La Piazza

Published by Iñaki Gorostiza, september 29,  2010

This follow-up to the piece An instant with Google Instant furthers the analysis of this issue.

The SERP has changed, or better still, the SERP now changes with every keystroke:

• The first page is now the key component of the search. Where before it was already unlikely that a user would go beyond the second or third page of results returned, Google Instant brings the relevance of the Top 10 results into even sharper focus.

• The visual content fully captures the user’s attention. The SERP becomes a kaleidoscope where Web maps, images and videos stand out against any text content.

• Google Instant minimizes bad searches due to spelling or grammatical errors, and this has a direct impact on those pages that feed off such mistakes.

• The space on the SERP dedicated to organic results is reduced in favor of suggestions. This can lead to a page where there is just one organic result for every eight sponsored links. Let’s take a look:

• Now more than ever, webmasters will have to draw Google users’ attention with the title and snippet (the brief text below the title describing the Web page).

• Interestingly, adult pages are ignored by Google Instant. Try searching, say, for “sex” and you’ll see that the search engine does nothing. Of course certain search terms may suffer collateral damage, careful if you’re looking for “Whorfian hypothesis” for example.

• The influence of the ‘long tail’ is questionable:
  • The long tail can be partially cannibalized by head terms, as before a long search term such as “Antivirus in Spanish compatible with Windows 7″ is entered, a ‘good enough’ result may be displayed.
  • It’s also true that simple searches, such as “Antivirus” will generate more specific suggestions such as “Free antivirus in Spanish”.

• Well known brands will benefit: after entering just one or two letters, don’t be surprised to see the name of a famous company.

It only takes an instant to forget a lifetime, but sometimes even a lifetime isn’t enough to forget an instant.

In a few months we will know exactly the impact that Google Instant has on the search trends of users, as well as on Search Marketing strategies. For the moment, we just have to make educated guesses.

While it’s true that Google Instant represents a significant step forward, it shouldn’t really alter the fundamentals of SEO/SMO, at least not to the extent that some fear. Sleep tight everyone.

==============================================================================

You can contact Iñaki Gorostiza on his blog http://www.hellogoogle.com, where he publishes articles that help companies grow on Internet, and at http://twitter.com/hello_google.

By Iñaki Gorostiza, September 22, 2010

Google Instant highlights just how marvelous human beings are: we can search for something at the same time as we read the results, without our heads exploding.

Instant is the result of 15 new technologies which, according to the people at Google, will help our searches return faster and more accurate results. An unprecedented act of generosity that will help us save five seconds for every search we make. Start thinking what you’re going to do with all this free time!

On the face of it, Instant is a significant advance in the mechanics of search engines, yet Adwords advertisers and behavioral philosophers dabbling in SEO have misgivings. Collective hysteria has erupted across social media, with apocalyptic predictions of the death of SEM and SEO.

This is nothing new, every time the search engine supreme engenders a new function (Google has delivered more than 540 search quality improvements since 2009) the Earth’s axis shifts another millimeter: Caffeine, Google Suggest, personalized searches, universal – realtime search, and now Instant. But, has anything really changed? Do we really have something to worry about?

What’s new in Google Instant?

Broadly speaking, three things are new:

• Dynamic results: Every time you type a letter, the SERP updates to display the results most relevant to what you have written.
• Predictions: Google will predict what you are looking for, and will display this prediction in light gray text.
  
• Textfield with Scroll: You can immediately mouse over the predictions and see the results.

Google Instant supports Chrome, Firefox, Safari and Internet Explorer 8+ and is already available to Google users in France, Germany, Italy, Russia, the UK, USA and Spain.

Although it is currently only implemented for Web searches (and accessed from a Google account), the plan is to include it in other content: videos, images, maps and news, as well as on other devices, such as cell phones.

Why Google Instant?

Google Instant, evidently, optimizes search time, and estimates suggest that users will save some 350 million hours over the next year.

It is also thought that Instant will improve the scope and quality of search results, in other words, our searches will be better.

Google hopes that these two factors will encourage users to make more searches with the consequent positive repercussions for its main source of monetization: its Adwords sponsored advertisements.

Moreover, Google Instant, as we will see below, will subtly favor PPC over organic results in the SERP. Everything suggests that this is another initiative from Google that will improve revenue while making us all happier individuals.

Redefining e-marketing metrics

The first direct consequence of Instant is that it redefines the concept of the impression, which is of essential importance to PPC.

Traditionally, an ‘impression’ has been defined as every time an Adwords advertisement is viewed in the SERP. Starting with this parameter, others such as the CTR or CR can be derived with a view to calculating the ROI of a campaign.

In this new scenario, where the SERP is dynamic, changing with every keystroke, Google does not count impressions until one of the following criteria has been met:

• The user clicks Enter to run the search.
• The user clicks the Search button.
• The user clicks a specific result.
• The user clicks a suggestion.
• The user does nothing for three or more seconds.

One aspect that I personally find lacking is that Google Analytics still doesn’t offer advertisers a way of segmenting traffic directed from Google Instant. Fortunately though, the community has made up for the omission by generating filters for this purpose. So what’s your take on this?

I’ll be following up this issue and shortly publish a second part to the article, looking at how Google Instant revolutionizes the SERP.

==================================================================================

Iñaki Gorostiza works in Panda Security as Web Development Responsable. Since joining the company in 2002, he has taken part in numerous projects, in the Development Area and online promotion. You can contact him on his blog http://www.hellogoogle.com, where he publishes articles that help companies grow on Internet, and at http://twitter.com/hello_google.

Published by José Manuel Bernal, June 8th 2010

My name is José Manuel Bernal and, like William Diggiglio, I am one of the Panda Cloud Antivirus forum moderators.

I have some very good news to share with you. We have made available a new version of this cloud-based, lightweight, free antivirus, the fastest detecting new threats.

What’s new at the latest Cloud Antivirus version?

The new Cloud AV version includes:

• Behavioural blocking. Proactive, signature-less, protection against malicious actions typically used by malware. Generic blocking of malicious PDF/DOC/XLS/PPT/WMV/etc. droppers. Compatible with both 32 and 64bit Operating Systems.

• Behavioural analysis (PRO only). Runtime analysis and blocking of running processes. Compatible with 32bits Operating Systems as well as for 32bit processes under 64bit systems.
• Advanced configuration. Ability to turn on/off and tweak each technology and exclusions.

• Self-protection of the AV processes and configurations.

• Automatic upgrades (PRO only) to new engine versions and new features automatically and transparently.

• Improved offline protection. Default deactivation of Windows Autorun.

• USB vaccination (PRO only) Automatic vaccination of USB memory keys and hard drives.

• Ability to run alongside other AVs and Anti-Spyware. Can now be run alongside other security tools and scanners.

• More languages. Added 9 new languages. PCAV is now available in a total of 20 languages.

Are there two versions: free & paid?

Yes, the basic version will remain free, and those who wants to buy superior version with more features and tech support can pay for the Pro one for 29,95.

==================================================================================

José Manuel Bernal introduces himself: I have a degree in Computer Science and joined Panda Security as an intern just after completing my studies. I am currently working as Issues Resolution Manager. I love technology and music.

Published by Javier Merchan, May 2nd 2010

Remember a film called Home Alone where a young boy called Kevin is left at home by mistake while his family goes on a Christmas vacation to Paris?

And what’s this got to do with support or IT?  Nothing really, it’s just that I keep on forgetting things, mostly my passwords. It must be because I’m getting old.

The number of passwords we use for specific applications is increasing: work computer, personal computer, Gmail mailbox, Twitter, Facebook… not to mention telephone and credit card PINs.  If I don’t even know my home number (as I never call home), how can I be expected to remember all the passwords I use? Being highly intelligent, I decided to use the same password for most of my applications to avoid forgetting it.

Is that really a smart move?  No it isn’t, it’s a very common error. We don’t consider passwords to be important. It’s like using a single key for your car, house, office, bank… Imagine you leave it at home by mistake or it falls out of your pocket.

Even if you have a strong password, someone could get hold of it (please tear up the post-it note next to your PC which includes your password and dispose of it in several bins) using Trojans, phishing and other malicious methods. However, I’ll leave it to my colleagues in PandaLabs to explain that in another post.

Most browsers store the passwords used so you don’t have to remember them every time you access an application like Facebook or Twitter. But, is this safe?  If you always use your computer this may not be that dangerous, but if you share the computer you could be in for a surprise.

A few days ago, a friend told me over Facebook that after being married to his wife for many years, he wanted to break up with her. He had fallen in love with a work colleague and was going to leave everything in order to be with her. You can imagine the reaction on Facebook: his family (mainly his in-laws) asking for explanations, work colleagues under suspicion for breaking up the family, lost friends… and all because he accessed Facebook from a computer at an IT trade fair and forgot to close the session. Someone had used the same computer, gone into Facebook with his profile and passed himself off as my friend. It wasn’t easy explaining the situation, especially to his wife!

Passwords are keys to access applications and their importance is grossly underestimated. Everyone has, at one time or another, created passwords using their name and birth date (john1974) or the name of their loved ones. This is a mistake, it’s like giving away your keys and asking people to enter your home or steal your car.

Here are a few tips to create and use strong passwords:

• Combine alphanumeric characters to create your passwords, and create different passwords for email, social networks, etc.  The more complex, the more difficult to copy.

• Size does matter: the longer the password, the stronger it will be.

• Do not use your name and phone number (john2124561234), easy passwords (123456) or your pet’s name, as this information could be (although it shouldn’t) on social networks such as Facebook.

• Use all sorts of characters: ‘@’ instead of ‘a’, ‘I’ instead of ‘i’…

• Use words or sentences that are easy to remember but difficult to guess.

• Do not reveal your passwords or send them via email.

• Change your passwords frequently. Passwords are like toothbrushes: no one should use yours, and you should change it regularly.

• Do not enter passwords on shared computers.

The best advice is to use common sense.  The theory is simple, but I hardly ever put it into practice. As the saying goes, do what I say, not what I do. This post will at least be useful to realize that what I usually do is not right.

==============================================================================

I have been working in Panda Security since 2001 and I am the PR Coordinator.  This may sound strange, but it consists of working with our offices worldwide to coordinate PR and Communication actions. I love sports (lately I prefer to watch rather than take part), reading and good movies… This is subjective, as some people may consider Rambo a good movie, and others may like French movies where the main characters look at each other through a window while the rain is pouring down it. You can contact me in http://twitter.com/javiermerchan or josejavier.merchan@pandasecurity.com

Published by Javier Guerrero, May 26th 2010

There’s a general feeling that Windows is not a secure operating system, as opposed to others such as Linux or Mac OS. Yet this is not entirely true.

Let me explain. There is no doubt that Windows is the prime target for malware, basically because it has such a huge market share.

However, it implements all security mechanisms that a modern operating system should do, such as access control lists, permissions, user accounts with different privileges, etc. Paradoxically, most of these functions end up doing little good, simply because they’re not used.

I was thinking about this a few days ago, when I read a news item concerning a report by BeyondTrust, detailing how around 90% of the security problems affecting Windows (things like malware, vulnerabilities, etc.) could be reduced or mitigated if people used ‘limited’ user accounts instead of ‘administrator’ accounts.

So what’s all this about ‘limited’ and ‘administrator’ users?

Whenever a person uses a PC, they do so with a user account which identifies them on the operating system and lets them work with it. Basically there are two types of accounts: administrator accounts and limited accounts. The former have unlimited access to system resources: they can install hardware and applications, manage user information (creating or deleting users or changing passwords), and implement any changes affecting the whole system.

A limited user on the other hand has restricted access to certain system resources, such as folders, files, administration tools, installation of applications, etc.

OK, but what has this got to do with malware?

Right, imagine that, without knowing, you run a malicious program on your computer which tries to install and start a Trojan. Normally, an application will use the access permissions of the account with which it was executed, meaning that if this is a limited account, the intruder cannot copy files to the system, edit registry entries, or even start a driver or service.

If, however, malware is run with administrator permissions, it will be able to install itself and do what it wants with respect to the operating system. The application will be authorized to do so.

There is therefore no doubt that although vulnerabilities and other means of bypassing security checks exist, this simple mechanism is a good way of implementing a barrier against the most common and less sophisticated malware, considerably mitigating many problems.

So if these measures are available, why are they not used?

There are several reasons for this:

• Most users have got used to working with their systems as administrators. This is understandable, as it is not so simple dealing with concepts such as permissions, accounts, privileges, access control lists, etc. even for experienced users. So either through a lack of knowledge, force of habit or just convenience, we normally end up just using the administrator account.

• There are applications that do not take the Windows security model into account, and assume that they will be run under an administrator account, and that they will therefore have permissions to perform certain tasks. This in fact means that if they are run from a limited account, they will not operate properly, or they might not even install, and so they require users to work with an administrator account.

• Also, many users like to have complete control over what happens on the system, and feel that the limited user accounts place too many restrictions on them. They are therefore willing to assume the risks in exchange for having more control.

One of the conclusions we can draw from all of this, evidently, is that an operating system is a complex product, and in trying to reach out to as many users as possible, security is often one of the aspects that suffers.

Javier Guerrero Díaz
R+D Department

Posted by Nerea Bezares

Art and technology have always been understood to be two completely different branches of knowledge. In fact we could say that art sees the world from a subjective perspective, based on imagination and emotions, while technology or science sees the world from a strictly objective and rational perspective.

Yet recently we have seen art combine with technology to take us into surreal worlds, playing with our emotions and imagination, such as simulators or films in 3D, etc. But the example of art meeting technology that has attracted most attention is Picasso’s Guernica in 3D. 

Bearing in mind that art has never been one of my strong points, I must admit that on seeing Guernica in the Queen Sofia Museum in Madrid, what most caught my attention was the dimension of the work. I wasn’t able to perceive the suffering that each of the “characters” represent, even though this is something that I had studied at school.

After seeing this video, I was able to feel and understand the suffering of each of the characters, and all of this from my own home. 

If you don’t see the painting in a museum you do lose certain aspects, such as the real tones of the paint on the canvas, the lines, the light, everything that the art comprises. If you see it in 3D, you feel the painting in a special way, you feel part of it and you can even sense the feelings of the characters; pain, anguish, emotion. So should we really continue to see art and technology as two separate branches?   

Whatever your feelings about art and whatever your view of the technological world in which we live, it is impossible not to be amazed by this video and I’m sure you’ll start to see art from a different perspective…

Posted by david, July 3, 2009

Some weeks ago I had the pleasure of listening to a talk from Genis Roca, in which he explained how people’s perception of technology is ‘everything that has been invented after they were born’. The idea is that we don’t consider anything invented before we were born as technology, because it has always been there; it is something natural to us. While I share this perception of technology to a large extent, it is also true that in my case it applies only when I discover something new and even then for a short period of time (the ‘euphoric’ phase). Take, say, an Ipod; to my father this is technology, but to me it is just a device for listening to music, just as a discman was 20 years ago. Sure, I can also surf the net, watch movies… but in the end it is still a device designed for listening to music.

Are social networks and Web 2.0 technology? The way I see it, they are just channels through which I can interact with people and share information or just talk. Of course I can also share photos, play, post videos, tag friends,… but once again, in the end they are applications for communicating, just as in the 90s we had IRC, and in ten years’ time we will have… whatever.

So what essential differences are there between showing my friends photos in a traditional photo album or posting them on Facebook? Basically three: the immediateness, the duration and the feedback. I could be in London, take a photo, publish it on Facebook and in less than five minutes my friend Ted, who lives in the backend of nowhere in Australia, could be telling me what he thinks of the photo. If I keep my photos published for three of four years, then Ted can always see my photos of London again, without having to come to Spain to see my album.

If we apply all this to tech support, it drives us to look for a way of offering immediate support, which lasts and also provides real, sincere feedback. If customer ‘A’ has a problem, she can contact us and we can offer a specific solution to the specific problem. If customer ‘B’ has the same problem, he can send us an email and we can offer the same solution that we gave to customer ‘A’. If, two years down the line, customer ‘A’ has the same problem again, she can contact us and we can send the same solution that we did two years previously. So now, you will have realized, we have sent the same solution three times. It would seem then that we have a problem. We are providing immediate and effective solutions but they don’t last and they don’t always provide feedback. It’s as if my friend Ted wanted to see my photos of London and each time had to get in a plane and come from Australia to Spain to tell me personally that he likes them. Now I quite like seeing old friends, but this really doesn’t make much sense, does it?

This is why some time ago we started to move towards Support 2.0: from person-to-person, reusable, taking advantage of forums, Facebook, Twitter, blogs,… yet today I want to talk to you specifically about our new Tech Support forum.

Let’s put the previous situation in the context of the 2.0 environment. Customer ‘A’ has a problem and decides to go to the Panda Security Tech Support Forum to find a solution to her problem. She looks in several sub-forums but doesn’t find a solution, so she decides to contact us. Somebody who works at Panda Security offers a solution to the problem, customer ‘A’ applies the solution and immediately, through the solution we have provided, confirms that we have resolved the problem.

Panda Tech Support Forum

Some days later customer ‘B’ has the same problem, he goes to our forums and in one of the sub-forums he finds the solution that we gave to customer ‘A’. But that’s not all. He also sees that the solution has been satisfactory for customer ‘A’. This is very positive for customer ‘B’, he knows that the solution is good, applies it on his computer and goes back to the forum to give his feedback and offer suggestions on how the solution might be improved even. Some time later customer ‘A’ has the same problem again. What will she do? Look at my photos on Facebook or get a return plane ticket from Sydney to Bilbao? But it doesn’t end there, as anyone could run a simple Google search to find the post with the solution to the problem. The end result? We have immediate solutions, which last over time and we get feedback from the most important agents in the process: our clients.