Google arrived on the Search Engine scene as a start-up, overthrowing the directory model followed by players in the field. Instead, the company’s founders Larry Page and Sergey Brin brought to the arena the insight gained from academics that just like citations in a research paper, a link to any website from another was a vote on its relevance. This simple idea completely transformed the search business overnight.
Since then, Google has never failed to provide unique solutions to complex problems. Indeed, this ability is what sets apart the company from its rivals, and can be seen in almost all the projects run by Google X, the semi-secret lab that powers the company’s moonshot projects, including the ‘Driverless Car’ initiative. Let’s take a look at the core breakthrough which is helping these cars drive on their own through the highways of United States. SUBTRACTION IS KEY For starters, lots of building blocks had to be in place for the project to even kick-start. Without Google’s Maps and Street View in place, as we shall see, the project would have never worked. Take a look at the cars participating in this experiment. You will find that each of their rooftops is mounted with a spinning laser turret known as the lidar (light detection and ranging) unit. Tucked behind the sheet metal and glass of each car are cameras, radars, antennas, and GPS. Then, there's a large computer placed in the car boot. The laser's 64 beams spin ten times per second, scanning 1.3 million points in concentric waves that begin eight feet from the car. It can spot even small objects 260 feet away. We can consider this data as a high-resolution live map (accurate to about 11 cm) of the car's surroundings. The radar has twice that range, but not the precision. The camera is good at identifying road signs, indicator lights, colours, and traffic lights. All three views are combined and colour-coded by the computer in the car boot. The breakthrough thinking here is that for the Driverless Cars to know what to avoid, they don’t have to be aware of all elements on the highway. Static infrastructure is already available through Google Maps and Streetview. You have to cancel this out from the live map presented by the lasers, radars, and cameras in the cars. This subtraction of the static images from the live feed is done by the operating system of the Driverless Car project, known as Google Chauffeur. So the Driverless Cars are only tasked with avoiding collision with the components on the road which move, since it already knows the layout of the other permanent infrastructure. That’s another breakthrough thinking, and another feather on its cap for Google. e.o.m.
1 Comment
Two recent profiles that appeared about Google CEO Larry Page in Financial Times and Fortune magazine respectively demand our attention. The conversations bring out the uniqueness of his thought process, and offer more than a glimpse into his philosophical outlook, which makes him stand out among the ranks of CEOs of the world’s storied corporations. First off, his goals for the company are so ambitious that he admits that Google’s original mission statement (“to organize the world’s information and make it universally accessible and useful”), itself a lofty goal, needs a revision. “We are still trying to work out what it would be,” he says of the revision. HE WANTS TO CHANGE THE LIVES OF PEOPLE There’s a reason why Google under Larry Page throws its weight behind the world’s most challenging as well as ambitious projects, besides the fact that Google can now finance them, thanks to its huge cash hoard of $62 billion. Larry Page worries that not enough institutions, especially governments, are invested adequately in such life altering projects. He believes that with the right focus and application, “there’s nothing that can’t be improved and made to run more efficiently”. When FT’s Richard Waters prods him and asks why it has to be Google, Larry answers: “Well, somebody’s got to do it.” Larry believes there are only around 50 investors in Silicon Valley who are chasing breakthrough technologies. He wants Google to have a bigger impact on the world by doing more things. Larry knows if Google just keeps continuing to do what it knows best, it cannot keep attracting the best talent, and the company itself will eventually lose its relevance. Google wants to be a company which stays at the top of the game for generations. It’s not, therefore, surprising to find that some of the big bets which Google has placed have the goal of making a clear difference to the lives of people. Some of them are things located on the fringes, which have not received adequate attention, even though they show the promise of delivering big, eg. the driverless car project and diseases that affect older people. Here are a few of the projects on which Google is working on in its ‘moon shot’ factory, the Google X division headed by Sergey Brin: • The driverless or self-driving cars • High-altitude wind turbines • Project Loon with its stratospheric balloons to blanket the world with internet access • A life-sciences start-up which is creating nanoparticles that can be introduced inside the human body to monitor diseases. The start-up acquisitions made by Google also align with its tendency to paint on a huge canvas. • Nest, which is building fully-automated homes • Calico, a pharma company working to stop ageing • Robotic companies Boston Dynamics and Schaft, which bring out four- and two-legged robots Apparently, Page looks at Google’s portfolio as a bucket of investments. Some offer short-term returns. But others require medium- or long-term commitment. This type of risk is within the comfort zone of Larry, who is after all, an ardent admirer of investor legend Warren Buffett. A DIFFERENT KIND OF LEADER Larry is different from the conventional CEO. Management questions like how to organize people and how to motivate them are very important for Larry. Given all the talent which Google has within its ranks, it would be a crime in his eyes if the company were to do the same things all over again, and not something new. For instance, when the leader of Project Loon expressed confidence that if everything were to go well, Google might be able to increase the internet’s total bandwidth by 5%, Page retorted by asking him why Google couldn’t double or triple the global capacity. Astro Teller of Google X was quoted in Fortune as saying, “He wants to make sure there is a moon shot after a moon shot. Reminding us that his ambitions are high helps people aspire to more.” Andy Conrad, a Googler who heads the nanoparticles project, is quoted by Fortune as saying, “You feel terrified, inspired, and nurtured at the same time.” Ben Horowitz, storied Venture Capitalist and partner of Andreessen Horowitz, says about Larry, “We have not seen this kind of business leader after Thomas Edison at GE and David Packard at Hewlett-Packard.” One way by which he makes his staff think differently, the Fortune article says, is by encouraging his engineers and product managers to spend at least one day of the week with just their mobile phones. He himself spends much of his time every day away from his desktop. He wants to motivate and push his people forward all the time. Recently he set a challenge before the product management team at Gmail led by its manager Alex Gawley: Gmail is good, but it was created before smartphones and social networks came along, so create a new communications service for the next 10 years. “Don’t think about creating Gmail 2.0,” Page told the team. Early results of this challenge are already out, and the encouraging response to their email app called Inbox shows they are on the right track. Page is attracted by what the Fortune article describes as the zero-million-dollar research problem — an interesting challenge that no one is working on. Andy Conrad explained one of his traits, “Larry looks at one or two ways in which a problem should be solved and places very strategic bets on both.” That is why the start-up acquisition Calico focuses on extending the maximum lifespan, even as Conrad’s nanoparticles group works on median lifespan by trying to ward off illnesses. “I’ve never had a conversation where he wasn’t at least in danger of being ahead of me, even in the areas I spend way more time on than he does,” says Teller of Google X. Larry himself is aware of the impression he leaves on his engineers and scientists. Hence, he tries to be as learned about everything which they are doing as possible. He explains, “Deep knowledge from your manager goes a long way towards motivating you. And I have a pretty good capability of that.” e.o.m. In December 2013, US retailer giant Target Corp disclosed that cyber criminals had hacked into its systems and stole credit card OR personal information from more than 100 million customers. Both credit card AND personal information were believed to have been stolen from about 12 million customers. In September 2014, another US retailer Home Depot admitted that account information of 56 million cardholders were compromised by a security breach. Credit card account breaches at Target and Home Depot are among the biggest such incidents and have had had far-reaching consequences. In Target’s case, it led to the exits of both Chief Executive Officer Gregg Steinhafel and Chief Information Officer Beth M Jacob. HOW TARGET AND HOME DEPOT WERE INFILTRATED Cyber security experts say there are important lessons for others in studying how attackers infiltrated both the retailers. • At Target, attackers entered its network through a refrigeration and air conditioning supplier who should have been ideally far away from customer financial data. • At Home Depot, hackers infiltrated its cash register systems at its US and Canadian stores in April 2014. This is one reason why security experts advise that storeowners should always assume that hackers are already inside the company’s network. Their focus should thus be on protecting the company’s ‘crown jewels’. So even if attackers scale the company’s walls, there should be many more layers for them to overcome before they can reach the core databases. Cyber experts says that once companies adopt the stance that hackers are already inside, then they would start investing in making their organisation as difficult a target as possible to hack. They should do so by adding strong encryption and layers and layers of vaults to company data. BEST PRACTICES FOR INDIAN ECOMM FIRMS Ecommerce is all the rage in India now. As revenues zoom, companies have the responsibility to keep their databases and gear secure, and keep cyber criminals at bay. Here are some best practices they can adopt to keep themselves as well as customers out of harm’s way. • Monitor fraud loss regularly. Set a limit to the fraud you can tolerate. Conduct a review meeting of the respective business group when the fraud nears 90% of the target set. • Set up a dedicated email ID so that customers can report any fraudulent activity they have noticed. • A fraud helpline for customers and employees to report suspicious activity is also helpful. • Conduct vulnerability scans at least once every quarter using vendors approved by the payment cards industry. • Companies should coach employees in adopting best practices for password creation and maintenance. • Hackers will try to access company networks through remote access log-ins. So security on such log-ins should be improved. • Single-factor authentication should be phased out at all access points in the company and replaced with twin-factor authentication. • Hackers would try to hack into the credentials of people with the highest level of access, namely members of the top leadership. So they should be doubly protected. • Buy threat intelligence from cyber security companies; also share human intelligence with peers in the industry. • A flipside of encrypting more and more data is that it slows down computer systems in the company. As a result, there is resistance to increased encryption, especially from ecommerce firms that want to respond quickly to customer queries. Investing in upgrading technology should provide a way out of this. REHEARSE YOUR RESPONSES What happens after a breach is equally important in managing losses as what companies do to prevent breaches in the first place. Public statements intended for customers, employees, regulators and the press should be prepared in advance. Ditto for website messages and provision for alternate payment methods. Another essential step is to train employees to ignore spam as well as attempted phishing attacks. The cyber security industry has identified telltale signs that are the hallmark of phishing messages. They are likely to feature: • Generic names to address individuals. Instead of using the intended victim’s name, a phisher will begin communication with a generic ‘Dear Customer’ or something similar. • The logo may not quite match. • For some reason, the communication will feature language riddled with grammatical errors. • They will invariably ask victims to verify their passwords at a masked web address. That should be a dead giveaway. In short, as far as cyber security is concerned, it pays to be ever vigilant and adopt best practices and train employees across the country. e.o.m. The guiding light for Indian banks when it comes to taking precautions against cyber fraud is the report by the RBI ‘Working Group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds, 2011’.
Another influential document is ‘Cyber Crime, Securities Markets and Systemic Risk’ by IOSCO and World Federation of Exchanges. The recommendations of the first report guide all Indian banks. The recommendations of the latter report guide all Financial Market Intermediaries (FMIs) registered with stock market regulator SEBI. Now let’s take a slightly deeper dive into the recommendations followed by all Indian banks, leaving aside FMIs for now. FRAUD RISK MANAGEMENT GROUP In all Indian banks, fraud prevention, monitoring, and investigation are owned and carried out by an independent group known as the Fraud Risk Management Group (FRMG). This group sets up fraud review councils for the bank’s various businesses. These councils are expected to meet every quarter. The FRMG periodically conducts vulnerability assessments. Mystery shopping is an important part of such assessments. In addition to the FRMG, all Indian banks are expected to set up a special committee of the board to exclusively monitor and follow up frauds involving amounts of Rs 1 crore and above. The FRMG sets up limits on frauds for all businesses of the bank. When the loss amount reaches 90% of the limit set, the FRMG is required to review the processes with the concerned group. Again, all frauds involving amounts of Rs 10 lakh and above have to be reviewed immediately by the FRMG. Same goes for cyber frauds where criminals used a new mode of operation to conduct the fraud. The bank is expected to use the findings of such reviews to redesign its products and processes to prevent such frauds in future. Methods used for fraud detection: • System alerts on exceptional transactions. • Channels to take note of disputes involving customers and employees • Mystery shopping exercises • Encouraging customers and employees to report suspicious transactions CAN-HAVE FACILITIES FOR BANKS The Working Group Report suggests that banks can put in place the following mechanisms to reduce the risk of cyber fraud: • Dedicated email IDs for customers to report fraud. • A dedicated team to reply to customer concerns through the above email IDs. • A fraud helpline for customers and employees to report suspected frauds. Only an audit will reveal how many Indian banks have set up such facilities. ONUS FOR FRAUD INVOLVING MULTIPLE BANKS In cases of fraudulent credit of money into an account in one bank through another bank, the Working Group has made it clear that the investigation and reporting should be done by the bank whose customer has received the money. There could be transactions involving misuse of PoS terminals by merchants who swipe stolen or skimmed cards and abscond before the charge back of the funds. In such cases, the Working Group has made it clear that the reporting to RBI should be done by the bank which provided the (acquiring services) PoS terminal. There could be transactions involving multiple banks when a fraud is done at an ATM of one bank using a card issued by another bank. In such cases, the Working Group has made it clear that the bank acquiring the transaction (in other words, the bank which owns the ATM) should report the fraud to RBI. Banks are expected to file police complaints at the nearest Cyber Cell for all instances where the value of the fraud exceeds Rs 2 lakh, and cases involving staff where the value of the fraud exceeds Rs 20,000/. Besides, banks are also expected to notify the regulatory organization CERT-IN. e.o.m. If your website is showing one type of content to site visitors, and another type to the Google bot, it is considered to be practicing the dark art of cloaking by the search engine giant. Soon Google will impose a penalty since it considers cloaking to be a violation of its Webmaster guidelines. You have to then follow an elaborate remedy process using the Fetch as Google Tool in Webmaster Tools. It is all about narrowing down and detecting that part of your site which looks different to the search bot compared with what is seen by the naked eye. The problem content has to be then removed. You are also believed to cloak if your site redirects users to a different page than what Google saw. Here the remedy is to identify those URLs doing the redirect and have them removed. Once these remedies are done, a site owner has to use the Reconsideration Tool and ask Google to remove the penalty. It’s a long process and one has to have lots of patience. It’s much better to make sure that the penalty is never slapped on your website in the first place. Because of Google’s no-nonsense stance, popular sentiment is against cloaking, which is considered a criminal activity. But please remember that site owners may have have their innocent reasons for why they did cloaking. So a blanket labeling of cloaking as ‘criminal’ is not the right approach. NETSCAPE KICKED OFF CLOAKING Recently, while reading an interview with Greg Boser, one of the pioneers in the field of Search Engine Optimisation, I got a totally different view on cloaking. According to him, cloaking began as a well-intentioned, perfectly legitimate activity. It goes like this. At one time, Netscape was warring with Microsoft for survival after the Redmond giant released its own version of a user-friendly browser (Internet Explorer) and distributed it free with its operating system. The intention was to kill Netscape, which it eventually did. Netscape was a pioneer which made Net access easy for the masses by creating a easy-to-use browser, which it had given away free. It is difficult to believe now that before Netscape came along, a user had to type in a series of code to access the World Wide Web. The Web would have remained a plaything of the nerds if a browser like Netscape hadn’t come along. To cut the story short, Netscape worried that folks at Redmond were accessing its site and doing competitive analysis constantly to find out what it was up to. To prevent this, engineers at Netscape identified the series of IP addresses used by Microsoft and prepared a dumbed down version of its website exclusively for Microsoft folks opening its website. This was how cloaking began as a perfectly legitimate activity according to Greg Boser. But of course, it was later misused a lot. e.o.m. Recently while researching the topic of security breaches at corporates, I came across this interesting nugget from the Wall Street Journal that Kellogg’s, the storied American cookie- and cereal bar-maker, is so obsessed about cyber spies ferreting away its trade secrets that it makes sure they are stored in a computer that is not connected to the internet. “Kellogg's management is especially worried that cyberattackers might try to steal the company's know-how, like the way it puts the ‘Snap, Crackle and Pop’ in Rice Krispies or the curve in Pringles potato chips, according to two people briefed on its computer defences,” wrote the WSJ. “Information on our recipes, including where they are stored, is proprietary,” said Kris Charles, a Kellogg spokeswoman. In a February 2014 securities filing, Kellogg said, “To date, we have not experienced a material breach of cybersecurity.” Looks like Kellogg’s is very happy with its tactic. But is this approach hackproof? I turned to authors Richard Torrenzano and Mark Davis for insights from their book Digital Assassination. They let us know that cybersecurity experts have a name for the process of sealing a computer by taking it off from the internet — airgapping. It refers to the belief by certain ccybersecurity experts that “a computer system that is not connected to any other computer or to the Internet is safe”. But Torrenzano and Davis are not very impressed by airgapping. They say, “If evolution teaches us anything, it is that intelligent systems like to network. Of course no computer is going to extend its own cable and plug itself in. But a computer doesn’t have to network itself, because every computer comes complete with a parasite called a human, a creature with an irrepressible desire to network.” RISKS OF A MERE NET CONNECTION So airgapped computers may not be very safe because they are handled by humans, who have a tendency to network. But what happens if a computer is plugged into the internet and allowed to run without any human intervention? Torrenzano and Davis tell us that just such an experiment was conducted by a leading IT company. In step 1, “the company’s engineers purchased a garden-variety PC from a chain retailer”. In step 2, “they installed in it the best off-the-shelf antivirus, anti-spyware protection, and firewall software packages available”. In step 3, “they connected this PC to the Internet. They did not use it for anything. They just tracked the flow of code into and out of the machine”. Any guesses on what happened next? The authors wrote, “Within four hours the engineers detected the first ping by a potential hacker. In two weeks more sophisticated software from a computer in Canada slowly embedded itself in the PC and started running its own software. The Canadian computer soon set up links between the enslaved zombie PC and a computer in Singapore, which used the PC to attack a network in Poland.” So despite the precautions taken, most computers invite security vulnerabilities merely by being connected to the internet. Imagine then the risks involved in the careless approach to security of most users? Airgapping may have its benefits in certain circumstances. Here too, a lot depends on the discipline of the human handlers. No wonder many hackers stay invested in social engineering. For most ordinary people, however, nothing much can be accomplished at work or leisure without an internet connection, especially in these days when Cloud Computing is all the rage. e.o.m Phishers cast a big enough net to catch a few fish.Make sure you are not their catch with these simple steps.Criminals phish for trouble through bulk emails or instant messages.The target victim is told to click a link or provide information.The phishing email usually pretends to be from a service provider you trust.You are told that there is some problem with your account which you need to set right,or else you are presented a situation that requires you to verify the account. If you fall for it ,and reveal your credit card information ,you could soon expect some charges ,say security experts.The criminals may also sell your card,or destroy your credit history. Experts say there are some tell-tale signs of phishing scams you should aware of. TELL-TALE SIGNS OF PHISHING SCAMS Security researchers note that the spammed email from phishers nearly always begin with a generic way to address you,Instead of addressing you by your name.Eg: << Dear Online Service User: Dear Bank Customer: Dear Credit Card Account Holder: Dear Personal Club Member: Greetings! Welcome! Warning! Security Alert! >> Almost always,they ask you to verify or confirm your account.Experts say that legitimate companies will never ask you to verify the following information online:
Some times, these criminals provide legitimate links but hijack you to land on a different site from where you thought were going. So don't forget to look at the URL of your final destination to make sure it's that of your service provider. Check whether the site you reached has a privacy policy, uses https protocol and has the lock icon of the secure sockets layer (SSL). Sometimes the criminals manage to include the names of the legitimate service providers as a sub-domain within their site. Again look at the URL carefully to find out where you are going. Many browsers have built-in phishing and malware protection facility .In Internet Explorer, it is called Smart Screen Filter, and in Chrome browser it is called Phishing and Malware Protection.Make sure these are turned on by checking the settings. e.o.m Recently Nicole Perlroth, who covers cybersecurity and privacy for the New York Times, sat down to be interviewed by one of her own colleagues. The interview covered some ground on how readers can protect their own data. Let me list her main recommendations. Wherever possible, I will provide my reasoning on why she may have recommended a particular step: DOs AND DON’Ts ON PERSONAL DATA PROTECTION Do not hand over email or Birthdates to retailers. My take: This may sound a bit harsh. Sometimes retailers may wish to forward a copy of the purchase receipt to your email ID. At other times, they may want to start your Rewards Programme account. There is no denying the convenience. But the worry is can retailers keep your ID safe? Very often, an account or card verification process may start with you being asked to verify your email ID. If someone had harvested your email ID from a retailer, you are providing an easy first step for the criminal. A workaround would be to start a separate email ID just to service retailers, which you won’t link to anything else. Stricter standards should apply to providing Birthdates. My take: Sometimes a retailer may ask for your birthday to offer special discounts. The intention may be harmless. But if the retailer doesn’t keep your data safe, you will be unnecessarily exposing yourself to cyber criminals. There’s no workaround here. Simply avoid providing your birthday details to a retailer. Don't use debit cards unless you are at a bank. Use your credit card when you can, instead of your debit card. My take: This appears to be another harsh prescription. But she may have recommended this because there’s more protection for credit card misuse from the card issuer. In debit cards, you withdraw money directly from your bank account. It is more of your risk than that of the card issuer. Therefore, the protection offered may also be less. Do not use self-checkout systems at merchants, because those are often the first place hackers will scan. My take: The self-checkout system seems to be a feature in the West than in India. In self-checkouts, staff supervision is less. This may have drawn the attention of criminals to such checkout lines. This year’s breach at retailer Home Depot in the US, involving stealing of personal data of 56 million customers, began by criminals infecting the company’s cash registers with malware. So checkout lines are very vulnerable to attacks by criminals. Use long, complex passwords. Do not use the same password across multiple accounts. My take: Too many studies have come out about the unfortunate popularity of useless passwords. Time spent in creating strong passwords will save you a ton of trouble. In her book Online Reputation Management for Dummies, Lori Randall Stradtman has given a simple way to create strong and safe passwords. I recommend it. Here are the steps given by Lori: << 1.) Brainstorm for a minute on a sentence or phrase that has some special meaning to you. (However, try not to choose one that’s really popular right now.) For example: • A favorite song lyric • A line of poetry • A movie quote (my favorite). Let’s use ‘All we are is dust in the wind’ as an example. 2.) Convert your phrase into an acronym. We’re using ‘All we are is dust in the wind,’ so the acronym is ‘awaidinw.’ It’s just the first letter of each word. 3.) Substitute at least one letter with a number. With ‘awaidinw,’ it may look like this: • awa1d1nw (the letter i is replaced with the number 1) 4.) Substitute at least one letter with an upper-case letter. Our password in progress could look like this: • awa1d1nW (the last letter, w, gets capitalized) 5.) Substitute at least one letter with a symbol. Our password in progress could look like this: • @wa1d1nW (the first letter, a, is replaced with @) Congratulations! You’ve just created a password that’s 1.34 tresvigintillion more times, or 1.34 trillion trillion trillion trillion trillion trillion times stronger than your chance of winning the lottery. Please don’t use this particular one! Now that I’ve described, created, and published this password, it is no longer a strong choice. Come up with your own! >> Got it? Now go ahead and create your own passwords using this method, but make sure you do not use the same password for many accounts. Use two different web browsers — one for email and bank account, the other for eCommerce and general web browsing. My take: No comments. Switch on two-factor authentication wherever u can. My take: This is as simple using a debit card and its pin while doing an ATM transaction. The right debit card is the first step, and the right pin is the second step. Many email service providers now allow two-step or two-factor authentication. Make use of it to keep your account secure. For instance, to authenticate your Gmail Account, simply sign in and go to your Accounts section by clicking on the link seen under the icon in RHS top. Once there, please click on Security and then say Enable to 2-Step Verification. Enter your mobile number and click for the 6-digit verification code from Google to your mobile phone. Once you have entered the code, your computer is verified for the particular Google Account. Only when you log in from another unverified computer will you be asked again to authenticate using the code sent to your mobile phone. You can also add other computers to the safe list. Please add this additional layer of safety to your email accounts as an insurance. Put masking tape over the webcam on your computer. My take: You may be surprised to hear this recommendation from the cybersecurity expert at The New York Times, but I am voting for it. There have been too many instances of criminals hacking into webcams and leaving people in grief. Laptop manufacturers sneaked in this ‘innovation’ without taking buyers into confidence. It pays to be careful. Cover the webcam with a masking tape whenever you are not using it. Someone can use stolen data for identity theft and tank your credit score. My take: Credit scores are very important for individuals in developed countries. In India too, credit-rating agencies no play an important role in assessing the loan-worthiness of individuals. Keep your credit cards and online identities safe. Let no one misuse it and cause harm to your reputation as a trusted borrower. Hackers are actively selling medical records on the black market. Someone mayyou’re your medical identity and pollute your lifetime medical records. My take: This advice is more relevant to consumers in developed markets where medical records have been extensively digitized. Recommended tools by Nicole Perlroth: Wickr, a mobile app that encrypts and self-destructs messages. Silent Circle, software which allows encrypted phone calls. My take: These tools could be more relevant to developed markets. e.o.m. Manual penalty is Google’s ultimate weapon to punish a website which it suspects to have indulged in bad behavior. Webmasters get the hint that their sites are facing a possible manual penalty when it completely or partially disappears from a Google search result. For instance, if you key in your website’s URL in the Google search field, and the search result does not return a single page from your site, you can be sure that you are facing a manual penalty. Sometimes only a sub-set of pages from a very large website are made to disappear from Google’s search index. Even then, regardless of whether the penalty is site-wide or partial, its effect would be pretty devastating on the business. CONFIRM, AND THEN TAKE ACTION If you suspect that your site has been penalized by Google, the first step to take would be to confirm that you are indeed facing the penalty. For this, log in to Google Webmaster Tools, and then click Search Traffic in the dashboard. Now click Manual Actions. If your site has been penalized, it would be listed here. Depending on the punishment, it can be ‘Site-wide’ or ‘Partial’. Further, there would be a mention of the Reason for the action, as well as a list of the parts affected under the Affects header. Click on Reason to find out why your site faced the penalty. It could be one of the following: Unnatural links to your site — impact links. This means Google suspects you could be buying links or collaborating in link schemes. If you think you have been punished wrongly, you should use the Reconsideration tool Unnatural links If you see this listed as the Reason, it means Google is seeing a pattern of manipulative links pointing to your site. As a result, it has taken manual spam action against your site. In this case, you should download the links to your site using Webmaster tools, and check the list for links that violate Google’s guidelines on linking. Once you’ve identified such links, contact the webmasters of such sites and request them politely to either remove their links, or add a “rel=nofollow” attribute. A good SEO practitioner can help you here. It’s possible that you are unable to remove some problem links. This is where you use a tool called Disavow links tool provided by Google. Once you have removed or disavowed the links, it’s time to use the Reconsideration tool and ask Google to index your pages once again. Hacked site If this is what you see under Reason, it means Google believes one or more of your pages have been hacked by third parties. Google suggests a series of steps to clean up your site. A good SEO practitioner can help you in this case. Once you are sure that your site has been cleaned up, it’s time to use the Reconsideration tool to ask Google to index your pages once again. Unnatural links from your site This message means Google suspects you are providing unnatural and manipulative links to others from your site as a beneficiary of some link-buying scheme. You should either remove these links or ensure that they don’t pass your link juice by using the “rel=nofollow” attribute. Once done, use the Reconsideration tool to ask Google to index your pages once again. Thin content with little or no added value If you see this message, it means Google has applied a manual spam action on your site because it thinks you have low quality pages of these types: · Pages with automatically generated content · Thin affiliate pages · Scraped content from other sources · Doorway pages Identify these pages and correct the violations. Once done, use the Reconsideration tool to ask Google to index your pages once again. Pure spam If you see this message, it means Google believes you are practising aggressive spamming. You have to then clean up the affected pages, and approach Google for reconsideration. User-generated spam If you see this message, it means has Google has identified that your site hosts pages with spam generated by site users. Such spam can exist in site forums, profile pages, or guest pages. Once again, identify such pages and do a clean-up. Then knock on Google to reconsider. Measures suggested by Google to prevent user-generated spam include the following: · Use a CAPTCHA system · Turn on comment moderation · Use the “nofollow” attribute · Add a ‘report spam’ feature · Disallow hyperlinks in the comment box · Block Google access to comment pages by using robots.txt file · Monitor your site for spammy pages by setting up Google Alerts for keywords linked to spam Cloaking and/or sneaky redirects If Google thinks your site shows one page to Google, and another to users, or redirecting users to a site different from what Google saw, you will get this message. To clean up, you have to use a tool called Fetch as Google. This enables you to compare pages as seen by Google, and by other users. If the two are different, start cleaning up the source of this. Once done, request Reconsideration using the tool meant for that. Hidden text and/or keyword stuffing If Google thinks some of your pages contain hidden text or keyword stuffing, you will see this message. You could take the help of a good SEO practitioner, or on your own review Webmaster Guidelines on Hidden text and Keyword stuffing. Use the Fetch as Google tool to find content visible to the Google crawler, but hidden from human visitors. Remove or re-style such text, once identified. Once done with the clean-up, use the Reconsideration tool to ask Google to index your pages once again. Spammy Free hosts This applies if you run a free web hosting service and a significant number of your users are indulging in spam. The recommended steps are to block creation of automated content, and monitor the service for abuse using simple, but effective tools like site:operator query or Google Alerts. There’s also a Safe Browsing Alert Tool for Network Administrators provided by Google. For other best practices, it’s best to contact a knowledgeable SEO practitioner. Spammy Structured Markup In case of the above message, it means Google thinks some of your HTML or CSS code may be using techniques outside its rich snippet guidelines. Webmasters use rich snippets to take advantage of Google’s offer to provide a rich summary of your page in the search engine results page. To fix this error, first refer to the guidelines. After clean-up, test using the Structured Data Testing Tool provided in the Webmaster tools. Once done, submit for reconsideration. THE IMPORTANCE OF GUIDELINES So there we have it, a summary of the most usual reasons given by Google for punishing your Website with the dreaded manual penalty. Some of the remedial measures listed above may require handholding from an experienced SEO practitioner. As you can see, search engine optimization is not all hot air. There are situations like being at the receiving end of the dreaded manual penalty when you would certainly need the services of an SEO firm. It’s foundational that as a website owner, you should be thorough with Google’s Webmaster Guidelines. In the instances given above, one finds again and again that the remedy suggested by Google refers to the Webmaster Guidelines. So make sure you have it well covered on that front because it could be the best insurance to ensure you don’t ever face manual penalty from Google. More nuggets from I’m Feeling Lucky to help us understand Sergey Brin better. On the relationship between Larry Page and Sergey Brin, Edwards quotes David Krane, then a senior member of the communications team: “Those guys had a communication channel that was very direct, very open. When there was tension, it was when they were fighting over data. They would be downright rude to each other, confidently dismissing ideas as stupid or naïve or calling each other bastards. But no one would pout.” THEY SHOULD BE PAYING US It didn’t take long for Douglas to realize that Larry and Sergey wanted Google ideally to churn out perfect products while incurring no expense. “That was impossible, of course, but it didn’t stop us from trying,” he writes. Douglas said he learned that for the founders, the starting point for any negotiation would be the position, “they should pay us”. To the founders, winning a deep discount wasn’t a victory, wrote Douglas. “It was an admission of a failure to get something for free.” Another core value at Google was to ‘never pay retail’. In the early months of 2000, this was thoroughly tested when an expanding Google wanted more space and Silicon Valley had nothing to offer at less than $8 per square foot. Despite his protestations, Google’s official office hunter George Salah was forced to put in a lowball offer of $6.45 per square foot by Larry and Sergey. The landlord screamed at George’s broker and raised the price to $8.25 per square feet, notes Edwards. As luck would have it for the Google founders, two weeks later the dotcom fever broke and the real estate market collapsed. Salah “sublet space in that same building for $3.5 per square foot, and a year later he leased a completely furnished building nearby for 45 cents a square foot”, writes Edwards. So the Google core value, after all, was based on sound logic. GOOGLE’S GREATEST CORPORATE EXPENSE At an all-hands meet one Friday, Sergey popped the question, “Do you know what’s our greatest corporate expense?” Douglas remembers that everyone wanted to answer that one. Answers came in thick and fast like ‘health insurance’, ‘salaries’, ‘servers’, ‘electricity’, and even ‘Charlie’s grocery bills’. Sergey wasn’t impressed. “No,” he said solemnly, shaking his head, “opportunity cost.” He explained that products the company wasn’t launching and deals they weren’t doing threatened its economic stability more than any single line item in the budget. (To be continued. Vignettes taken from the book I’m Feeling Lucky by Douglas Edwards. The first, second and third parts of this series can be accessed by clicking on the links) |
Archives
December 2014
AuthorI'm Georgy S. Thomas, the chief SEO architect of SEOsamraat. The Searchable site will track interesting developments in the world of Search Engine Optimization, both in India as well as abroad. Categories
All
|