How can it be OK that 1,000 PC’s are lost in the malware wars every time a bad ad is served up in ad networks?

I admit a certain hyper sensitivity to all things security when it comes to Internet. I worked at CA and then Comodo – both heavy players in the online security world. I learned about the scary things that can happen if you go online alone. It is not a pretty picture.

So it’s no wonder that I tend to have a zero tolerance to bad online security practices – among my friends, my family, my peers.  I have even less tolerance (is that possible?) for online security industry practices that can allow 1,000 PCs to get infected before an ad is checked for malware.

That’s right! I recently learned that all the ad serving platforms check ads in their networks after it has been served. In the case of Right Media I am told an ad is served 1,000 times before it is checked. If the ad is malware – oh well – 1,000 PCs are likely to get infected. I was shocked TBH. And I was even more shocked to learn that according to all the large ad serving platforms it seemed perfectly OK (at least the 4 large ones) to check ads after they have been served already.  I had the chance to press a rep from Right Media for an explanation about why are ads not checked before they are served. It was explained to me that the sheer tonnage of ads would make checking everything before it ran impractical.

That answer seemed pretty lame actually. And one does not have to look hard to see how this causes problem up and down the ad market value chain. Recently, TechCrunch and The Drudge Report were hit with malware on their sites served up by an ad in the network. http://news.cnet.com/8301-27080_3-20000353-245.html. The backlash was felt by the likes of Michael Arrington who had to explain the issue to his audience. I felt his pain, more keenly felt because I knew there was little he could do to make it better. It is likely to happen again – the only question is when.

Here we see most blatantly the bad things that happen when you detach consequences from accountability as is the case here. The ad server networks are the ones who serve up the ads, good or bad, but if there is fall-out, it is largely felt by the site that delivered the ad. That ruptures the basic laws of accountability and consequence which ultimately leaves at least 1,000 PCs infected with malware every time there is a virus outbreak.

Now I really do not understand the technological limits of checking ads within an ad networks – but how can it be OK to permit ads to be served before they are checked? Could it be that 1,000 is too small a number to worry about? And as the number of ads being served grows, will a higher 10,000 threshold be OK? Then maybe 100,000 will be a tolerable number?

Here is a challenge to the industry. Elinor Mills’ article on this subject mentions Bennie Smith, a vice president of exchange policy at Yahoo’s Right Media who I invite to respond here. Maybe I it got it wrong. Set the record straight – please – I really want to be wrong.

Better yet – I would love to start a dialogue to solve the problem – between agencies, ad networks, advertisers and the security industry. Sometimes talk is not enough. An alternative is needed – an alternating current. But more on that coming…

Judy Shapiro

So much to talk about but so pressed for time.

Spring is a time of intensity. Things seem to take on frenetic pace as though we want to cram in as much energy as possible when it is so available.  

Lots of tech marketing activity – as always. Lots of new “social media” activity – as always. Lots of things to distract and entertain – as always. 

I have been quiet here for a few weeks mostly because I have been absorbing it all. I have pondering the complexities of copyright in the digital age. I have turned over in my mind the practical concepts of The Trust Web. I consider how to help fix the systemic security issues in the delivery of online advertising.    

In short, so many things are blossoming at once that I find myself basking the thrill of it all. The work I am doing now in social media is delivering metric based results for brands. Since I treat social media like direct marketing, I can deliver campaigns that a brand understands how to work with. It is refreshing for them.  

There are some exciting projects in the near horizon, like the initiative to create security standards for the online ad world. Or the possibility of a social/ DM platform for campaign creation.  And the growth of our network called MingleMediaTV so that even though it just a few weeks old it has began to rank well in Alexa.  

So many possibilities. So much to learn. So little time it seems.  

But it’s what makes Spring so wonderful and I am enjoying the ride.  

Judy Shapiro

Change the name of something and you change its essence.

          

It is a concept that has been explored for millennium. In the bible, to suggest a significant life change, a person’s name was changed… Abram became Abraham and Sarai (Abraham’s wife) to Sarah. That concept still holds true today. Most parents understand intuitively the significance of choosing the name of their child and naming of new products requires careful deliberation about what it invokes.

 So when I saw today Melih Abdulhayoglu CEO of Comodo tweet about DV SSL certificates, it reminded me of the concept only in reverse. Ever one for the clever turn of the phrase, Melih’s post suggested that the name of DV SSL certificates, which usually stands for “Domain Validated” connotes a level of trust that is inappropriate to what it actually delivers. His tweet today asked, “how can Certification authorities issue DV (Dangerous Validation) certificates to ecommerce and keep a straight face????”

 Well said. In the ecommerce world, it is important for the buyer to know who they are interacting with. A DV SSL padlock only tells the potential buyer that the information he is transmitting, like his precious credit card information, is encrypted. But what good is encrypting the information if you don’t know who you are encrypting for. It is like giving the keys to your house to a total stranger!

So friends, buying online a great thing, but do it well and do it safely. Ideally, when buying online, buy at sites with an EV SSL certificate, these sites have a noticeable green color in the address bar. The “EV” stands for extended validation and this authenticates the business information behind the site. That is what you really want to know – that there is a real, verifiable businesses selling you the merchandise.

If the site does not have an EV SSL certificate and you see the yellow padlock, it can get dicey. Some sites have verified business information because they bought an OV SSL certificates – “organizational validated”. To find out if a site has an OV certificate, click on the padlock and you should be able to find the business name and address. But many sites have these DV SSL certificates and these are the ones to watch out. The only thing you know about this site is that someone was able to buy a domain for $10. It does nothing to tell convey trust. Remember that!

Now I realize that the average consumer does not care about the name of an SSL certificates because they probably don’t know what an SSL certificate is in the first place. But for those of us who do know, spread the word…DV SSL certificates are “dangerous validation” …

Let’s see if we can the change essence of DV to be the bad thing it really is. We have to start somewhere.

Judy Shapiro

Top 5 reasons why social networks will drive how the next generation web will evolve.

                       

We’ve heard the buzz… Web 3.0, semantic web, smarter web (who knew it was stupid in the first place). But beyond the buzz, the idea of the next generation web is simple. How does the web evolve from a generic, impersonal place to a place where we can have a personal experience? How can I get information that is relevant to me? How can I use the web the way I want? How can I create a personal web for myself?

 

The answer becomes clearer when we put the human element at the heart of the conversation which this leads us to, you guessed it, our social networks. Nothing is more personal than our social networks so it’s best to start there in building the next web.

 

Now amazingly, technology that lets us create digital social networks and these social networks are growing like crazy. Companies like Facebook, Paltalk and Linkedin have spread so fast because they begin (mind you only begin) to introduce trust within our newly interconnected and now largely untrusted world.

 

That’s what today’s Paltalk TechNow interactive video event was about. It was entitled; Transforming the Web into YOUR web and it was about what will the next web look like. The show featured Melih Abdulhayoglu, CEO of Comodo and his point was that the foundation of the next generation web is built on trust delivered via an authentication layer. I believe he is right. And taken further, it’s useful to remember that trust is first and foremost a function of social networks. By putting trust at the center of the conversation this puts the emphasis where it belongs – on the human factor. We need trust and we need social networks to help permeate trust within the new web. .

 

And that is why I can make my claim about the critical nature of social networks in the next generation web. I can even back up my assertion with a top 5 list :

 

1) Social networks have begun to dominate people’s online activity. According to Neilson, already 1 in every 11 online minutes is spent in social networks (that’s a lot of time given how new the space is).

 

2) Social networks will become people’s new communications hub. It already provides a diverse set of options for connecting with more people than ever,,, in chat rooms, with IM and in real time broadcasts. This trend will only continue.

 

3) Information obtained via social networks is more trusted than non vetted information. Just like in the real world where I would probably ask my lawyer friend for legal advice, we will  begin our online searches first within our social networks.

 

4) Law of numbers … 2/3 of people use one form of social media or another and more than use email! (Source: Computerworld 3/10/09).  Social networks are becoming our filter into the big and sometimes overwhelming world of Google. Our networks will help us sort good information from bad information.

 

5) Social networks are where people will live more and more when they go online. John Burbank, CEO of Nielson Online said, “Social networking will continue to alter not just the global online landscape, but the consumer experience at large. Social networking isn’t just growing rapidly, it’s evolving — both in terms of a broader audience and compelling new functionality,”

 

So if you want to guess how the next gen web will evolve, look no further than your own networks.

 

Trust the human element. Trust your “peeps”. 

 

Judy Shapiro

The Connected Singularity Is Near

                                      

I have read with relish the book by Kurzweil, The Singularity is Near and I respectfully borrow the phrase. The fundamental premise of his book is that we have approached “the knee of the curve” in our technological evolution, the moment where the pace of change will fundamentally change our biological evolution. Essentially, he argues with good cause, that change is happening faster and more fundamentally than most fully appreciate. 

And I think he’s right based on my personal experience. Much like a woman born at the turn of the last century, who saw in her lifetime the evolution from horseback to space travel, I too have seen a similar step change evolution in the connectiveness of the planet in a mere 15 years. In that time, I saw the transition from limited, one to one communications that was very expensive (I remember the days when a long distance call was a big thing) to a model where we can be connected with virtually no limits in terms of distance or scope.   

It is breathtaking … but I think Kurzweil limits his scope. Kurzweil places technology at the center of the change engine but I think if we focus on technology as the key driver, we limit its potential. We must remind ourselves to put the human factor at the heart of the technology evolution – not the other way around.  

And this focus on the human element must also apply to how the next generation Internet, sometimes called Web 3.0, will evolve. We must give full expression within this evolution to our human instinct to establish trusted connectedness in the web world in the same way we enjoy trusted connectedness in the real world.  

Yet in the conversations today about next generation web there is decided lack of focus on the human factor, (heck even the name Web 3.0 betrays the techno focus). For Google, the next generation web is about technology that delivers a personal web experience via intelligent search agent. For other companies, semantic technology that lets computers understand meaning better, is how the new, next web will evolve. All these technologies are all important, but they are a only a means to an end.  

The end game for the next generation web is the creation of this trusted model of community, commerce and communications for everyone just like we have in our everyday, real worlds. This model puts the human need to trust as central to the conversation — not be peripheral to the thinking. This, for me, suggests we are creating a connected singularity in a Connected Web enabled by a concept of Social Authentication put forward by Comodo. For this new “Connected Web” to work, it must be grounded on trust and trusted networks.  

This is why Paltalk will be hosting the third TechNow event; Transforming the Web into YOUR Web airing March 19 at 3:00 (EST) with Melih Abdulhayoglu, CEO and Chief Security Architect of Comodo. During this live, interactive event, Melih will challenge conventional thinking about how we create the emerging next generation Web, sharing his vision about how a Connected Web needs to be based on trust. Melih will be joined by noted industry analyst, Henry Blodget of Alley Insider, in a discussion about:  

·         Current technical versions and major scenarios associated with next generation Web (semantic, 3D, pervasive, media-centric, etc.)

·         The potential and benefit of web 3.0 for every day people?

·         The functional model of how next generation Internet technologies will combine to deliver this new, next Connected Web  

·         How do we leverage the intelligence of people within a social authentication™ framework as is being defined today by Comodo?

·         How will a trust and authentication layer be introduced into connected community, ecommerce and communications networks?

 

Live, interactive video chat: 

Date: Thursday, March 19th

Time: 3:00pm EST

Room Name: TechNow Network

 

Visit http://technow.paltalk.com/crashdummies for more information, to watch past shows and to sign up for a reminder email. 

 

Join the conversation. Join the movement towards a trusted Connected Web.

 

Judy Shapiro

What’s the point?

                                 

I find myself in an usual business at a very unusual time.

 

After spending years working with technology leaders in telecommunications, software and security, I wanted to explore the expanding role of social networks in our everyday online worlds. So I went looking for opportunities in this new “cool” space. Not so easy given my decidedly lack of “coolness” (I haven’t seen “20 something” in a few decades). Yet nonetheless, in a sheer stroke of great luck and timing, I recently landed at Paltalk — the leader in social networking, about 4 months ago.

 

I settled in to learn about this space. I wanted to understand how can our networks provide us with the kind of verified information that our real world networks provide us all the time? How do we integrate the collective power of the Twitters and Facebooks and UTube’s into our everyday online activities? What’s the best way to stay transparent in our social networks, yet remain safe to prying digital eyes?

 

As all these new concepts were rolling around in my head in those first early weeks at Paltalk, the economic floor began to give way and everything changed. Day after day the bad news was rolling in – first the financial sector, then the business sector. The speed of the financial decline is breathtaking. And the awful ride is not over yet.

 

But business at Paltalk is good. In fact, just today, Jonathan Blum wrote an article entitled; A surprising winner in the downturn: consumer video conferencing, and Paltalk is the primary beneficiary of this trend. In fact, we seem to be the only highly profitable and financially healthy company in the social networking space.

 

Why you ask? I’ll share our secret – but be warned – it is a radical idea.

 

Our secret is that we spent 10 long hard years developing serious technology to deliver a well designed rich media, interactive real time communications platform. And then we did not just give it all away for free (though some of our best features like SuperIM are totally free). We reserved our highest quality video and audio technology for subscribers and subscriptions makes up the vast majority of our revenue. Unlike our competitors, we did not build a business model around ad revenue that, in hindsight, never materialized. Nope, we banked on people willing to pay for great quality. Gee – what a concept.

 

And now as I see an eerie déjà vu of tech bust of 2001 (only bigger), I wonder why we did we not learn our lesson? What’s the point of a just cool company like Twitter with no real business model beyond a vague allusion to some monetization strategy in the future.

 

The point is that “Cool” has no currency – I don’t care what the cool bloggers and reporters and VC’s think. Making money is cool today.

 

That’s the point!

 

Judy Shapiro

Trust Me!

         

Nothing evokes more distrust than someone asking you to “Trust me”.

 

Yet that is what the Internet asks us to do every day! We must conduct confidential transactions online – yet we often have no way to verify the authenticity of the site. We want to share our lives with our trusted network of friends, yet we worry that in our transparency and our tweets to our colleagues, we risk our very identity to the bad guys. How do we balance our desire to go online with our need to know that we can trust sites, information and communications?

 

Can we ever hope that the Internet of today becomes the Trusted Internet of tomorrow?

 

These are questions we all confront as we conduct more of our lives online. Join two leading tech titans, visionary Melih Abdulhayoglu, CEO of Comodo and noted Internet commentator Henry Blodget as they discuss live on the Paltalk Network their ideas on the future of the Internet in a three part series entitled, “Are we the crash dummies of the new Internet age?”   

 

This live, interactive Internet event gives Melih and Henry a chance to share their thoughts with each and with the audience on a range of subjects organized in three parts. The first program, airing February 10 at 3 pm (EST), will cover, The Internet Today: Like Cars before Seatbelts. This talk will address the truth about where we are today and how the criminal elements may very well take over the Internet. The second program, scheduled for March 3 at 3 pm (EST) will focus on how much should we reveal about ourselves online. This show, entitled “Your Digital Identity – Establish it or lose it”  will discuss how do we continue to live online without risking ourselves. Lastly, the third program, entitled, Transforming the Web into Your Web, airing March 19 at 3 pm (EST) will challenge us to address how we navigate through an increasingly complex Internet while leveraging new powerful tools, such as our social networks, to carve out a personal web for each one of us. 

 

LIVE SHOW DATES & TIMES (Eastern Standard Time):

Tues 2/10, 3:00 PM

Tues 3/3 , 3:00 PM 

Thurs 3/19, (TBD) 

 

For more information about this groundbreaking series, please visit  http://TechNow.Paltalk.com.

Show link is: http://TechNow.Paltalk.com/CrashDummies

 

About Melih Abdulhayoglu
CEO and Chief Security Architect of Comodo

 

Melih Abdulhayoglu created Comodo in 1998 with a bold vision of making the Trusted Internet a reality for all. His innovations have challenged some of the largest corporations and his pioneering business model earned him Ernst & Young’s Entrepreneur Of The Year® 2008 Award in the Information Technology Software Category for New Jersey.  

 

Melih has led the industry in new digital security technologies for large enterprises, computer manufacturers and governmental organizations worldwide. This success has resulted in Comodo Certificate Authority, becoming the 2nd largest CA worldwide and Comodo’s award winning desktop security solutions are now one of most popular in the market today.

 

To learn more about the Trusted Internet, please visit http://www.comodo.com/corporate/manifesto.html

 

 

About Henry Blodget

CEO of Silicon Alley Insider

 

Silicon Alley is an online business media company based in New York. Prior to founding SAI in  May, 2007, Henry was CEO of Cherry Hill Research, an Internet research and consulting firm.

 

From 1994-2001, Henry was an investment banker at Prudential Securities and an equity analyst at Oppenheimer & Co. and Merrill  Lynch. As a Managing Director at Merrill, he ran the firm’s global Internet research practice and was the top-ranked Internet analyst on Wall Street. Blodget’s first book, The Wall Street Self-Defense Manual: A Consumer’s Guide to Intelligent Investing, was published in January 2007.

 

I hope you can join me for the pivotal live event. Bring your webcams :)

Judy Shapiro

“Trust relates to a function”

                            

I stumbled upon this recent quote from Melih Abdulhayoglu in the Comodo Forum. The context for this quote was that in software security, applications may be trusted to do certain things but not other things. Said simpler, Melih introduced in my mind the concept of limited trust – all trust is related to the function at hand.

 

He meant it in a technical sense of course, but that idea just grabbed me and wouldn’t let go. Taken to its logical (albeit cosmic) conclusion, his simple technical idea started a storm in my mind that suggested that there can be no situation where one person completely and wholly trusts another, all the time. 

 

This idea put a knife in my highly precious set of beliefs that include you can trust completely or, that love triumphs over all and I was determined to protect this idealistic concept.

 

At I first tried to answer the question by looking at my own experience. Was there anyone, when I really analyzed it rationally, that I totally trusted? On everything? I thought long and hard and the answer was a depressing no. There was no one I trusted all the time for everything.

 

Then I thought – damn he was right. I was feeling worse. It was going to be a long night. But the more I tried to rationalize this concept, the further the knife was driven into the heart of my now, on life support idea, that we can trust people in our lives completely.

 

I needed to be inspired and so I turned inward. I started to think about the people I love in my life and I realized how closely tied love and trust really are. Once I made that connection, the answer became clear.

 

Trust can be bestowed wholly and unquestioningly … but there is a trick. Just like love, we can trust completely but we must really understand the people we give our trust to because then we know what not to count on them for. If trust is “done right”, trust can be maintained because there is no situation where they are being “set up to fail”. And there’s a sweeter side too if we trust this way. The power of trusted-ness, means that it can withstand the occassional dings of disappointments that inevitably occur.

 

In the end, if someone we trust disappoints us too much – we should look to ourselves first. The answer is not that they failed (if our trust was well placed), but that we failed to observe well enough. It’s not that we can’t trust universally, it is that we did not do it right.    

 

It’s a meaningful difference that frames the concept for me better. After all, trust so fundamental to how we live a rich life – I couldn’t let that sad “you can’t trust anyone” thought roam freely in my mind.   

 

I’m glad that’s settled.

 

Judy Shapiro

And now a word from our sponsor …

Before you fire up your new PC or laptop – turn up the heat on PC protection – for free with Comodo Firewall Pro

The marketers’ engines are gathering a full head of steam to propel us consumers (some willing, some not) into the Holiday season with promises of great stuff. One sure fire item that is always high on everyone’s list is the PC.  And usually, these bright shiny PCs and laptops comes crammed with lots of security solutions — some free, some free for a while.  

But before you fire up your PC and activate the preinstalled security software, take heed – many of today’s leading anti-virus (AV) solutions are simply not up to the job of providing up-to-the-minute anti virus protection to keep your new PC healthy. Really. Here’s one sobering stat from Virus Total. Within any 24 hour period less than 1% of viruses are detected by any anti virus solution. “Yikes” you say and rightfully so. The dismal performance of most anti virus solutions is because they work on the old model of using a “signature based methodology” to  identify the bad guys. Simply, these solutions let every application into the PC and then try and figure out what’s bad based on how the file looks.

Well, it’s easy to see why that’s not too efficient. What about “new” signatures the AV solution has never seen? How can it possibly detect those? Sure, the security vendors provide regular updates – but that’s a little like having a burglar system that only protects against known burglars even if you get regular mug shot updates from the police.  Not the best idea really.

So is there a way to really protect your brand spanking new PC without it costing you another bunch of cash? There is and it’s free to boot. It is called Comodo Firewall Pro (Version 3.0) with A-VSMART P technology. Millions of users are protecting their PCs with the previous version of Comodo Firewall Pro which PC Magazine recognized as one of the leading firewall on the market (paid or free) and this new version (Version 3.0) is a super charged version.  

A-VSMART P technology is short for “Anti Virus, Spyware, Malware Rootkits and Trojan Prevention” technology and it does the job better than any conventional AV or security system your PC might come with because it operates from a wholly different perspective. Instead of letting all applications in and then trying to weed out the malware, A-VSMART P technology prevents unrecognized applications from ever getting access to your PC in the first place. Plus, if you have a new PC, this new solution really rocks because it has a patent-pending feature called Clean PC Mode. This feature takes a profile of your new PC and all the applications in it and registers them as safe. After that, the only applications that get installed on your PC are applications that are either recognized by Comodo’s extensive white list of trusted applications (which include nearly one million applications in the database and growing) or applications you expressly allow to be downloaded. This is the most effective way to keep a new PC healthy and no other anti-virus solution has anything like it.

So go ahead, download this powerful firewall for free. And in case you are wondering why Comodo gives it away free, it’s simple really. The Comodo group of companies represents a leading security company and the world’s second largest Certification Authority. If more people are confident shopping safely online, then there will be more eMerchants who will need Comodo security products and services.

So fire up your new PC – but first turn your PC onto Comodo Firewall Pro. It’s the safe bet for a safe computer.

For a free download, go to: http://www.personalfirewall.comodo.com

Judy Shapiro 

Follow

Get every new post delivered to your Inbox.

Join 2,145 other followers