Better Internet Search – Alpha 2

Better Internet Search – Alpha 2

Better Internet Search Ltd has a license to use the 1-timeline technology developed by Trisent. They have just announced that the second alpha version of their alternative search engine is to be launched on 18th March.

This version includes general web searches plus news, images, video, maps and shopping. The development has been supported by the EC based Next Generation Internet Trust and the search engine algorithms have been developed in collaboration with the Department of Computing and the Blockpass Identity Lab at Edinburgh Napier University.

Better Internet Search screenshots

You can use this link to sign up as an Alpha Tester and try out their alternative search.

How to Protect Your Small Business from Cyberattacks

Picture Credit : Pixabay

This is a guest post by Clara Ellington from Broadbandsearch.net. The views and opinions expressed by the author do not necessarily reflect those of Trisent or its staff.

Did you know that as a small business owner, you are one of the primary targets for cyberattacks? Cybercriminals are everywhere, and there are more and more ways in which they can prey on you.

We all have vulnerabilities, and we can all be victims, but that doesn’t mean that we should just lay in waiting. There are things you can do to protect yourself and your business. Here are a few tips on how you can ward against cyberattacks.

Internet connection

Do this: Your internet connection should always be trustworthy. When you’re at the office or in the comfort of your own home, you’re probably connected to your own network. On the go and in public places, however, you rely on Wi-Fi.

Always make sure to connect to networks that are trusted and password protected. If you do not have access to protected networks in places like coffee shops or airports, ask an employee for the password. That way, you make sure that any information you are exchanging is completely secure.

In absence of access to a secure network, use your phone to create a hotspot with the data on your device. It’s expensive, but it’s worth the protection.

Not that: You will be tempted to connect to random open Wi-Fi networks that are not password protected. That could be a massive mistake. You see, anyone can connect and gain access to the information you are sending via this channel.

Important information such as passwords and personal data can be intercepted and used for nefarious purposes, such as theft, impersonation, blackmail, etc. It seems very convenient to just connect to the free airport Wi-Fi, but this can be the precise moment when someone takes advantage of your vulnerability and steals valuable company info.

Websites

Do this: Thankfully, Google does some of the heavy lifting for you and clearly flags trustworthy websites and risky ones. Google gives priority ranking to websites that are safe and SSL-protected.

You can recognize secure sites, because they will typically have a padlock on the left-hand side of the search bar. That will indicate that you can trust this site, that it’s encrypted, and that any information you share will be in safe hands.

Not only that, but you can rest assured that you won’t pick up any weird malware or trojans while you’re browsing and clicking away.


Not that: On the opposite end of the spectrum, a red, crossed out padlock indicates a website that is not properly secured. Google cannot ensure your safety when navigating to this page and will issue advertisements about the potential risks.

If you do venture onto pages like this, you do so at your own risk. It’s not indicated to ever access this kind of page, much less provide them with information about yourself, your clients, or your business. Every click or download can be suspicious, so it’s best to refrain and look for a more trustworthy source.

Passwords

Do this: You probably know by now that passwords are becoming easier and easier to crack, so you need to really reinforce them. That means that you have to get serious about setting strong passwords. Here are some tips:

  • Pick a password that does not make any logical sense. It should be a combination of random characters, including both uppercase and lowercase letters, numbers, and special symbols.
  • Pick a unique password. It must not be a password that you’ve already had, that you set for another account, or that someone else has.
  • When it comes to answers to secret questions, don’t make the answers straight-forward. That makes it easy for other people to guess or find out. Instead, make up completely off-the-wall, random answers. For example: Q: What is your mother’s maiden name? A: Dinosaur.


Not that: Stay away from the passwords that are easy to guess, find out, or hack. Here’s what you should be avoiding:

  • Don’t choose 1234567, “guest”, “password”, and other basic, easy to guess passwords. It’s like not having a password at all.
  • Avoid easy to guess information. Don’t make your password your name, your kids’ names, your spouse’s birthday, your pet’s name, etc.
  • Don’t tell anyone your password, and don’t write it down. Yes, it’s harder to remember that way, but you also run less of a risk of having a security breach.

Devices

Do this: We’re using so many different devices for work nowadays, and it’s super important to protect them all. There are some good practices that you should be using to make sure that you are not experiencing any loss of data.

  • Password-protect your devices – all of your work devices should be protected with passwords or even more advanced security measures, such as fingerprint scan or facial recognition.
  • Do not share devices – your work devices should be yours and no one else’s. Granting access to anyone else can mean compromising important data.
  • Do not use the same devices for work and play – it seems easier to just use the same phone and laptop for all of your personal and work endeavors, but that actually makes it more likely that you will slip up and compromise data.


Not that: Sometimes, working in public places like coffee shops and such is unavoidable. What is avoidable, however, is leaving your devices on the table while you go to the bathroom or out to take a call or a smoke break. The same goes even if you’re working in an office, or at home.

It’s not just about strangers breaking into your work computer, but about co-workers mistakenly seeing something they shouldn’t, or kids playing on your laptop and inadvertently deleting something important, etc.

Sensitive data

Do this: Okay, but what do you do when it comes to data storage? Especially when you’re dealing with sensitive information, or client data, you need to find a way to store this info as securely as possible. While keeping information on an external hard drive (especially if it’s encrypted) or on a USB stick is adequate enough, cloud storage is the safest solution.

Cloud storage allows you to keep information outside your office or your own devices, so you don’t need the physical space. It’s the most secure storage solution. It’s easy to set up: you just need to pay for the service and upload your files and voila – they are perfectly secure.


Not that: Whatever you do, do not keep this type of data on your hard drive. You’ll also not want to keep physical files in your office, or CDs lying around. Basically, any type of medium that can become easily compromised or stolen is a bad idea.

If you do have data that you store on CDs, for example, be sure to upgrade this storage solution as soon as possible. CDs are known to deteriorate after a certain amount of time, especially if the storage conditions are improper (for example, exposed to sunlight).

Final thoughts

As a small business owner, you must be on the lookout for cyberattacks. Small businesses are less likely to have proper security set in place, so cybercriminals take advantage of that and try to hack into your system and wreak havoc. But that doesn’t mean you can’t protect yourself. There are lots of ways to minimize the risks and fend off prying eyes. A lot of it is a matter of exercising safety practices and learning to protect your devices, your information, and the way you go about working, both remotely and at the office.

Search engine bias is particularly insidious

Search engine bias is particularly insidious

Larry Page

“Currently, the predominant business model for commercial search engines is advertising. The goals of the advertising business model do not always correspond to providing quality search to users.  …., we expect that advertising funded search engines will be inherently biased towards theadvertisers and away from the needs of the consumers. ….., search engine bias is particularly insidious.”

Larry Page and Sergey Brin – 1998

These are direct quotations taken from a 1998 paper by Sergey Brin and Larry Page [1], the founders of Google, when their company was in its infancy. The quotes can all be found in “Appendix A: Advertising and Mixed Motives” of the paper.  I agree 100% with the quoted statements but wonder if Brin and Page are still aligned to these, and has Google abandoned their original ideals to become what some may consider to be a “particularly insidious” behemoth?

I hope to be able to post some details soon of one project I am investing a lot of time in that will remove advertising from the search business model and deliver quality user-focussed search with no commercial bias.  So watch this space!

[1] The Anatomy of a Large-Scale Hypertextual Web Search Engine, Sergey Brin and Lawrence Page, Stanford University, 1998, http://ilpubs.stanford.edu:8090/361/1/1998-8.pdf

 

Goodbye Google, Hello Qwant!

Goodbye Google, Hello Qwant!

This is a guest blog post by Jack Warner of TechWarn.

The French government bids farewell to Google and adopts Qwant.

At the end of last year, the French National Assembly announced that they are not going to use Google anymore. All the devices belonging to the French government will adopt a new search engine called Qwant, which is privacy-focused.

It seems the French government wants to protect itself from the surveillance of Google and the U.S. government (and their associated comprehensive data-retention policies) and are prepared to take some big steps to do so.

France’s watchdog for data protection has also fined Alphabet’s Google $57 million (€50 million) on 14th of January, 2019 for breaches of the EU’s online privacy rules. This penalty is the biggest ever to be levied to tech giant like Google in the U.S under the EUs new GDPR legislation.

Advantages of using a private search engine

You can enjoy the benefits of search engines which are privacy-oriented in the following ways:

  1. Be invisible – private search engines will use aggregate or non-personal search data, instead of storing your IP address. This will keep your identity private.
  2. Be clean – when you have finished the search, the history on your browser will expire. Therefore, third-parties cannot access your data or search terms, even if they managed to access your computer.
  3. Be free – there will be no targeted ads when you use a private search engine as they don’t run ad campaigns like other mainstream search engines usually do. The ads are merely related to your search term instead of your browsing history.

Top recommendations for private search engines

The following are some of the best privacy-oriented search engines available right now:

  • Qwant: a pioneer of private search engines which was the first based in Europe.
  • Startpage: a private search engine which doesn’t log, share, and track the personal data of its user.
  • DuckDuckGo: this private search engine has a policy which prohibits the sharing or collecting of users’ personal information.

Private search engines versus incognito mode

Let’s backtrack slightly – why use a private search engine when there is incognito mode? The incognito mode usually behaves like a brand-new browser which has just been installed on your computer. It does not have cookies, saved searches, bookmarks, or any pre-filled forms. As you close an incognito browser, all the information that is usually collected by the browser will be deleted. Even so, the incognito mode cannot stop third parties from tracking you via DNS records and collecting your data as there is no encryption. Also, since incognito mode is also a Google product that’s not open-sourced, who knows if it collects our data for its mother ship?

On the other hand, a private search engine offers added layers of protection and its users will not be tracked while it delivers the search results. Some even use local encryption for extra privacy protection.

The problem with Google

Google privacy breaches are not unheard of. From your search history to your browsing behavior, Google knows it all. If you stand by your right to remain private and anonymous online, you may want to start looking for alternative privacy-oriented search engines.

Despite the company’s size and industry influence, Google still managed to commit a data breach that seriously violated corporate compliance last March. The shocking breach was discovered early last year when the personal data of 500,000 Google+ users was exposed to hundreds of third-party developers working on new apps on the network. The exposed data includes usernames, birth dates, email addresses, work histories, and photos. It’s possible that more users were exposed as the glitch is believed to have existed since 2015 according to engineers at Google+.

Imagine the damage if all that you’ve trusted in Google to keep private, such as your search history, browsing habits recorded on the Chrome browser and traffic from your Google Pixel, was leaked accidentally. Not only does Google violate your privacy by collecting more data than it should, but it also doesn’t do a good job of protecting it. It could be time to look beyond the horizon for newer and better options.

Jack Warner - TechWarnAbout the author

Jack Warner is an accomplished cybersecurity expert with years of experience under his belt at TechWarn, a trusted digital agency to world-class cybersecurity companies. A passionate digital safety advocate himself, Jack frequently contributes to tech blogs and digital media sharing expert insights on topics such as whistleblowing and cybersecurity tools.

Can blockchain solve the problem of trust?

Can blockchain solve the problem of trust?

The answer is no! … Okay, that would be a very short read so maybe I should provide the reasoning behind this short answer.  Also, to avoid appearing too negative on the issue, I should first state that I do believe that blockchain has a lot to contribute positively around the issue of trust.

The internet has connected the world (well over half of the world’s population can now access the internet) we can communicate and transact with almost anyone on the planet. The problem is that a small proportion of the people feeding us information or attempting to transact with us cannot be trusted. So, the internet may well have solved a worldwide communication problem but in so doing a large problem of trust has emerged – i.e. we can now connect with billions of people we don’t know, we know that some of them will be dishonest, but we don’t know who specifically we can trust. The traditional way to address the “who do we trust” problem is to use people we do trust as intermediaries to check information or to police transactions and, of course, this is expensive and time consuming.

Today with the use of blockchain we can now make financial transaction successfully without using a trusted intermediary – except we are using blockchain’s distributed ledger as the trusted party. We trust the ledger because it is distributed, transparent and the code that created it is open for verification. In the case of bitcoin the code is relatively simple and generally trusted, however as blockchain is now being used for more involved tasks, the code can become complex and will inevitably require updates to fix bugs and improve functionality – thus it is helpful to have a trusted party with the authority to make such changes (albeit with high levels of transparency through visibility of the code).

The holy grail for many blockchain evangelist is the Decentralised Autonomous Organisation (DAO) where the organisation hierarchy is flat (i.e. there is no board or government that sits at the top of a hierarchical pyramid to manage the organisation). The governance is automatically orchestrated by smart contracts, the evolution of the organisation is through the members (typically token holders) having voting power and any changes to the organisation would be by consensus of the members. Even fixing a bug in the constitutional code requires new code to be proposed, and that a consensus of members agree to accept the new code. Reaching consensus quickly on complex issues in a dynamic organisation is not always practical and so the ideology begins to crumble somewhat. In the future entire countries could perhaps be run as DAOs, but today’s technology is simply not advanced enough to allow the removal of key decision makers.

For complex systems to be based on blockchain today there needs to be many trusted elements in the system, and completely flat hierarchy organisations are not yet practical for all but the simplest of systems run by smart contracts. This might not sit well with many of today’s blockchain evangelists, but the reality is that we have shifted a problem of “who do we trust” to a problem of “do we trust this code” – or even do we trust the person that wrote the code. The public visibility of code and consensus to accept it helps greatly. However, most software developers would agree that you cannot always trust your own code to do exactly what was intended once it has reached more than a few tens of lines, even with rigorous reviews and testing (just ask NASA!).

So, it seems we cannot eliminate the problem of involving a trusted party, but we can greatly improve the confidence in the trusted party through transparency and consensus. What this means is that if a trusted party commits a dishonest or negligent act that is not immediately detected, there may not be a direct mechanism to stop the impact of this, but there is an indirect mechanism that will reveal wrongdoing or incompetence and therefore encourages the trusted party to act honestly and diligently in the first place.

Let me use a true story to illustrate this in practice. Estonia is believed to have the most advanced digital society in the world. Everyone has a digital identity and access to most of their own digital information. Access to certain sensitive personal information is only permitted for legitimate reasons by certain parties and all data access is recorded on an immutable ledger. An Estonian police officer once decided to use his privileged access to citizen data for the purposes of checking on his partner. He had no right to view her data for this purpose but had been trusted with access to this system. His partner was able to see that her records had been accessed by the police on a particular day. She questioned the reason for this and on investigation by the authorities it was revealed that it was her partner that had looked at her records. His improper actions had been recorded on a trusted ledger and resulted in him being sent to prison. This story has even been retold by their president and serves as a powerful deterrent to any other trusted person in Estonia considering abusing their privileged access to personal data.

So, although a system with this type of transparency may not, in all instances, stop improper behaviour by trusted parties, the fact that the wrongdoing could be easily detected reduces the likelihood of future abuses and increases trust. In a nutshell, transparency becomes the basis for trust; and the blockchain’s immutable distributed ledgers and open source code are excellent for transparency.

In summary, blockchain is not a panacea for trust. In a simple sense it seems to be a partial solution to the problem of distrust. i.e. we can actually transact directly with untrusted individuals without a trusted intermediary if we can trust the blockchain technology that oversees the transaction. Blockchain and smart contracts cannot be inherently trusted – they must establish trust in the architects, the coders the participants, and anyone involved in the implementation and operation of the system. However, the transparency and consensus mechanisms built into the technology are a significant aid to building that trust.

When will Google’s search engine monopoly be broken?

When will Google’s search engine monopoly be broken?

In the 1990s I was an academic at the University of Edinburgh teaching electronics and computing. In 1998 a colleague introduced me to the Google search engine and as a result I made the shift from my previously preferred search engine, Alta Vista, to Google. Twenty years on, despite trying many others, I still use Google regularly. I was delighted by the Google experience 20 years ago, but today I dislike Google search for several reasons but I have yet to find a noticeably better alternative.

In a recent poll conducted by the Search Engine Journal (SEJ) it was revealed that that Duck Duck Go (DDG) is the most popular alternative to Google (based on 1097 SEJ Twitter followers who responded). However, according to Statcounter DDG have just 0.32% (October 2018) of the search market and Google have 92.74%. My question is whether Google’s monopoly could be under threat by emerging search engines such as DDG and if so, why have they not yet made a major impact on Google’s market share?

SEJsurvey

Google has held a monopoly position for around 20 years and in that time ‘to Google’ has become a verb. This incumbent position will not be easy to shift. DDG has a very similar product to Google it has not made much of a dent in the market. Their major differentiator is that it respects user privacy. However, if we are honest it does not deliver truly better search results, in fact in my experience the results are generally less good – and are still tainted by significant volumes of undesirable advertising content. Thus, DDGs market is a niche market segment that believe user privacy is essential and are willing to accept slightly inferior search results to achieve this. This market sector (which I include myself in) is huge in world terms – but remains a niche.

My shift from Alta Vista to Google some 20 years ago was based on it being a better solution to my internet search problem — data privacy was not generally thought about in 1998. For me DDG is not yet a better solution, if better results and less advertising (which I know is how they make money) was delivered alonside its enhanced privacy, then it could be a winner. The other problem for DDG is that the federated results use Bing as a major source of data, so they do not have an independent platform from which they can base an assault on Google.

My current opinion is that Google will slowly lose market share to a variety of small search engines such as DDG. One of these players will emerge as a future challenger to Google within the next 5 years and we may not even have heard of them yet. The successful search engine will likely do their own crawling and indexing so they are not dependent on Bing, Google or Yahoo and they will not rely on pay-per-click (PPC) advertising which most users dislike. It is quite probable that when they do emerge as a leading contender they will be acquired and scaled by a company with a large existing subscriber base and complimentary business activities such as Amazon.