The Data Transfer Project is a new team-up between tech giants to let you move your content, contacts, and more across apps. Founded by Facebook, Google, Twitter, and Microsoft, the DTP today revealed its plans for an open source data portability platform any online service can join. While many companies already let you download your information, that’s not very helpful if you can’t easily upload and use it elsewhere — whether you want to evacuate a social network you hate, back up your data somewhere different, or bring your digital identity along when you try a new app. The DTP’s tool isn’t ready for use yet, but the group today laid out a white paper for how it will work.
Creating an industry standard for data portability could force companies to compete on utility instead of being protected by data lock-in that traps users because it’s tough to switch services. The DTP could potentially offer a solution to a major problem with social networks I detailed in April: you can’t find your friends from one app on another. We’ve asked Facebook for details on if and how you’ll be able to transfer your social connections and friends’ contact info which it’s historically hoarded.
From porting playlists in music streaming services to health data from fitness trackers to our reams of photos and videos, the DTP could be a boon for startups. Incumbent tech giants maintain a huge advantage in popularizing new functionality because they instantly interoperate with a user’s existing data rather than making them start from scratch. Even if a social networking startup builds a better location sharing feature, personalized avatar, or payment system, it might be a lot easier to use Facebook’s clone of it because that’s where your profile, friends, and photos live.
If the DTP gains industry-wide momentum and its founding partners cooperate in good faith rather than at some bare minimum level of involvement, it could lower the barrier for people to experiment with new apps. Meanwhile, the tech giants could argue that the government shouldn’t step in to regulate them or break them up because DTP means users are free to choose whichever app best competes for their data and attention.
Like so many other Android users, I rely on Messages for Android — Google’s text messaging application — every day. It’s my main means of communication with the people I care about most.
So I was pretty excited to hear that Messages for Android now has its own web client, accessible from any web browser. It’s called Messages for web, naturally:
In short, Messages for web lets Android users text message seamlessly from any computer with a web browser. It’s super easy to set up, and even syncs in real time between phone and computer.
I’ve been using it for nearly a week at this point, and it’s fundamentally changed how I communicate.
First, setting it up: It’s a snap!
Here’s how you set up Android text messaging on the web:
Step 1: Open Messages on your (Android) phone. Step 2: Tap the three dots in the upper right corner, and select “Messages for web.” Step 3: Navigate to the Messages for website on your favorite web browser. Step 4: Scan the QR code using your phone.
And you’re in.
If you want the computer you’re using to remember your phone, there’s an option to select that from the web browser window.
If you’re not seeing the Messages for web option in Messages just yet, check back in a few days — Google is rolling out the update over time.
I’ve stopped knee-jerk responding to every text message buzz in my pocket.
I’ve begun ignoring the buzzes in my pocket, and it’s been a massive relief.
As someone who spends most of my time at a computer, I feel especially silly holding up a smartphone screen in front of that computer.
Eventually, I click over to the Messages for web tab in my browser and see what I’ve been missing: group texts with friends to get back to, messages from my partner, an alert from Verizon that my autopay went through successfully.
Important stuff, no doubt, but stuff that doesn’t require an immediate, “Stop everything!” response. Instead, I ignore the buzzes, find a natural end point to whatever I’m doing, then catch up on messages I’ve been missing.
It’s a subtle change with massive implications — I’ve been knee-jerk responding to text message pocket vibrations for over 10 years now.
But there’s something about having all my text messages in a browser window, waiting for me, that changed how I look at them: They’re just instant message windows now, nothing more than the AOL Instant Messengers and Facebook Messengers of the world.
It’s obvious, I realize. They’re all just messaging software in the broadest sense. But text messages have maintained the top spot in my personal hierarchy of prioritization. Messages for web is helping me put the space between myself and text messages that I didn’t even realize I needed.
Not having to switch between phone and computer while working is a huge time saver.
Switching between a phone and a keyboard is massively disruptive. Moreover, as stated previously, it makes me feel ridiculous to pick up a smartphone solely for one type of messaging while I’m sitting at a powerful computer.
Having Messages for web makes text message communication a part of my workflow.
I’m free to ignore the buzzes in my pocket specifically because I know the messages they represent are easily tackled in a browser tab. Why bother looking?
Messages for web seamlessly syncs between phone and computer, instantly.
If someone sends you media, you can download it locally to your computer (and vice versa — it’s super easy to send your friends all the dumb GIFs you found before they woke up).
Messages for web works exactly as well as Google’s many other excellent services, like Google Docs, Calendar, Mail, and Keep. It is genuinely impressive how quick and easy it is to use Messages for web.
And yes, you can text message anyone with Messages for web, just like you would with your phone normally. It actually uses your phone to send the messages — there’s no way to use Messages for web without your phone close by.
Of all the hotly anticipated new smartphones still set to be released over the course of 2018, Google’s Pixel 3 and Pixel 3 XL are the furthest from becoming a reality. The LG G7 ThinQ and HTC U12+ are both in the process of rolling out now, and Motorola has some launches coming soon as well. Then the next big phone reveal will be Samsung’s Galaxy Note 9, which will be followed by the even more eagerly anticipated release of Apple’s 2018 iPhone lineup. There, we’ll likely see three new iPhone X successors launch, including an “iPhone X 2,” a larger “iPhone X Plus” with a 6.5-inch OLED display, and a new mid-range model with the iPhone X’s design but a much lower price point. That third new iPhone model, which will reportedly feature a 6.1-inch LCD screen, will likely be Apple’s most popular new iPhone in 2018 thanks to the new, lower price tag.
Finally, after all that is said and done, Google is expected to release its new Pixel 3 and Pixel 3 XL sometime in October 2018. They won’t be the best-selling Android smartphones of the year — not by a long shot. But Google’s new Pixel phones are always the choice of hardcore Android fans who want a pure Android experience and instant access to big Android software updates the moment they’re released.
2018 is shaping up to be a somewhat controversial year for Google’s Pixel lineup since the larger and more desirable Pixel 3 XL is expected to copy the iPhone X’s notch design, and hardcore Android fans inherently hate anything and everything Apple does. Luckily for Android fanboys, however, Google likely has a solution in store to appease them, and we might have just gotten our first look at that solution in action thanks to a recent leak.
Earlier this week, the world may have gotten its first taste at the designs Google plans to use on its upcoming Pixel 3 and Pixel 3 XL flagship smartphones. That taste came courtesy of a photo that purportedly showed two screen protectors, one for the upcoming Pixel 3 and a second for the larger Pixel 3 XL phablet. Now, seeing screen protectors obviously isn’t the same as seeing the phones themselves, but if they’re genuine they do show us the design Google plans to use on its new Pixel phones. Here’s that leaked image, in case you missed it the first time around:
As you can see, the screen protectors indicate that Google plans to decrease the size of the bezels on its new Pixel 3 lineup this year. Both new models will still have a “chin” bezel below the displays, and the smaller Pixel 3 will also apparently have a somewhat large bezel above the screen. But the bigger Pixel 3 XL design shown in this leak uses Apple’s iPhone X notch design at the top of the screen in order to maximize display real estate.
Again, there’s no way at the moment to confirm that this design is accurate. That said, it wouldn’t come as much of a surprise. So many Android phones have copied Apple’s notch that Google actually baked notch support right into Android P, the company’s big 2018 update set to be released later this year. Pixel phones are always a showcase of the latest and greatest Android features, so it stands to reason that Google would want to showcase the notch on at least one of its 2018 Pixel phones.
Based on the leak above, a cell phone blog cooked up renders of what Google’s new Pixel 3 and Pixel 3 XL should look like when they launch. There’s a very good chance that those renders will end up being our first look at Google’s new Pixel 3 and Pixel 3 XL designs, though we obviously cannot confirm that for the time being. We showed you the renders on Tuesday, but here’s another look:
The smaller Pixel 3 has a design that is somewhat dated thanks to those big bezels above and below the screen, but the Pixel 3 XL looks just as sleek as any other recent Android flagship phone. It does clone the iPhone X’s notch though, which is something that hardcore Android fans haven’t been happy about with regard to all the other recent phones that copy Apple’s design. Of course, many of those phones also offer a related feature that Apple does not: The ability to hide the notch.
Phones like the LG G7 ThinQ and OnePlus 6 include a setting in the phone’s software to hide the notch by making the background black. Then, only status bar icons and notification icons are displayed on either side of the notch. There’s a very good chance that Google will offer this option as well, and now a Reddit user named “fondantsnail” has created a Pixel 3 XL render that shows us what the phone might look like with the notch hidden:
The render on the left shows us Google’s rumored Pixel 3 XL design with the notch enabled in the phone’s software. Then on the right, we can see what the phone might look like with the notch hidden in the software. Will this be enough to appease Android fans who inherently hate anything that even resembles an Apple product? Only time will tell, but our guess is they’ll happily look past the iPhone X’s notch at the top of the Pixel 3 XL’s screen in order to get their hands on the latest and greatest Google phone.
In the wake of Google’s removal of the ‘view image’ button, contributor Anthony Muller polled top news and entertainment sites to share their Google image traffic data. The results? Overwhelmingly positive — image search is back.
These declines were even more drastic for large enterprise-level brands that had spent considerable effort optimizing their image catalogs, content management system (CMS), captions and eXtensible markup language (XML) sitemaps for the search engines.
This decline was due to searchers who clicked “view image” being sent to a page with only the image asset and not to the site hosting or licensing the image when using Google image search.
Getty bites back
Approximately three years after Google added the “view image” button, Getty images filed an anti-competition complaint with the European Commission (EC) against the search giant. The gist of the complaint was that Google was using Getty images in a way that was diverting users from Getty’s website.
Fast forward to February 14, 2018 (Valentine’s Day), and it appears that Google blinked.
Google had reversed their stance and as of February 15, 2018, removed the “view image” button. A message from Google SearchLiaison tweeted confirmation that these changes (view images) came about due to the settlement with Getty Images.
Image SEO rises again
It has been fewer than 90 days since Google made the change, and I was chomping at the bit to see just how immediate the effects would be. I reached out to a number of different properties across different worldwide verticals and asked them to share their Google image traffic data.
The response to my data requests was very positive. Overall, I compiled the percentage increases from 58 different properties worldwide.
These increases were from Google images pre- and post-February 14, 2018. All sites fell into one of three different verticals, entertainment, photography and news, with a large majority being news-oriented. All sites surveyed have significantly large catalogs of images (over 100,000).
Since the only number reported from all sites was a percentage increase in image traffic from Google, it was the only number I could properly find the mean increase for at this time.
The overall data from the 58 different sites, shows an average of a 37 percent increase in clicks from Google image search.
In the image traffic data below, we can see how a single enterprise-sized entertainment site with millions of images spiked for approximately an additional 600,000 visitors from Google images every month. While this was on the higher end of the mean increase, the 47 percent seen below is pretty indicative of how most saw their traffic increase post-Valentine’s Day, with some variations.
Take note of how the impressions and position remain relatively unchanged, while the click-through rate (CTR) and clicks spike:
Some properties were generous enough to go on the record with the increases they have witnessed.
Dylan Howell from Stocksy.com reports on their Google traffic on over 1 million images after the change:
From recent data, we can see that this change greatly improved the rate of viewers visiting our site from these (image) results pages. The number of clicks from these pages to our site increased by over 50 percent from previous levels.
Serban Enache, CEO of Dreamstime, reports that his company’s traffic from Google images increased by approximately 30 percent to their catalog of 75 million images. He added:
We also saw a 10 percent increase in conversions, so this traffic previously downloaded images from Google Images. Since they purchased a commercial license afterwards, we can safely assume their past downloads were copyright infringements.
Both Stocksy and Dreamstime commented that the changes were “positive” for both site owners and photographers. As a content creator and a firsthand witness to the traffic devastation for some clients, I wholeheartedly agree with them.
Some users of image search were surprisingly upset at the change and within a week, Chrome extensions were popping up in the Chrome web store which promised to return the “view image” functionality for those who want it. I don’t quite understand the need for the button, since right-click functionality still exists to open images in a new tab, but I guess I am just old-school.
Can what was lost be fully regained?
If many sites lost 70 percent of their image search traffic in 2013, why aren’t we seeing similar increases? It is anyone’s guess, but could be, in part, from other engines (Bing, DuckDuckGo) still using the “view image” functionality. From Duck Duck Go:
In addition, I have seen a reluctance from many clients to spend resources on image optimization post-2013. They just didn’t feel that the benefit or traffic would be worth the resource cost. This lack of attention or resources placed into image optimization could have stunted the rebound as well.
One thing is for certain. It is time to reprioritize image SEO in-house or for clients taking a lackadaisical approach to optimizing images in the wake of the 2013 Google change. The upside will be far greater for those who are already poised to benefit from the changes.
This is a concise, simple explanation of GDPR brought to you by Syed Balkhi and his Editorial Staff of WordPress experts.
Are you confused by GDPR, and how it will impact your WordPress site? GDPR, short for General Data Protection Regulation, is a European Union law that you have likely heard about. We have received dozens of emails from users asking us to explain GDPR in plain English and share tips on how to make your WordPress site GDPR compliant. In this article, we will explain everything you need to know about GDPR and WordPress (without the complex legal stuff).
Disclaimer: We are not lawyers. Nothing on this website should be considered legal advice.
To help you easily navigate through our ultimate guide to WordPress and GDPR Compliance, we have created a table of content below:
The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data and change the data privacy approach of organizations across the world.
Basically after May 25th, 2018, businesses that are not in compliance with GDPR’s requirement can face large fines up to 4% of a company’s annual global revenue OR €20 million (whichever is greater). This is enough reason to cause wide-spread panic among businesses around the world.
This brings us to the big question that you might be thinking about:
Does GDPR apply to my WordPress site?
The answer is YES. It applies to every business, large and small, around the world (not just in the European Union).
If your website has visitors from European Union countries, then this law applies to you.
But don’t panic, this isn’t the end of the world.
While GDPR has the potential to escalate to those high level of fines, it will start with a warning, then a reprimand, then a suspension of data processing, and if you continue to violate the law, then the large fines will hit.
The EU isn’t some evil government that is out to get you. Their goal is to protect consumers, average people like you and me from reckless handling of data / breaches because it’s getting out of control.
The maximum fine part in our opinion is largely to get the attention of large companies like Facebook and Google, so this regulation is NOT ignored. Furthermore, this encourage companies to actually put more emphasis on protecting the rights of people.
Once you understand what is required by GDPR and the spirit of the law, then you will realize that none of this is too crazy. We will also share tools / tips to make your WordPress site GDPR compliant.
What is required under GDPR?
The goal of GDPR is to protect user’s personally identifying information (PII) and hold businesses to a higher standard when it comes to how they collect, store, and use this data.
The personal data includes: name, emails, physical address, IP address, health information, income, etc.
While the GDPR regulation is 200 pages long, here are the most important pillars that you need to know:
Explicit Consent – if you’re collecting personal data from an EU resident, then you must obtain explicit consent that’s specific and unambiguous. In other words, you can’t just send unsolicited emails to people who gave you their business card or filled out your website contact form because they DID NOT opt-in for your marketing newsletter (that’s called SPAM by the way, and you shouldn’t be doing that anyways).
For it to be considered explicit consent, you must require a positive opt-in (i.e no pre-ticked checkbox), contain clear wording (no legalese), and be separate from other terms & conditions.
Rights to Data – you must inform individuals where, why, and how their data is processed / stored. An individual has the right to download their personal data and an individual also has the right to be forgotten meaning they can ask for their data to be deleted.
This will make sure that when you hit Unsubscribe or ask companies to delete your profile, then they actually do that (hmm, go figure). I’m looking at you Zenefits, still waiting for my account to be deleted for 2 years and hoping that you stop sending me spam emails just because I made the mistake of trying out your service.
Breach Notification – organizations must report certain types of data breaches to relevant authorities within 72 hours, unless the breach is considered harmless and poses no risk to individual data. However if a breach is high-risk, then the company MUST also inform individuals who’re impacted right away.
This will hopefully prevent cover-ups like Yahoo that was not revealed until the acquisition.
Data Protection Officers – if you are a public company or process large amounts of personal information, then you must appoint a data protection officer. Again this is not required for small businesses. Consult an attorney if you’re in doubt.
To put it in plain English, GDPR makes sure that businesses can’t go around spamming people by sending emails they didn’t ask for. Businesses can’t sell people’s data without their explicit consent (good luck getting this consent). Businesses have to delete user’s account and unsubscribe them from email lists if the user asks you to do that. Businesses have to report data breaches and overall be better about data protection.
Sounds pretty good, in theory at least.
Ok so now you are probably wondering what do you need to do to make sure that your WordPress site is GDPR compliant.
Well, that really depends on your specific website (more on this later).
Let us start by answering the biggest question that we’ve gotten from users:
Is WordPress GDPR Compliant?
Yes, as of WordPress 4.9.6, the WordPress core software is GDPR compliant. WordPress core team has added several GDPR enhancements to make sure that WordPress is GDPR compliant. It’s important to note that when we talk about WordPress, we’re talking about self-hosted WordPress.org (see the difference: WordPress.com vs WordPress.org).
Having said that, due to the dynamic nature of websites, no single platform, plugin or solution can offer 100% GDPR compliance. The GDPR compliance process will vary based on the type of website you have, what data you store, and how you process data on your site.
Ok, so you might be thinking what does this mean in plain English?
Well, by default WordPress 4.9.6 now comes with the following GDPR enhancement tools:
By default, WordPress used to store the commenters name, email and website as a cookie on the user’s browser. This made it easier for users to leave comments on their favorite blogs because those fields were pre-populated.
Due to GDPR’s consent requirement, WordPress has added the comment consent checkbox. The user can leave a comment without checking this box. All it would mean is that they would have to manually enter their name, email, and website every time they leave a comment.
Data Export and Erase Feature
WordPress offers site owners the ability to comply with GDPR’s data handling requirements and honor user’s request for exporting personal data as well as removal of user’s personal data.
The data handling features can be found under the Tools menu inside WordPress admin.
These three things are enough to make a default WordPress blog GDPR compliant. However, it is very likely that your website has additional features that will also need to be in compliance.
Depending on which WordPress plugins you are using on your website, you would need to act accordingly to make sure that your website is GDPR compliant.
A lot of the best WordPress plugins have already gone ahead and added GDPR enhancement features. Let’s take a look at some of the common areas that you would need to address:
Like most website owners, you’re likely using Google Analytics to get website stats. This means that it is possible that you’re collecting or tracking personal data like IP addresses, user IDs, cookies and other data for behavior profiling. To be GDPR compliant, you need to do one of the following:
Anonymize the data before storage and processing begins
Add an overlay to the site that gives notice of cookies and ask users for consent prior to tracking
Both of these are fairly difficult to do if you’re just pasting Google Analytics code manually on your site. However, if you’re using MonsterInsights, the most popular Google Analytics plugin for WordPress, then you’re in luck.
They have released an EU compliance addon that helps automate the above process. MonsterInsights also has a very good blog post about all you need to know about GDPR and Google Analytics (this is a must read if you’re using Google Analytics on your site).
If you are using a contact form in WordPress, then you may have to add extra transparency measures especially if you’re storing the form entries or using the data for marketing purposes.
Below are the things you might want to consider for making your WordPress forms GDPR compliant:
Get explicit consent from users to store their information.
Get explicit consent from users if you are planning to use their data for marketing purposes (i.e adding them to your email list).
Disable cookies, user-agent, and IP tracking for forms.
Make sure you have a data-processing agreement with your form providers if you are using a SaaS form solution.
Comply with data-deletion requests.
Disable storing all form entries (a bit extreme and not required by GDPR). You probably shouldn’t do this unless you know exactly what you’re doing.
The good part is that if you’re using WordPress plugins like WPForms, Gravity Forms, Ninja Forms, Contact Form 7, etc, then you don’t need a Data Processing Agreement because these plugins DO NOT store your form entries on their site. Your form entries are stored in your WordPress database.
Simply adding a required consent checkbox with clear explanation should be good enough for you to make your WordPress forms GDPR compliant.
WPForms, the contact form plugin we use on WPBeginner, has added several GDPR enhancements to make it easy for you to add a GDPR consent field, disable user cookies, disable user IP collection, and disable entries with a single click.
Email Marketing Opt-in Forms
Similar to contact forms, if you have any email marketing opt-in forms like popups, floating bars, inline-forms, and others, then you need to make sure that you’re collecting explicit consent from users before adding them to your list.
This can be done with either:
Adding a checkbox that user has to click before opt-in
Simply requiring double-opt-in to your email list
Top lead-generation solutions like OptinMonster has added GDPR consent checkboxes and other necessary features to help you make your email opt-in forms compliant. You can read more about the GDPR strategies for marketers on the OptinMonster blog.
OptinMonster – advanced lead generation software that offers clever targeting features to boost conversions while being GDPR compliant.
Shared Counts – instead of loading the default share buttons which add tracking cookies, this plugin load static share buttons while displaying share counts.
We will continue to monitor the plugin ecosystem to see if any other WordPress plugin stands out and offer substantial GDPR compliance features.
Whether you’re ready or not, GDPR will go in effect on May 25, 2018. If your website is not compliant before then, don’t panic. Just continue to work towards compliance and get it done asap.
The likelihood of you getting a fine the day after this rule goes in effect are pretty close to zero because the European Union’s website states that first, you’ll get a warning, then a reprimand and fines are the last step if you fail to comply and knowingly ignore the law.
The EU is not out to get you. They’re doing this to protect user’s data and restore people’s trust in online businesses. As the world goes digital, we need these standards. With the recent data breaches of large companies, it’s important that these standards are adopted globally.
It will be good for all involved. These new rules will help boost consumer confidence and in turn help grow your business.
We hope this article helped you learn about WordPress and GDPR compliance. We will do our best to keep it updated as more information or tools get released.
We are not lawyers. Nothing on this website should be considered legal advice. Due to the dynamic nature of websites, no single plugin or platform can offer 100% legal compliance. When in doubt, it’s best to consult a specialist internet law attorney to determine if you are in compliance with all applicable laws for your jurisdictions and your use cases.
A report from a solid source that just hit the wire on Friday morning suggests that Samsung may finally have a launch schedule in place for its mysterious new Galaxy X. The company first confirmed that it was working on a smartphone with a foldable display back in 2017. At the time, a Samsung executive said that the company was targeting 2018 for the phone’s release, but numerous reports have since stated that the phone’s debut has been pushed back to 2019. Honestly, that’s a very good thing, and it’s uncharacteristic for Samsung. The company has been known to rush out new products long before they’re ready for primetime, so it’s refreshing to see Samsung take a step back and make sure it gets things right before releasing the Galaxy X. According to this new report, the phone will have a 3.5-inch screen on the outside and the approximate equivalent of two 3.5-inch displays on the inside. When it folds open, its total screen area will be in the high 6-inch range. It’s a nifty idea and the Galaxy X could be truly impressive if Samsung manages to use a folding OLED panel so there’s no seam where the hinge is placed. But to be frank, it’s really not all that appealing to me. The device is bound to be awkwardly thick, and I’m not sure gaining a diagonal inch is worth dealing with the large size, the inevitable hit to battery life, or the weird aspect ratio.As it turns out, Samsung is in the early stages of working on a radical new smartphone design that would be completely unlike anything we’ve seen before.
Did you catch that part that began at the 57 second mark? Panasonic demoed a television with a display that is completely transparent when it’s turned off. It’s absolutely incredible, and I need 10 of them right now. If you go back a bit to the 37 second mark, you can see another awesome design that puts a transparent display on the front of a wine cooler, but this time Panasonic only lights up part of the screen at a time. This way, the panel can display information but you can still see the wine inside the cooler.
By now you probably see where we’re going with this. What would happen if Samsung took these technologies and shrunk them down so they could fit in your pocket? Well, you would end up with one of the most exciting and novel new smartphone designs the world has ever seen.
The regulatory filing hawks over at Patently Mobile just dug up a pair of patents that were awarded to Samsung this week by the United States Patent and Trademark Office. As illustrated in the technical drawing above, the patents cover a smartphone with a transparent design. That would be… awesome.
As you might have surmised after watching the video above, a Samsung phone with a transparent display could light up the entire screen and be used just like a regular smartphone. But portions of the display could show graphics while other portions remain transparent, resulting in an augmented reality experience the likes of which the world has never seen on a smartphone.
Samsung first showed off fully functional transparent displays all the way back in 2015, so the company has been working on this technology for quite a while now. Of course, that doesn’t mean a smartphone with a transparent display will launch anytime soon. In fact, even with these new patents brought to light, Samsung may never launch a phone with a transparent display. Companies constantly work on new technologies that never see the light of day — bet let’s hope that’s not the case here because this device could be the most exciting smartphone the world has ever seen.
PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction and only by opening a file, according to Assaf Baharav, a security researcher with cyber-security company CheckPoint.
This means a curious end user who opens a PDF attachment they did not ask for can be pnwed in about 15 seconds. Good thing this nasty is not in the wild just yet…
Baharav published research this week showing how a malicious actor could take advantage of features natively found in the PDF standard to steal NTLM hashes, the format in which Windows stores user credentials.
The rules have changed about what good website security means—starting with a new minimum requirement for all website pages to support encrypted connections. The good news is you’ll gain other valuable benefits by adhering to this new standard. First, let’s get on the same page by reviewing a few basics.
When your customers land on a web page that’s not protected by any type of SSL Certificate they’ll see http:// at the beginning of the website address in the browser bar. This used to be perfectly fine unless your webpage involved a login ID, password, form or payments. Enter the era of mega cybercrime.
HTTP has one glaring flaw—it’s not secure. Any information transmitted via an HTTP connection is vulnerable to being tampered with, misused or stolen. Your visitors deserve to know any data they share with you is safe from prying eyes.
Installing an SSL Certificate changes the browser bar address to https:// to clearly show visitors the connection is encrypted, meaning the server is authenticated and data is protected in transit. No wonder web browsers have made HTTPS the new standard for website security.
HTTPS Is Good for Your Bottom Line
Enabling encrypted connections is one great reason to protect your website with an SSL Certificate. But, it’s not the only reason. Here are some other ways HTTPS brings value to your business:
Speeds Up Performance—Being the slow kid on the block and the last one picked for dodgeball is a bummer. Being slow online could cost you everything. HTTP is being replaced by a newer faster version—HTTP/2. Encrypted connections are required to unlock the latest speed and security features.
Increases Search Engine Traffic—Google includes SSL as a ranking factor. How’d you like to boost your search visibility up to 5%? Be found above the competition by encrypting every page of your website.
Enables Mobile Options—Salesforce reports 71% of marketers believe mobile is core to their business. Mobile’s most popular features—geolocation, motion orientation, microphone, fullscreen and camera access—require HTTPS to be enabled by most browsers
Protects Your Brand Reputation—A recent CA Security Council Report shows a mere 2% of customers would proceed past the “Not Secure” warnings that are due to kick in July 1 for all web pages without HTTPS connections. Show visitors your brand values their security by protecting your website with an SSL Certificate.
Delivers a Seamless Experience—Don’t let visitors engage with several pages on your site only to be get broadsided with a “Not Secure” warning on pages you haven’t protected. They’ll reward you for taking the extra steps to give them an end-to-end encrypted experience.
Identity Validation Matters, Too
HTTPS is no longer optional if you want to build relationships and a business online. The good news it adds a lot of value to your business. But, SSL Certificates do more than enable HTTPS. They also authenticate or validate your identity so visitors know it’s really you on the other end of their connection. We’re here to help you find the right level of validation based on your goals.
Click here to learn more and request pricing for the purchase and installation of your SSL Certificate.
It’s called the Chromebook x2, and it’s very much designed to go after the iPad Pro. It has a 12.3-inch screen (the larger iPad Pro has a 12.9-inch screen), docks with a keyboard cover, and supports stylus input.
The big benefit here is that the full package is available for much, much cheaper: the Chromebook x2 costs $599 in its base configuration and comes bundled with the keyboard cover and stylus. The iPad starts at $649 for the (smaller) tablet on its own, and you’ll have to spend $1,067 if you want the 12.9-inch model with a keyboard and pen. So if you’re thinking about using a tablet (with a non-traditional operating system) as a portable computer, HP will get you there for way cheaper.
The Chromebook x2 has a Core m3 processor from Intel’s prior generation of Kaby Lake chips, 4GB of RAM (it can be configured with 8GB, too), 32GB of storage, a 2400 x 1600 resolution, stereo speakers, a 5 megapixel front camera, a 13 megapixel rear camera, two USB-C ports, a Micro SD card slot, a headphone jack, and an estimated 10.5 hours of battery life. It weighs a little bit more than an iPad Pro, and it’s a little bit thicker than an iPad Pro, but not by much.
In a briefing, HP also emphasized that the keyboard was designed to hold firmly enough to the tablet that it should feel like a clamshell laptop when the two are connected. I haven’t seen the Chromebook x2 in person, but HP’s images make it look relatively nice — like a combination of Google’s Pixelbook, with its metal and glossy white top, and Microsoft’s Surface Laptop, with its soft and colorful keyboard.
The Chromebook x2 seems to have a lot of potential, but there are some big questions — and not just around whether the hardware is as good as it looks. The real open question is whether Chrome OS is cut out to work on a tablet. Google has been overhauling the operating system to work better with touchscreens for a couple years now, but it’s still very much a desktop system (it’s based around the Chrome desktop browser and its display of desktop websites, after all). That’s likely to limit how useful it is, especially in comparison to an iPad, which was designed for touch from the ground up.
And while the Chromebook x2 looks like a bargain compared to the iPad, it’s expensive for a Chromebook, which people often buy for around $300. At $600, you enter into the world of lower-cost Windows computers, which this product will have to compete with, too.
HP plans to launch the Chromebook x2 sometime in June. And from the looks of it, we could see a few more Chrome OS tablets before then.
by Emily Schechter, Chrome Security Product Manager
For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.
In Chrome 68, the omnibox will display “Not secure” for all HTTP pages.
Developers have been transitioning their sites to HTTPS and making the web safer for everyone. Progress last year was incredible, and it’s continued since then:
Over 68% of Chrome traffic on both Android and Windows is now protected
Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
81 of the top 100 sites on the web use HTTPS by default
Contact us today to make your visitors comfortable by securing your website.
Chrome is dedicated to making it as easy as possible to set up HTTPS. Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse, an automated tool for improving web pages. The new audit in Lighthouse helps developers find which resources a site loads using HTTP, and which of those are ready to be upgraded to HTTPS simply by changing the subresource reference to the HTTPS version.
Lighthouse is an automated developer tool for improving web pages.
Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default. HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP. Developers, check out our set-up guides to get started.