SSL Certs: Which One is the Best Fit for You?

4GHadmin | 03 September 2019
Reading Time: 5 minutes

Shopping online is pretty much a ubiquitous activity for people all over the world these days, and – not surprisingly – so much so that it’s now the preferred means of shopping for many people. Especially for certain goods, and not only do these people want selection, good prices, and the like, but they also want to be able to enter their credit card information and not have to worry about it being exposed.

Offering that peace of mind is absolutely essential if you’re in the e-commerce world, and nothing is more important in this regard as having your online transactions guarded by an SSL certificate. Even if you may not know exactly what these are, you’ve probably seen the ’##-Bit Encryption’ tag prominently on display once you get to the checkout when you’re shopping online.

Here at 4GoodHosting, not only do we offer very competitive prices on highest-quality SSL Certificates but like any good Canadian web hosting provider we have plenty of customers who are trusting our web hosting to ensure they’re ‘open’ for business 24/7 and all day, everyday.

Probably safe to say that there’s few if any of those folks who don’t already have their SSL Certs in place, but for those of you who are new to your business online then we thought we’d dedicate one post here to discussing SSL certificates and what you need to know to choose one for yourself.

Overview

There is a plethora of certificate types, and several categories and plenty of CAs. In advance of highlighting the different SSL certificates and how to choose the right one, we’ll first discuss why an SSL certificate is so important nowadays.

The reach and strength of cyber crimes has grown rapidly over recent years. So much so in fact that cybersecurity has become the #1 concern issue for both web users and website admins. The truth of it all is that cybercriminals can cost online businesses millions. The worldwide economy loses unimaginable amounts of money every year due to cybercriminal activity.

What SSL certificates do to protect agains this is that they enforce a secure connection between a server and its web users. They don’t only protect the sensitive information that is transmitted between a web user and a web server, but also boost ranking, improves brand credibility and go along way to boosting conversion rates.

Choosing the Best SSL Certificate

Knowing what SSL will be best for your online storefront can be a challenge. They’re generally categorized according to their validation level, warranty, technical support and domains support.

So what factors do you need to consider? These ones:

  1. Validation Level

Nearly all SSL certificates provide data encryption and session security services for websites. The validation level of each is where the primary differences between them are established. The validation level will determine how much information about a company will be shown in browsers or to the web users. The three main levels of validation are Low / Medium / High

Domain Validation (DV) SSL certificate – Low

These ones are also referred to as a low assurance, and are commonly used to protect standard websites, single domains, and blogs. The simplest form of validation is done where the website registration and administration approval are confirmed to issue the certificate. Processing time is anywhere from a few minutes to a few hours.

These certificates are suitable for low traffic websites or informative sites where financial transactions are not conducted. If you’re selling online, this type of cert will be insufficient for you.

Organization Validation (OV) SSL certificate – Medium

With medium certificate validation, an authorized agent verifies the domain ownership and company’s identity. This includes verifying the company name, city, state, and country. Web owners must submit some additional business-related documents for verification. As you’d expect, there’s more of a delay to all of this compared to a domain certificate.

Medium certificates provide appropriate security for medium-sized businesses that conduct standard (-$500 o/a) financial transactions and wants to provide assurances for customers that they can shop entirely safely within the site.

Extended Validation (EV) – High

These ones offer the highest level of security for websites, with a more rigorous validation process that verifies the ownership of the server and the legitimacy of its owner. Generally, the CA verifies the legal, physical and operational existence of the company, official government records, and databases, and confirms that only the genuine company is authorized to be in ownership of the extended-validation SSL certificate.

What you’ll see with these ones is the browser will show a green address bar with a verified name of the organization. The EV certificate is used by major players, like Amazon and Flipkart for example

Further, having an EV SSL really legitimizes the domain name.

  1. Domain Support

Next up you’ll want to determine how many domains you want covered with a single certificate. There’s three categories here:

Single Domain Certificates
Fine for protecting a single domain with its all subpages. Example:

www.mydomain.com/

www.mydomain.com/register

www.mydomain.com/about

www.mydomain.com/contactus

mydomain.com

Wildcard Certificates

The wildcard certificate allows its users to protect all the first level of sub-domains under an FQDN. It supports only DV or OV. The best instances are:

www.mydomain.com

info.mydomain.com

mail.mydomain.com

payment.mydomain.com

Multi-Domain Certificates
Also referred to as SAN or UCC certificates. They allow users to protect multiple FQDN domains along with multiple sub-domains. This choice will be ideal for you if you’re running multiple websites with single or multiple company names. All DV, OV, EV support this category.

www.mydomain.com

info.mydomain.co.uk

payment.mydomain.co.ru

  1. Warranty

The warranty attached to your SSL certificate should also be a consideration – it shows your customers how serious you are about protecting customer information. An EV Cert provides a a more extensive and better warranty, with coverage between $1,0000-$1,000,000 being possible within the warranty.

  1. Technical Support

The more expensive the Cert, the more technical support you will receive from an SSL provider. Free certificates generally never have technical support. However, with an EV or OV technical support is provided while installing and validating the certificate. Make sure the support is available via different sources like email, live chat, contact us page, phone, social media resources, etc.

  1. Price

It’s not uncommon for web admins to think they should invest big bucks even with the option to get a free certificate – the ‘you get what you pay for mentality’. That’s solid thinking most of the time. Free certificates are valid only for a few days, and then after that you must renew them. If not, the browser will show your users that the website is insecure. The price of paid SSL certificates start at $10 and can go up to $350, depending on the type of SSL certificate.

  1. Vendor

Different vendors provide different price ranges and security elements for each certificate. Before choosing any SSL vendor you should verify that they have a good reputation. Do that by watching their reviews and consumer’s feedback on their website.

0

Microsoft Bug Bounty Program: How Does 30K Sound to You?

4GHadmin | 27 August 2019
Reading Time: 3 minutes

Most people have claimed a reward of some type at some point in their lives. Return someone’s smartphone to them, for example, and they’ll probably think your honesty in returning it is worth $50 at least. Or maybe you return someone’s precious pet to them and get a whole lot more than that for your effort or, more likely, good fortune in having it cross your path or end up in your backyard. But what if there was up 30K in reward money to be had?

Well, up to that amount is what software development mega-giant Microsoft is offering anyone who can find flaws in their newest Chromium-based Edge browser. Now the likelihood of most people – myself included – even having the ability to do that is pretty slim, but for those who are web development savvy it’s definitely something worth taking note of.

Now to be sure, just as it would be for any Canadian web hosting provider we’ve got some talented people on staff who do have the wherewithal required for something like this. They’re aware, and now you are too so let’s get into discussing what exactly all this is about and whether or not this would be not just easy money, but a LOT of easy money.

Beta Stage Bonuses

Microsoft recently released the beta version of its Chromium-based Edge and then introduced the Insider Bounty Program along with it. As mentioned, there’s apparently up to $30,000 to be had for those who find out unique vulnerabilities in this beta version of their new browser.

Yes, that’s what you can do when you have deep pockets to this extent. You’d have to find a thousand+ lost phones and pets to come even close!

To clarify though, 30K is only available if you find a flaw that is a vulnerability that leads to escape from the WDAG container. The majority of would-be rewards included in the Microsoft Edge Insider Bounty Program are in the range of $1,000 to $3,000, depending upon the bug’s severity and – take note – the quality of the submission (see thoroughness – less work for them = more $ for you).

Quality Control & Then Some

Microsoft has stated that the goal of the Microsoft Edge (Chromium-based) Insider Bounty Program is to dig up vulnerabilities that are unique to the next Microsoft Edge and have the potential for a direct and demonstrable impact on the security of their customers. Quite admirable, and not out of the ordinary for software developers in as far as the aim itself is concerned.

Attaching big money $ to that, however, is out of the ordinary.

It is true that Microsoft has a lot riding on the success and widespread adoption of it’s new Edge browser, particularly given the success of Google Chrome that the current Edge is very much playing second fiddle to.

It is reported to have features unique to Chromium Edge like Internet Explorer mode, PlayReady DRM, Sign in with Microsoft Account (MSA) or Azure Active Directory (AAD), Application Guard and a few others.

Growth of the Bug-Finder Business

Turns out discovering unique bugs on the latest version of Edge can be a big business. As mentioned, Microsoft will issue rewards in various tiers, and these are the ones:

  • Spoofing and tampering related security impact – between $1,000 to $6,000, depending on the quality of the report
  • Information Disclosure and Remote Code Execution (RCE) can get you between $1,000 to $10,000 depending upon the severity of the report
  • Vulnerability resulting from Elevation of Privilege (EoP) will get you between $5,000 to $15,000
  • And again, the biggie – 30K for vulnerability resulting in escape from the WDAG container to the host

As you’d expect, there are Terms and Conditions for participating in the Microsoft Bug Bounty Program. The report submission must also include tangible proof, and have sufficiently demonstrated the vulnerability exploitation and the potential impact it might have on users.

Know your stuff? Scour over the Beta of Microsoft’s newest edge and see if you can earn the largest reward you’re likely to ever receive in your life!

0

Overcoming Issues with Most Recent Windows 10 Update

4GHadmin | 19 August 2019
Reading Time: 3 minutes

A while back we had discussed some of the particulars with of the latest revisions available to people running desktop and notebook running Windows 10. Needless to say that encompasses a great many of them purring away at any given time all around the world, and it’s for that reason that some frequent undesirable occurrences seen with the most recent Windows 10 update are sufficiently noteworthy to the point that it makes sense for us to write about them in this week’s blog.

Here at 4GoodHosting, a part of what makes us a leading Canadian web hosting provider is the way in which we’re proactive in sharing information that’s easily identified as having value to our customer base. Given how ubiquitous the Windows OS is for personal computer users and the reality that’s unlikely to change, we’re going to discuss more than a few problematic issues that users are encountering quite frequently with the most recent Windows 10 update.

Reason enough to have less faith in the OS? That’s for you to decide.

The Issues

Where there’s smoke there is fire. While there had been rumblings about shortcomings with the latest Windows 10 update for a while, the way it is in the biz is that you don’t really take heed of these sorts of things until these sort of expressions of dissatisfaction become a little more numerous than just a few people here and there.

That’s the case now, and the consensus is that the latest update for Windows 10 is causing a string of issues for users. The update comes with patches against two critical vulnerabilities, but it seems they’re leading to problems. Among them are random reboots and inexplainable installation failures.

The update was made available on Tuesday of last week, and was created as a defense against a pair of remote code execution vulnerabilities which were deemed ‘wormable,’ – which means they are able to jump from one infected computer to another. Microsoft owned up to these vulnerabilities and informed users about the patches in a blog post, with users being encouraged to update their operating systems without delay.

Primary Problem 1, with Fix

Some users, however, have encountered difficulties when trying to apply the latest update,. To their credit, Microsoft has acknowledged that there ‘known issues’ with the update do exist.

Most notable among them:

A small number of devices may deliver a black screen on start up during the first logon after installing updates, and that this would be disconcerting for users.

The good news is there is a very simple fix for this;

  • Using Ctrl + Alt + Delete on the black screen and then using the Power button in the bottom right of the screen to select Restart. This should prompt the PC to boot normally.

Primary Problem 2, and NO Fix (Yet?)

The other significant problem with the update is the way it seems to be able to break some Visual Basic applications. More than a few users have reported that after installing this update, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) are seemingly no longer responding to basic requests and coming with them is a ‘invalid procedure call error.’ As the header there suggests, at this point at least there is no fix for this problem.

Similar feedback shared via a number of online discussion spots have also talked about repeated instances where the update causes random reboots to their systems. Others still are having problems downloading and installing the update itself. Microsoft reports that it is working on a solution for these issues, and those solutions should be rolled out in a future update.

What You Can Do

If you’ve gone with this recent Windows 10 update and are encountering one or all of these issues then the advice from the source is to update your operating system, and do so even if you’re worried about update issues with the security vulnerability being patched in the way it has been. It’s good advice, but be forewarned that you might see some issues with the update process.

If avoiding the update issues altogether is preferable for you – and you haven’t taken the update yet -, plus you’re okay with some risk, then there’s also this option; pause Windows updates until Microsoft announces a fix to this one.

0

Chrome Users Encouraged to ‘Rat Out’ Deceptive Sites with New Add-On

4GHadmin | 22 July 2019
Reading Time: 3 minutes

Rats have always had a bad rap, and among all the many negative things associated with the rodents is the fact that ‘rat’ is no longer only a noun in the English language. It’s now also a verb. To ‘rat’ out someone or something is to make someone in position of power or authority aware of what that thing or person is doing when they shouldn’t be doing it. An example could be when you were kids and telling the school principal the names of the students you saw scratching their names into the side of the gymnasium.

They’re sure to be punished for it, but only you and the principal will ever know who exactly ‘ratted them out.’

Here at 4GoodHosting, we’re like any quality Canadian web hosting provider in that we don’t need to be prompted to stay on top of interesting developments in the digital world. We do it quite naturally, and we also have an at-least somewhat vested interest in maintaining a functional integrity for the World Wide Web.

All of which makes this recent news entirely newsworthy for our blog here.

Introducing the Suspicious Site Reporter

Google this week started requesting help in identifying suspicious websites, and to that end is making an add-on that lets them ‘rat out’ suspicious URLs through their Chrome browser. They can add the Suspicious Site Reporter, and what they’ll then see is a new flag-style icon on the top bar of the browser. When they come across a URL that’s fishy looking, all they have to do is click on the icon to report unsafe sites to Safe Browsing for further evaluation by the overlords at Google.

Safe Browsing is a ubiquitous term between Chrome, Mozilla’s Firefox, Apple’s Safari, and Android when users are steered away from sites that contain malicious or deceptive content. Google uses robots to scan the web and compile lists of websites that host malware, harmful downloads or deceptive ads and pages. Software developers then have the option of plugging into an API to integrate this list into their own applications.

In honesty, rival browser makers have done this for years, but it’s a fact none have the prestige or visibility that Chrome currently does.

What this ‘see, identify, and click’ results in is a warning that then tells user following in the footsteps of others that the intended destination is shady and proceeding further towards it is inadvisable. With Chrome, you can expect to see an alert reading ‘Deceptive site ahead’ and some explanatory text about why it’s being regarded that way.

So here it is that you don’t need to feel any discomfort about being ‘a rat.’

Different Designations

Some industry experts have stated they find some of the information in the pop-up box deployed after clicking the Suspicious Site Reporter to actually be suspicious on its own. One of them gave the example of visiting a national news organization’s site, and seeing the reason it was flagged as being ‘Haven’t visited site in the last 3 months.’

There’s another good and valuable warning that is issued when the browser is being steered toward a site with a deceptive URL, which is a common trick of hackers and phishers. There’s more than a few people who wouldn’t catch ‘go0gle.com’ instead of ‘google.com’, to use one example. For all these individuals, there will be a warning that helps you get back to safety.

This new feature was launched with Chrome 75, the current version that debuted June 4. As has been the case for a while though, Google commonly rolls out new Chrome features in stages in response to quality control interests.

If for some reason you Chrome 75 doesn’t have it, the Suspicious Site Reporter add-on can be downloaded from the Chrome e-store.

0

Apple’s iPhone as a Crypto Wallet? Maybe So

4GHadmin | 25 June 2019
Reading Time: 4 minutes

Even the most tuned-out of us will be aware of how Bitcoin seemingly went out with a whimper after arriving on the digital cryptocurrency scene with a bang a few years back. The same could be said for the hype about cryptocurrency as a whole, but of course now it’s made something of resurgence. Now it seems the acceptance of a global currency that’s not bound by the constraints of the world bank and international currency norms is an actual large-scale possibility, and no doubt we’re going to see a rush on bitcoin mining flare up again too.

Whether or not you believe in the validity of cryptocurrencies and if they’ll ever gain a foothold in the world of e-commerce and beyond is one thing, but it would seem that Apple is forecasting it’s going to do that to at least some extent. To cut right to it, it seems that they’re preparing to let iPhone users turn their devices into hardware wallets that will allow them to store and use bitcoin and other cryptocurrencies for mobile purchases of pretty much everything.

The bulk of us here at 4GoodHosting are like the staff you’d find at any leading Canadian web hosting provider in that we take a keen interest in any major shift in the web world landscape, and if cryptocurrency is now to gain traction like it was predicted to then that definitely qualifies. That and the fact that iPhone users likely make a good half of the majority of those of you, and so let’s look at what can we read into the possibility of iPhones becoming crypto wallets.

iOS 13 – WITH CryptoKit

At the recent Worldwide Developers Conference (WWDC) a few weeks back, Apple’s new CryptoKit for iOS 13 was on display. What it will do is allow developers to easily create hashes for digital signatures and public and private keys that can be stored and managed by Apple’s Secure Enclave. The keys will represent cryptocurrencies, which iPhone owners can then exchange as a form of payment through an app.

This doesn’t necessarily mean that Apple is going down the cryptocurrency path, but if it is it would be following HTC and Samsung. Both these competitors have already announced their intention to create native cold storage wallets available with their smartphones. HTC’s Exodus 1 smartphone is supposedly going to be able to natively store bitcoin or Ether cryptocurrencies, and Samsung’s Galaxy 10 – expected in February – is likely going to do the same.

Demand Will be There

Seems the number of people using digital wallets for all types of currencies is expected to jump from 2.3 billion this year to nearly 4 billion next year, and it’s estimated that half of the world’s population will be paying with cryptocurrencies at least some of the time by the year 2024. Along with this wallet transaction values should go up by more than 80% to more than $9 trillion a year.

Needless to say, that’s a significant chunk of change.

The real issue here is the challenge that already-existing NFC-based contactless wallets, like Apple Pay and Samsung Pay, will face when wallets based on QR codes become more of the norm. QR codes are already being used by merchants to access cryptocurrency wallets for payment.

Further, as of now, Apple’s CryptoKit doesn’t include all of the cryptography algorithms needed to complete Bitcoin transactions. That’s likely to change, and sooner rather than later.

Unique Hardware Opportunity

Apple’s CryptoKit means users are just a few steps away from turning their iPhones into a hardware wallet, and what it also does is put Apple’s developers in the driver’s seat when it comes to blockchain or crypto-based apps and the hardware required for them. The belief is that they’ll be able to provide a more secure crypto wallet than anything else out there right now from a mobile phone standpoint, and that’s because they’re able to build on the existing biometrics capabilities of iPhones and iPads.

Which is good, as big-time outlets like Starbucks and Whole Foods have all already announced programs to accept bitcoin other cryptocurrency for payments. You’ll be able to wave a QR code on your smartphone in front of a register scanner to pay. That QR code, enabled by an app, will represent how much currency you have at your disposal in your crypto wallet.

Further, because CryptoKit enables a second layer of security through encryption for iOS applications with private and public keys, it can repel other issues related to hardware hacking like SIM jacking , which is a malicious attack where the hackers assume control of a person’s digital finances.

It’s certainly an interesting time to be following these developments in the world of cryptocurrencies, but one has to wonder if it’s for real this time and not a whole lot of flash and little substance as was the case a few years ago when Bitcoin was ‘the next big thing.’ In fairness though, this is bigger than one type of cryptocurrency in particular, and it’s more about having the systems and hardware in place to enable its proliferation should it become a viable payment method.

0

New Epic Quickly Becoming Browser Of-Choice for Those Big on Privacy

4GHadmin | 25 March 2019
Reading Time: 4 minutes

Things change quickly in the digital world, and what was barely even on the radar can become a front and centre issue overnight in some cases. Go back 10 years and the issue of privacy in web browsing wasn’t something the vast majority of people paid even the slightest bit of attention to. Nowadays, however, it’s definitely a hot-button topic given all the news that’s come out about web browsing histories and the like being tracked, monitored, and then made available to whoever doesn’t mind paying for information about what people like YOU search for online.

Some people don’t have a problem with that. Other people have quite a significant problem with that. If you’re part of the second group there then you may have already switched over to using a web browser like DuckDuckGo or something similar. It’s a fine privacy-promoting web browser in itself, but it’s a bit of a generalist in that it works suitably well across the board but not especially well for any one framework.

And that’s where and why Epic coming onto the scene is as noteworthy as it is. It is a Chromium-based browser designed to ensure privacy without giving up anything i speed or functionality. It blocks ads as well as prevents user tracking, and also includes built-in protection against a wide range of surveillance methods cryptocurrency mining scripts among them.

It promises to be just what the Doctor ordered for those who think these types of overwatch activities are unacceptable, and here at 4GoodHosting we’re like any other quality Canadian web hosting provider in that we agree with you wholeheartedly. Let’s take a look at what makes this new no-tracking web browser such a good fit and why it promises to be especially well received.

Surfers 1 / Watchers 0

It’s fair to say that it’s really a shame that the innocence and carefreeness of using the world wide web to gain information is gone now, and that government agencies, corporations, and malicious hackers lurking in the shadows and taking notes is entirely unacceptable. Even those who aren’t overly incensed at having their privacy violated will almost certainly choose to stay ‘incognito’ if the opportunity to do so exists.

Epic’s creator, Alok Bhardwaj, attributes much of his need to build such a resource on coming to understand that on average, there are some 10 or so trackers on pretty much every website you visit. For some still, there’s up to 30 or 40 companies that are logging your visit.

Fortunately, his new Epic browser includes built-in protection against a wide range of surveillance tactics, and without any of the BS like what was seen in 2015 in the States with AT&T’s policy where subscribers had to pay up to 50% more to secure a reasonable level of privacy.

The original version of Epic has been around since August of 2018, but the Chromium-based version of it is still new to the scene. It allows users to enjoy private browsing without sacrificing speed or functionality, and also blocks ultrasound signal tracking and cryptocurrency mining scripts. Plus, with a new mobile browser on the way, Epic continues to take actions that support the company’s belief in a free internet.

 

Sight for Sore Eyes: Privacy-Focused Web Browser

U.S. President Donald Trump’s 2017 decision to cann internet privacy rules as passed by the Federal Communications Commission in the previous year put an effective end to internet users having more rights concerning what service providers can do with their data. Here in Canada we certainly haven’t been immune to the increasingly grey areas of what can and can’t be done as far as monitoring a web browser user’s history.

Likely no one needs convincing that relying on governmental agencies to solve data privacy issues will likely result in little if anything being done. So we’re left to take matters into our hands as much as we can. Good news on that front, as Epic is an exceptionally private browsing experience that’s also fast and intuitive and based on Google’s open-source Chromium project for long-term practicality in the bigger picture of things.

That perspective was very important in the development of this new browser, according to Bhardwaj. Microsoft announced that the company would build their next browser on Chromium, and so the decision was made to build a browsing experience that’s very private, but just as fast as using Google Chrome.

Mission Accomplished

We’d say it is – Epic is one of the most simple, private, and fast browsers on the market today, and it’s really raised the bar that was set by the original private browser, Tor. (which is still a great browser FWIW, still doing very well and also offers an extremely anonymous service)

One area where Epic meets a need that Tor can’t, however, is with malicious cryptocurrency activities. Hackers have used Tor to steal cryptocurrency from users, and fairly recently too.

Long story short, Epic is the only private browser out there that just works out of the box with a high level of privacy and speed, and it doesn’t have any of the issues where advanced security protocols render certain website undeliverable. In the event that one won’t, Epic lets you turn off the proxy and ad blocking feature for a particular website if needed.

Other appealing features:

  • Free VPN
  • 1-click encrypted proxy
  • Blocks fingerprinting and ultrasound signaling
  • Locally stored database of the top 10,000 websites in the world

Coming to Mobile Soon

Epic is expected to launch the company’s mobile browser before long. They expect their mobile browsers to be even more significant than the desktop browsers, given the scale that mobile’s going to operate on. With the extent to which most of us use our smartphones for internet search queries, there’s no doubt that this mobile browser release will put Epic even more in the spotlight in the near future.

0

Project Pathfinder for an ‘Even Smarter’ SIRI

4GHadmin | 11 February 2019
Reading Time: 4 minutes

AI continues to be one of the most game-changing developments in computing technology these days, and it’s hard to argue that there’s no more commonplace example of AI than in the digital assistants that have nearly become household names – Apple’s SIRI and Google’s Alexa. Even a decade ago many people would have stated their disbelief at the notion that it might be possible to make spoken queries to a digital device, and then have them provide a to-the-minute accurate reply.

The convenience and practicality of AI has been a hit, and what’s noteworthy about it is the way that folks of all ages have taken to it. After all, it doesn’t even require the slightest bit of digital know-how to address Siri or Alexa and rattle of a question. Indeed, both tech giants have done a great job building the technology for their digital assistants. With regards to Siri in particular, however, it appears that Apple is teaming up with a company that’s made a name for themselves developing chatbots for enterprise clients.

Why? – to make Siri an even better digital assistant and even more the so the beacon of AI made possible for everyday people.

Here at 4GoodHosting, like most Canadian web hosting providers we have the same level of profound interest in major developments in the computing, web hosting, and digital worlds that many of our customers do. This zeal for ‘what’s next’ is very much a part of what makes us tick, and this coming-soon improvement to Siri makes the cut as something worth discussing in our blog here today.

Proven Partnership

The aim is to make it so that Siri gets much better at analyzing and understanding real-world conversations and developing AI models capable of handling their context and complexity. In order to do that, they’ve chosen to work with a developer who they have a track record of success with. That’s Nuance, who is an established major player in conversation-based user interfaces. They collaborated with Apple to begin with Siri, and so this is round 2.

As mentioned, Nuance’s present business is focused on developing chatbots for enterprise clients, and so they’re ideally set up to hit the ground running with Project Pathfinder.

Project Pathfinder

The focus of Project Pathfinder came from Apple’s belief that machine learning and AI can automate the creation of dialog models by learning from logs of actual, natural human conversations.

Pathfinder is able to mine huge collections of conversational transcripts between agents and customers before building dialog models from them and using those models to inform two-way conversations between virtual assistants and consumers. Conversation designers are then more able to develop smarter chatbots. Anomalies in the conversation flow are tracked, and problems in the script can then be identified and addressed.

Conversation Building

Voice assistants like Siri and Alexa have inner workings that make it so that your speech is interacting with reference models. The models then try to find a solution to the intent of your question, and accurate replies depend on conversation designers doing two things; 1, having learned from subject matter experts, and 2 – doing the same from a LOT of trial and error process related to query behavior.

As far as Apple’s concerned, giving the nod to Nuance and their conversation designers was the best way to go.

Pathfinder empowers them to build on their existing knowledge base with deep insights gathered from real conversational interactions that have taken place inside call centers. More to the point, however, the software doesn’t only learn what people are discussing, but it also makes determinations on how human agents guide users through the transactions.

Adding more intelligence to voice assistants/chatbots is made possible with this information, and so Siri is primed to build on her IQ in the same way. It certainly sounds promising!

Self-Learning Conversation Analytics

All you need to do is spend a short period of time with Siri or Alexa and you’ll quickly find that they definitely do have limitations. That’s a reflection of the fact that they are built for the mass market, as they must much more diverse requests than chatbots that are primarily built for business. This means that they come with a lack of focus, and it’s more difficult to design AI that can respond to spoken queries on all the thousands of different topics around the globe with sensible responses. Then you have follow-up queries too.

In conclusion, the queries posed to virtual assistants are based in human questions 95+% of the time, and as such they’re less focused and less predictable. So then how do you build AI that’s more capable of handling the kind of complex enquiries that characterize human/machine interactions in the real world?

The answer to that is to start with call center chatbots, and that’s what the Pathfinder Project is doing. It will accelerate development of spoken word interfaces for more narrow vertical intents – like navigation, weather information, or call center conversation – and by doing so it should also speed up the development of more complex conversational models.

It will make these machines capable of handling more complex conversations. It will, however, take some time to come to realization (projected for summer 2019). Assuming it’s successful, it will show how conversational analytics, data analysis and AI have the ability to empower next-generation voice interfaces. And with this we’ll also be able have much more sophisticated human/computer interactions with our virtual assistants.

Seeing the unlocked power of AI with understood context and intent of conversation, rather than primarily asking Siri or Alexa to turn the lights off, etc. etc. promises to be really helpful and a very welcome advance in AI for all of us.

 

0

Chromium Manifest V3 Updates May Disable Ad Blockers

4GHadmin | 28 January 2019
Reading Time: 4 minutes

It’s likely that a good many of you are among the thousands upon thousands of people who have an Ad Blocker installed for your web browsers of choice. Some people do use them simply to avoid the nuisance of having to watch ad after ad, and it’s people like these that have necessitated some sites to insist that you ‘whitelist’ them in order to proceed into the website they want to visit. That’s perfectly understandable, as those paying advertisers are the way the website generates income for the individual or business.

For others, however, we spend a great deal of our working day researching and referencing online, and having to watch ads before getting to the content we need in order to do our work. For us, an ad blocker is much more of a tool of necessity rather than convenience. Still, we get caught up in more than a few sites that will insist on being whitelisted too. For me, my ad blocker is a godsend and I don’t whitelist any website or disable my ad blocker for any of them.

Here at 4GoodHosting, part of what makes us a good Canadian web hosting provider is having built up an insight into what really matters to our customers. The bulk of them are people who use the Information Superhighway as a production resource rather than web ‘surfers’ for whom it’s more of an entertainment one. That’s why today’s news is some that’s sure to be very relevant for most of our customers.

Weakened WebRequest APIs

Some of you may not know how your ad blocker works, and that’s perfectly normal. As long as it does its job, you don’t really need to know. Chromium is Google’s newest all-powerful web browser, and just like Chrome did you can expect it to soon become nearly ubiquitous as most people’s web browser of-choice.

However, Chromium developers in the last few weeks have shared that among the updates they are planning to do in Manifest V3 is one that will restrict the blocking version of the webRequest API. The alternative they’re introducing is called declrativeNetRequest API.

After becoming aware of it, many ad blocker developers expressed their belief that the introduction of the declarativeNetRequest API will mean many already existing ad blockers won’t be ‘blocking’ much of anything anymore.

One industry expert stated on the subject, “If this limited declarativeNetRequest API ends up being the only way content blockers can accomplish their duty, this essentially means that two existing and popular content blockers like uBO and uMatrix will cease to be functional.”

What is the Manifest V3 Version?

It’s basically a mechanism through which specific capabilities can be restricted to a certain class of extensions. These restrictions are indicated in the form of either a minimum, or maximum, version.

Why the Update?

Currently, the webRequest API allows extensions to intercept requests and then modify, redirect, or block them. The basic flow of handling a request using this API is as follows,

  • Chromium receives the request / queries the extension / receives the result

However, in Manifest V3 the use of this API will have its blocking form limited quite significantly. The non-blocking form of the API that permits extensions to observer network requests for modifying, redirecting, or blocking them will not be discouraged. In addition, the limitations they are going to put in the webRequest API have yet to be determined

Manifest V3 is set to make the declarativeNetRequest API as the primary content-blocking API in extensions. This API will then allow extensions to tell Chrome what to do with a given request, instead of Chromium forwarding the request to the extension. This will enable Chromium to handle a request synchronously. Google insists this API is overall a better performer and provides better privacy guarantees to users – the latter part of which if of course very important these days.

Consensus Among Ad Blocker Developers and Maintainers?

When informed about this coming update many developers were concerned that the change will end up completely disabling all ad blockers. The concern was that the proposed declarativeNetRequest API will result in it being impossible to develop new and functional filtering engine designs. This is because the declarativeNetRequest API is no more than the implementation of one specific filtering engine, and some ad blocker developers have commented that it’s very limited in its scope.

It’s also believed that the declarativeNetRequest API developers will be unable to implement other features, such as blocking of media element that are larger than a set size and disabling of JavaScript execution through the injection of CSP directives, among other features.

Others are making the comparison to Safari content blocking APIs, which essentially put limits on the number of admissible rules. Safari has introduced a similar API recently, and the belief is that’s the reason why Apple has gone in this direction too. Many seem to think that extensions written in that API are more usable, but still fall well short of the full power of uBlock Origin. The hope is that this API won’t be the last of them in the foreseeable nearest future.

0