Google SSL Search Will Block Search Referrers

Your website stats are getting a little less valuable thanks to new search feature Google is rolling out to its users. SSL encrypted search will now automatically be turned on for all logged in users, resulting in improved security and privacy for web searches.

This improved privacy will result in less available data for site owners in analytics tools, including Google Analytics. Specifically, for users with SSL search enabled it will no longer pass along the search keywords that brought them to your website. From Google’s blog post announcing the change:

What does this mean for sites that receive clicks from Google search results? When you search from https://www.google.com, websites you visit from our organic search listings will still know that you came from Google, but won’t receive information about each individual query. They can also receive an aggregated list of the top 1,000 search queries that drove traffic to their site for each of the past 30 days through Google Webmaster Tools.

Continue reading → Google SSL Search Will Block Search Referrers

Companies React Proactively to Gawker Security Breach to Protect Customer Accounts

I’ve had to change a lot of passwords in the last two weeks.

I had a Macbook stolen one weekend and then this weekend my login data was among the 1.3 million usernames and passwords compromised when hackers broke into Gawker Media’s servers and stole everything they could get their hands on. The hackers were able to access and download user data, CMS source code, and more from the servers and then posted it to torrent sites for anyone to download. If you’ve ever commented on any of Gawker’s hugely popular sites such as Gizmodo, Lifehacker, or Deadspin your credentials are most likely in there. (Find out for sure using Slate’s checker.) This is a huge security breach and could impact Gawker Media’s industry dominance as they must work to regain the trust of their readers and commenters.

Meanwhile, a few other companies are taking this opportunity to not only protect their customers’ accounts, but also demonstrate that they’re concerned about data security and grab some positive PR as well. Companies such as LinkedIn and Amazon have mined the stolen Gawker data for email addresses matching their customer accounts and automatically reset their passwords. This proactive step not only protected customers but will also reduce a lot of upcoming customer service hours needed to handle and fix hacked accounts or return fake orders. It also prevents customers unaware of the incident with Gawker from misplacing blame if their accounts were compromised.

Continue reading → Companies React Proactively to Gawker Security Breach to Protect Customer Accounts