punctuation. The platform actually encouraged simple passwords by not allowing any punctuation at all.

Passwords in the clear

RockYou are still storing passwords in the clear, and transporting user passwords in the clear via email. Despite the attack taking place over 10 days ago now and RockYou knowing about the attack, a user signing up for a RockYou account today will still have their password stored as plain text and emailed to them in the clear.

The password anti-pattern

RockYou prompted users to enter their third-party site credentials directly into the RockYou site when sharing data or an application. The Facebook integration requires proper Facebook authentication, and MySpace integration today applies similar techniques, but for most of the other sites the same old crazy password request form is still present. Telling your users that you will not store their password is not a solution.

Terrible Response

RockYou knew about the breach days ago, and it took a taunt from the hacker for the issue to become well-known and for RockYou to issue a response (although their users are still not aware of the issue, unless they are reading the news online).

The sites privacy policy and the related ’security’ section state:

Our Commitment To Data Security:
RockYou! uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. We cannot, however, ensure or warrant the security of any information you transmit to RockYou! and you do so at your own risk. Once we receive your transmission of information, RockYou! makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

If RockYou! learns of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. RockYou! may post a notice on the RockYou! Sites if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free written notice of a security breach (or to withdraw your consent from receiving electronic notice) you should notify us using this contact form.

Next time you sign up for a web service, take a moment to see where they stand on informing their users on a data breach, and find out just how much they respect the privacy of their users.

RockYou have been complacent with what is a very serious matter. They have not taken steps to rectify the problems that caused the breach and have not addressed their users in a suitable or adequate manner. An appropriate response would have been to take the site down for a period of a few hours and enforce that users enter new passwords, which would be stored in a hashed or encrypted form. The sad thing is that companies are able to get away with being so complacent, because most users will not find out about this, most users will never be affected by it and there is zero accountability for a users private data from service providers.

If you know of any company with similar policies, such as emailing passwords in the clear – call them out in the comments or email us on tips at techcrunch.com. We will make sure that we followup with each of them, and call them out if necessary.

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.

It’s no secret that most people use the same password over and over again for most of the services they sign up for. While it’s obviously convenient, this becomes a major problem if one of those services is compromised. And that looks to be the case with RockYou, the social network app maker.

Over the weekend, the security firm Imperva issued a warning to RockYou that there was a serious SQL Injection flaw in their database. Such a flaw could grant hackers access to the the service’s entire list of user names and passwords in the database, they warned. Imperva said that after it notified RockYou about the flaw, it was apparently fixed over the weekend. But that’s not before at least one hacker gained access to what they claim is all of the 32 million accounts. 32,603,388 to be exact. The best part? The database included a full list of unprotected plain text passwords. And email addresses. Wow.

The hacker has posted a sample of what they found. They have blanked out the passwords for now, but warns, “Don’t lie to your customers, or i will publish everything.” As far as we can tell, RockYou hasn’t issued a warning about this to its users yet. We’ve reached out to the company, but have yet to hear back.

RockYou has a history of stupidity. See here, here, and here. This may take the cake.

Update: Here’s the statement we were given by RockYou on the situation:

“On December 4, RockYou’s IT team was alerted that the user database on RockYou.com had been compromised, potentially revealing some personal identification data for approximately 30M registered users on RockYou.com. RockYou immediately brought down the site and kept it down until a security patch was in place. RockYou confirms that no application accounts on Facebook were impacted by this hack and that most of the accounts affected were for earlier applications (including slideshow, glitter text, fun notes) that are no longer formally supported by the company. RockYou has secured the site and is in the process of informing all registered users that the hack took place.”

They also say that they plan to issue the following email to users in the next 24 hours:

Dear RockYou user,

As you know, RockYou takes our users privacy very seriously.  We take

a lot of effort to protect user data from security breaches and attacks.

Unfortunately, RockYou has very recently learned that it encountered a security breach.  As part of this breach, it is possible that someone may have accessed at least your email address and password for the RockYou system.  We felt it was important to notify you of this immediately so that you could take any action you feel necessary to protect your privacy.

If you have any questions, please feel free to contact security@rockyou.com.  We are sorry for any problems this has caused you.

The RockYou team

Hmm “we felt it was important to notify you immediately” … 10 days later? And what’s the excuse for the plain-text passwords? FAIL.

[thanks ES]

[photo: flickr/naughty architect]

Crunch Network: CrunchGear drool over the sexiest new gadgets and hardware.

For the past several weeks, we’ve been making improvements to CrunchBase to build a more engaging product for the people that drive it – which is to say, “everybody”. Since it was launched, Crunchbase has always been a freely editable repository of information about technology companies. Since February 2008, we’ve received over 100,000 edits from anonymous users in addition to the copious amounts of information that TechCrunch writers funnel to it on a regular basis.

We’re excited to announce that these contributions no longer have to remain unattributed. Starting today, anyone with a Facebook account can sign up for an account on CrunchBase by using Facebook Connect. Edits will still be moderated (after all, this is the Internet we’re talking about here), but users who prove themselves to be trustworthy will, with time, start to see additional privileges associated with their accounts.

All of these edits represent a treasure trove of information, so we’ve also been working on ways to better present the edits as they occur. Visitors to the CrunchBase homepage will now notice a list of recent milestones – a “stream,” if you will – that represents the most recent changes to the database. We’ve filtered out the more trivial edits in an effort to make this the kind of real-time information that even Paul Carr could love. These funding rounds, acquisitions, investments, IPOs, and other major milestones will now also appear on the individual pages that they relate to.

Lastly, since it’s always better to let individuals choose what news they care about, we’re providing a way for people who sign up for a CrunchBase account to see a summary of these milestones only from the products, people and companies that are interesting to them. Logged-in users now have the ability to follow entries in the database and have relevant updates appear on their home page (sound familiar?).

If you are a developer and want to use CrunchBase data, we’ve got a very open and flexible API. And make sure to let us know when you build an app that uses CrunchBase data, we like to highlight them.

We hope you enjoy the new features, and are always taking suggestions for ways to make CrunchBase better. You can keep up to date with the latest features on the CrunchBase blog. And if you like what we’re doing, by all means, be our friend.

Crunch Network: CrunchBase the free database of technology companies, people, and investors

Gil Elbaz wants people to make lots of spreadsheet tables filled with fun and important facts and share them across the Web. Later today, he will be launching Factual, which he describes as “a platform for anyone to share and mash open data.”

Elbaz previously was the co-founder of Applied Semantics, which Google bought in 2003 for $100 million and turned its technology into AdSense. With Factual, he is trying to collect a rich repository of structured data (i.e., data neatly placed in rows and columns in his database), all contributed by developers, publishers, and “data enthusiasts.” So if you love making spreadsheets, Factual is for you.

The way that Elbaz is going to get people to contribute to his online database is that all the data placed into it is open and free to use. He is also making it easy for people to create their own tables and embed them on their own sites. “We’ve built smart tools to help a community maintain a large, trusted source of structured data,” he explains.

See the examples embedded below of U.S. prisoners on death row and American Idol finalists to get an idea of what these tables look like. Every cell can be clicked on to add comments, see the source of that particular data point, and offer corrections. The tables can be filled with any kind of data, from a list of cancer doctors with their specialties and which insurance they accept, to a list of farmer’s markets across the U.S.

Elbaz believes that good data leads to good decisions. So he designed Factual to self-correct and improve its data over time. Once he has a rich source of structured data, that will start to become very appealing to developers, who can access Factual’s data through its API .

Of course, he is not the only one trying to o this. Danny Hillis at Freebase has a two-and-a-half year head start. Everything in Wolfram Alpha is highly structured in an automated way. And Google is trying to get into the game with Google Squared.

Check out the interactive Factual tables below.

Crunch Network: CrunchBoard because it’s time for you to find a new Job2.0

As content sites on the web mature, they continue to blur the line between straight news sites, social hubs, and references for structured data. No longer are these sites just home to editorial content — many of them have created databases of the products they cover (take for example TC sister site CrunchBase offers a comprehensive directory of companies and people in the startup community). Unfortunately, content management systems and databases that run these increasingly diversified sites don’t always play nicely together. CrowdFusion, a TechCrunch50 finalist launching today, is an impressive new CMS system that’s looking to eliminate these hassles. To put things simply, the platform helps streamline content writing, database management, and social features by combining features of blogs, wikis, and more into one unified platform.

To help give an idea of exactly what Crowd Fusion can do, the startup walked us through the process of creating a blog post. First, the CMS can present a writer with stories they might want to cover: the platform has an integrated feed reader, which can intelligently determine when there’s a breaking story that your site has yet to write about. The CMS can then facilitate actually writing the post by importing excerpts into your new posts (with links to the original articles). It can also suggest related blog posts for you to include at the bottom of your post (you can simply drag and drop to rearrange or remove the stories).

Say a gadget blog wanted to write about a new phone that had just come out (today’s demo featured our super-secret iPhone Killer, the CrunchPhone). Because the CMS can integrate the site’s gadget database directly into the CMS, adding a new product is simple — you can add it to your database using a small widget on the same page that you’re writing your blog post in, without having to leave the page. And because the blog system is integrated with the product database, you can generate intuitive tables comparing multiple existing phones against the new one.

CrowdFusion has a plugin architecture so it’s extensible. The company is open-sourcing the CrowdFusion platform, and will be releasing it in public beta today.

Q&A with panelists Dick Costolo, Reid Hoffman, Sean Parker, Mike Schroepfer, and Robert Scoble:
DC: There are only so many blogs and companies that will need something like this. The millions of blogs out there won’t need this. We’re talking about the TechCrunch, Glams of the world. I think the challenge will be how big can you make the market?
RS: He didn’t say it, but (founder) Brian Alvey built the backend for Weblogs, Engadget, big publishing sites.
A: There are top publishers who know what I’ve built (big names like Engadget). But lots of people aren’t going to just immediately move over, so we open source it. Clicker is exactly the sort of thing you build on this.
RH: Getting people to adopt will have a slow curve. In tech I don’t think you’re ever the last everything. I think what you’re doing is exactly right, with plug-in arch and open source.
A:I’d love to be doing this for 10, 20 years.
A:We’re big fans of MySQL model where you have an industrial strength free product anyone can use. We figure we can build a valuable business with scaling, hosting, etc.

Videos:

Other Coverage
TC50: Crowd Fusion wants to be the ultimate tool for web publishing VentureBeat.

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.

Lots of people purchase tickets for events like sports games, rock concerts, etc. on secondary markets like eBay or StubHub, where they can often be picked up at huge discounts. Of course, it’s a bit of a challenge to know when to make a move and buy tickets exactly.

The main problem with buying tickets on secondary markets is that you have no clue if they reached their lowest price already or if you should be well off exercising some patience and let the price drop a bit more. Enter SeatGeek, launching at the TechCrunch50 conference today, which offers a service that basically forecasts ticket prices on secondary markets so you can make educated decisions on when to break out your wallet.

SeatGeek developed a bot that crawls hundreds of secondary market websites every day to aggregate information on transactions like the amount of money tickets are going for and other factors that have an effect on pricing. The startup actually takes into account a very broad set of relevant factors. For instance, when they track baseball games they not only trace the prices of tickets but also if the game was on a weekend, what the weather was like, who was pitching and so on.

SeatGeek can go over this multitude of records in their database and analyze historical price points for events, enabling them to forecast what the pricing pattern for secondary tickets is going to look like for future similar events. Buyers can sign up to get notified when the price drops to the rock bottom as predicted by their system and simply purchase only once it does. And the good thing is even sellers can benefit from the forecasting model because they can use it to determine when they should be unloading their tickets.

SeatGeek offers a free version for buyers and will soon release a premium version for brokers and other sellers. SeatGeek also gets 7 to 10% of ticket sales thanks to affiliate relationships with ticket brokers. They’re also preparing the roll-out of a ‘ticket insurance’ product, where users get compensated if SeatGeek doesn’t provide accurate forecasts.

Expert panel Q&A:

Q – Roelof Botha: I like it, like I like Farecast (which did pretty well). Is your goal to become the primary site to go to to get tickets, and wouldn’t that hurt the brokers?

A: we’re helping them, we’re doing marketing for them. We’ve spoken to them and they’re supportive of what we’re doing.

Q – Paul Graham: What percentage can you predict, e.g. baseball games?

A: In average, 40% of baseball games that are sold out. Overall, I don’t know. We’re directionally correct 80% of the time.

Q – Marc Andreessen: How high is up? How big can it get?

A: The size of the secondary ticket market, $15 billion a year.

Q – Paul Graham: why do you make a consumer website, why not use it and resell tickets yourself?

A: We thought about it, but the downside is the initial capital injection. Half the battle is acquiring tickets, brokers are good at it and we’re not it, so we focus on providing tools to help them and buyers. We think the opportunity is bigger by not doing it ourselves and letting consumers use our tools.

Video:

Pictures:

Extra coverage:
TC50: SeatGeek tells you when to buy tickets VentureBeat.

Crunch Network: CrunchBoard because it’s time for you to find a new Job2.0

When Songkick was born in 2007, it had an interesting goal: To perfect concert recommendation. Plenty of services do music recommendation, but the idea of recommending concerts you might like based on things like music you’re interested in and you location, was an interesting one. Now, with a few others in the space, including the similarly named Livekick, Songkick is embarking on a new tiny challenge: To create a giant database of every concert ever performed by every band, and to make the entire experience more social.

To be clear, Songkick is still very much focusing on concert recommendation, but its site is now much deeper than that. Beginning today, you will be able to enter in the name of a band and a city in which you’ve seen a show you’ve seen in the past, and Songkick will scan its databases for that show. If it’s there — and there’s a pretty good chance it is, given that the site already has 1 million concerts in its database — you can click on the “I was there” button, and it will be added to your Songkick profile. Each of these concerts has its own Songkick profile page, that acts as a wiki of sorts. Any user can add photos from that show, ticket stubs, set lists, write a review of the show and a host of other things.

And if a show isn’t there, you can add it. That’s a key part to all of this: Songkick wants to have every concert ever performed in its database, and it’s going to need its users to help make that possible. It’s done a huge chunk of the work with a million shows going back to a Bob Dylan show at the home of Karen Wallace in May 1960, but there is more to be done.

The overall idea is to extend the experience of going to a concert beyond the actual show. And to make it more social. Maybe you’ll see that you’ve been to a bunch of the same shows as someone else, and you’ll add them as a friend on Songkick, and you’ll probably run into them in another show. More importantly for the social aspect on the site, Songkick now allows you to track not only bands and venues, but people as well. So if you find someone with similar tastes in music or a friend, you can be alerted when they say they’re going to go to a show. It might also be interesting to track people of influence like music journalists or executives using the site, Songkick co-founder Ian Hogarth tells us.

Obviously, as is the case with any social site these days, Songkick information can be sent out to Twitter and Facebook. And while Songkick doesn’t yet integrate with something like Facebook Connect to port your social graph over, Hogarth envisions something like that happening in short order. Though he warns that you probably won’t want to track everyone you’re friends with on Facebook because Songkick is also about personal music preferences — which is a nice way of saying that a lot of your friends probably have crap music tastes. This is something I know to be true.

Still, the giant concert database is the most interesting element of this update. Hogarth at one point explained it as being like the IMDb (Internet Movie Database) for concerts, but didn’t want to limit it as just that because the service really offers so much more in terms of recommendations and social elements. Still, that’s a pretty good way to describe it as I’m finding myself using the database in a similar way. You know when you look up a movie on the IMDb and then you click on an actor to see what else they’re in, then you click on that movie? The same type of rabbit hole exists on Songkick when you start looking up concerts.

In terms of monetization, the company has some interesting ideas. Right now, the company uses the affiliate model for tickets to upcoming shows it sells through its site. But with this new database, there are some other options including obviously placing advertising on the site, which should happen soon, Hogarth notes. Another more interesting idea is to create a way to sell merchandise from past concerts you were at, or just went to. Imagine being able to buy a recording from last night’s show, for example. Or maybe a t-shirt at a slightly discounted price because no one would buy them for $40. That could be pretty cool.

Songkick was a Y Combinator company and raised an Angel round of funding back in March of 2008 and a Series A in December. The company has 14 people now working for it.

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.