What’s makes a revolution?

The Beatles sang many years ago, “You say you want a revolution…”. But what, I wonder, exactly is a revolution?

I was challenged to consider the idea because in fact, Comodo is launching a revolution with a new service called UserTrust (www.usertrust.com) , “Well”, I think to myself in a moment of wistful distraction  – “a revolution – how fun. Where’s the vodka we surely must be allowed to swill in boisterous bouts of revolutionary fervor.” But then I was drawn back to the task at hand as I was drafting the materials for this launch (I promise – no posters saying “down with eCrime). I was driven to seriously define what would qualify for a revolution – especially in the online world.

Revolution – ala wikipedia,

  A revolution (from the Latin revolutio, “a turnaround”) is a significant change that usually occurs in a short period of time. Revolutions have happened throughout human history and vary widely in terms of methods, duration, motivating ideology, and the number of participating revolutionaries. Their results include major changes in culture, economy, and sociopolitical institutions.Scholarly debates about what does and does not constitute a revolution …

Ok – so how does revolution translate to the online world where identities can be cloaked and people have limited ways to authenticate who they do business with?   

The revolution in the online world is about being able to take the guesswork out when doing business online. It’s about creating transparency when the very nature of the Internet is to hide behind an IP address. The revolution in the online world would mean that you could go online and know who an eMerchant is and what they are going to do. A revolution called The Trusted Internet.  

I could see the headlines …  

“Viva la Trusted Internet”

“I have but one PC to give, let me give it for a Trusted Internet”

“Give me a Trusted Internet or give me death”  

So that’s the revolution I get to help launch.   It’s a revolution that changes nothing less than who we trust online and why we trust them.  

All revolutions need technology to help propel them and this revolution deserves nothing less. The technology we are launching is a new feedback and rating platform called UserTrust. On the surface, it is a powerful free technology platform eMerchants can use to collect and manage feedback. The eMerchants get to leverage the power of viral marketing (having customers as advocates). Online visitors get unbiased information about who to trust and why.  

But here’s where the real revolution starts. eMerchants can’t pay for this platform – it is free and because of that it takes any potential conflict of interest out of the equation. Imagine if we charged for the platform like all other providers. Then if an eMerchant didn’t like the results, we would have to do what we could to keep that customer happy. Take the money out of the equation and you create a revolution because you create the first unbiased system where accountability is driven by an eMerchants performance – not by how much they are willing to pay.  In this system, eMerchants that can thrive under the light of unbiased customer feedback will grow while other less reputable merchants will wither under the glare (thankfully). 

“You say you want a revolution … well you know … we all want to change the world…” That’s a revolution I can believe in.  

Judy Shapiro

Let’s schedule our lives – including when we fall in love.

I am working and out of my peripheral attention vision, I hear an eHarmony commercial telling me in an affirmative tone to,  “Make 2008 the year you fall in love.”

According to the commercial, we can summon on queue that which usually seems beyond our ability to summon. Many of us think of falling in love as something that just “happens”, something we can’t control. Yet this commercial challenges that notion. It asks in effect, can one “summon” things to happen in our lives on demand? Is there is some secret to getting what you want?

Actually I don’t think it is a secret – but rather more of an observation. It seems to me that most people in fact do get the things they ask for. Unfortunately, most people are not very discriminating about what they want.

And if there is a secret- that’s it. The old cliché, “Be careful what you wish for”. got it right – but it’s actually quite hard to really commit yourself to that disciplined way of thinking. People “want” all sorts of things. But unless you really think about you really want within the context of your life – the “want” list just becomes a jumbled, meaningless set of “stuff” – no punch and no energy.

But if you construct a well considered “want” list, then you do get what you want because the list reflects the reality of your world. Your world – perhaps at its most optimistic sense – but you’re world nonetheless.

And oh – BTW – once you really really get this (and to be honest most people probably don’t) – don’t be surprise if people around don’t believe you when you’re quite certain about your “wants”. I remember, a while back I had a discussion with a friend about how much would it take for me to be satisfied. I said $10 million. My companion shot back – “you would not be satisfied. Once you had that you would want more”. I tried to convince him that I really really do not want more. I failed. I could see he did not believe me and I could also see I would never convince him. He did not understand that I understood the consequences of what I wanted. I have learned to be was very very careful in what I ask for because I know if I want it enough it will come to me – one way or another. He didn’t believe me then – but I suspect one day he will.

So go ahead, “Make this the year you…” – Just consider your “wants” well.

Judy Shapiro  



“…but Mom, 500 Million people go to that site everyday…”

I heard my 12 year old boy exclaim to me in an exasperated voice when he asked to go a music site to listen to some music. I peppered him with questions as though I was interviewing someone for a job. What is the site? Do you see any security seals on it? How do we know if the site safe? By the time I was done grilling my son about the credibility of the site (“blah blah blah” to my son at this point) he exclaimed in frustration, “…but Mom…”

In that moment I understood the schizophrenic nature of the Internet itself. On the one hand, we appreciate the way the Internet can expand us in virtually every aspect of our lives – directly and intimately. And yet we seem to sense that the more dependent we become on our online network, the less secure we think our online interactions are becoming.

How we learn who to trust in the online world is at the heart of how we continue to use the Internet.   

But trust is a BIG word – not easily won but very easily lost. And in the online world today, we know enough to know that there are many more threats are out there eroding our trust faster than our ability to even understand the nature of these new threats. We question whether sites are secure or whether hackers can steal sensitive information. We wonder whether we will be a victim of a drive by download attack. We rightly fuss that our computers will get destroyed by some virus. So we must proceed with caution especially when it seems like the bad guys are gaining the upper hand. 

Can we learn to trust on the Internet?

I optimistically think we can. It’s not just wishful thinking on my part but reflects the reality of how the Internet is evolving to be more secure and to be more trusted.  More secure because we are incorporating better security practices with better solutions that mitigate some threats. And it is more becoming more trusted because there is a new maturity surrounding group of specialized security companies called Certification Authorities. They are, in effect, the unsung Trust Police of the Internet.

What exactly then is a Certification Authority?

To get a definition, I start where every good tech wannabe geek starts, at Wikipedia;  “In cryptography, a certificate authority or certification authority (CA) is an entity which issues digital certificates … for use by other parties. It is an example of a trusted third party.”


I continue my hunt, Webopedia gives this explanation. “…a trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be. Usually, this means that the CA has an arrangement with a financial institution, such as a credit card company, which provides it with information to confirm an individual’s claimed identity. CAs are a critical component in data security and electronic commerce because they guarantee that the two parties exchanging information are really who they claim to be.”

Now that’s more like it. Note that the main idea is that CAs are organized and built to create online trust. They issue digital certificates that attest to different elements of trust – site identity, site security and even whether content or information can be authenticated. In essence, CA’s are guys that do the heavy lifting in online authentication working to ensure that identities are verified.  

Nor can any software company claim to be a CA as becoming a CA requires significant infrastructure to authenticate digital interactions. Plus becoming a CA means that you adhere to best practices and security standards reflective of the highest standards around and are subject to regular audits.  

So it is this rarified breed of software companies that are doing important work by creating the basis for online authentication. They are creating the “Authentication layer” of the Internet to deal with the exponential need to authenticate all this online “stuff”. We want to authenticate our online surroundings and that’s where CAs come in. Today, CAs are already at the center of authenticating online interactions. When you see a gold padlock on a secure page, a CA has verified that the transaction is encrypted. When you see the address bar go green in IE7 that means a CA has authenticated the identity of the site owner.

These indicators are important in that they authenticate critical aspects of our online transactions. Other new ways to authenticate “stuff” are also being introduced. For instance, Comodo CA has a trust mark called HackerProof that authenticates that the site is safe from hackers. There is even a way to authenticate that web content to ensure that what you see is authentic.

More and more digital authentication is being introduced into how we browse and shop. CAs are leading the way in building this authentication layer enabling all of us to truly live in a trusted internet.

Judy Shapiro

%d bloggers like this: