Category Archives: Wider Internet Issues

General Interenet observations not related specifically to websites or SEO.

Why We Monitor Your Website 24/7

Management Summary

If your website is down, your visitors will go elsewhere. Lost visitors mean lost business. Here at BlueTree, we monitor all clients’ websites 24/7 to make sure they’re up and running well. We also monitor a few, non-BlueTree, local websites. See Datum_1 to Datum_4 in the charts.

Here is the monitor for the six months to July 2022. Our BlueTree site is hard to see on this chart as it was up all the time during the monitoring period. It’s also the dark red line at zero on the “Number of Incidents” chart, above.

BlueTree hosting uptime compared with other local businesses

More details

Why We Monitor

One morning, a while ago, I tried to visit three local business websites, only to see, “404 page not found”. It was a coincidence, but it made me wonder. Knowing that our clients’ sites are up pretty much 100% of the time, how do others compare?

That’s when we started monitoring a few other websites for local comparison.

We’ve always monitored our own websites, and around 2010 we started checking our clients’ sites too. Things do go wrong, sometimes badly but most events are minor, just a minute or two. Here are a couple of recent major events:

  • in 2017 Firefox and Chrome browsers began to insist web pages be encrypted, with a current SSL Certificate, displaying a warning if not; your BlueTree CMS sites now renew automatically, but certificates did cause problems in the early days; and a few long-term clients, who don’t use our hosting, sometimes fail to renew, even now
  • in June 2021 our ISP suffered a failure that left many servers without an internet connection for several hours. A lot of big company sites went down. Our websites are hosted in another data centre, but several clients lost email access until Open Reach fixed the problem

How We Monitor

Monitoring Software

We use a web service called Uptime Robot. There’s a free option, so you can use it yourself if you want. The free version reports downtimes of 5 minutes or longer. It sends email alerts when it finds problems.

The paid version operates at one-minute intervals and sends text alerts too. It will also check your SSL certificate. Over the years, we’ve spotted several SSL problems for clients.

What We Monitor

We host client sites on leased servers. If a server goes down or loses its connection, all its websites fail. That does happen occasionally when maintenance is planned. These incidents are infrequent, very short, and scheduled in the early hours.

Other failures are website specific. The most common is when a client fails to renew a domain. We’re able to tell them promptly so they can fix the problem.

We monitor our own websites, all clients’ sites, and those of a few, unrelated, local businesses. We chose sites owned by organisations similar to those in our extended “BlueTree family”.

Extracting and Presenting the Data

The monitor displays a list of events like this. These are our datum sites, so we redacted the names.

Uptime Robot monitoring dashboard, showing downtime events and duration

For each “Down” incident, it shows:

  • the down event, flagged in red, the “up-again” in green
  • the domain or IP address
  • date and time the event started
  • duration of downtime
  • duration of subsequent up-time – up to the time of display

At the top right, you can see the words, “Export Logs”, a link that downloads the last six months’ events in a .csv file for spreadsheet analysis.

When There’s a problem

Occasionally, we receive an alert for one of our sites, We find and fix the problem if we can. Where we can’t, or if it takes more than a few minutes, we tell you and explain what’s going on.

In Conclusion

The odd five or fifty minutes down in a month doesn’t seem a big deal, But remember Captain Edward A Murphy, USAF? In 1949 he said, “What can go wrong, will go wrong!”

Who knows? Your best new sales opportunity might choose to visit just when your site has disappeared. You’ll never know, Best to have a site that stays up all the time, if you can.

Ukrainian flag licence-free from Pixaby

Let’s Help Ukraine Now

Leave a Reply

We don’t usually post political stuff.
But then, we don’t live through a tragic realignment of our world very often.

Just researched these places where we can donate to help Ukrainians.

You might like to review these, too:

 

author's firefox monitor dashboard showing number of data breaches detected

Check Your Email Isn’t Exposed on the Dark Web

Pwned: Exposed on the Dark Web

“Pwned” is a deliberate typo for the word, “Owned”. “To Pwn” has its roots in the computer games world; it means to beat someone comprehensively.

Why Worry?

Email addresses on the dark web are available to hackers and spammers. At the very least you’ll be getting unwanted emails. The worst case: you’re on the way to getting your identity stolen.

A President Pawned

Yesterday I received an email from the president of an organization for which I do voluntary work. It said, “Do you have a moment I have a request I need you to handle discreetly. I am going into a meeting now, no calls so just reply my email.”

I checked the email address and, needless to say, it wasn’t from the president at all.

Since the committee members all received a similar mail, my first thought was that someone has hacked the account. However, it’s easy to check, so I did.

Pwned in Data Breaches

A “data breach” is where information has been exposed to public view, either intentionally or not. Turns out that the president’s email address was exposed in two data breaches, now available on the dark web.

president@ First Breach

The first was back in 2017, when the address was used by the previous president. This may have exposed the email address and password. I say, “may”, because it may be just the email address that’s exposed, without the password.

president@ Second Breach

The second is more serious and more recent: February 2019. Whilst it doesn’t include email addresses, it does have dates of birth, employers, genders, geographic locations, IP addresses, job titles, names, phone numbers, physical addresses. An email validation service, verifications.io, was hacked. To check an email address is valid, services like this comb all public records to build a comprehensive profile of the person behind the address.

Personal Data Available on the Internet

You’d be surprised how much of your personal data is available to on the internet. Records may be public, such as Companies House, the electoral roll, telephone directories, even on your own website. Or easily accessed, like Facebook and LinkedIn. Or may be given securely, in good faith, and then sold under the cover of small print, a practice used by some DNA profiling websites, for example.

Check Your Own Data Breaches

Check your email address at Have I Been Pawned. Enter your address here, and it’ll scout the dark web and list data breaches that contain it. Check all your addresses if you have more than one.

Check regularly using their monitoring service, which sends alerts to your inbox if it spots any of your addresses on the dark web.

alerts on have i been pawned menu

Protect Your Identity

  1. change your password on any breached websites, or delete your accounts
  2. make sure your anti-virus software and firewall are always up to date
  3. use strong passwords (HM Government has tips for staying safe online)
  4. use a Password Manager to generate, save and protect strong passwords (free password managers here)
abstract image made from at signs

Do You Break These Email Rules?

I Must Have Written Millions of Emails

Over the years, I’ve seen, and made, all sorts of mistakes with emails. To fix them I’ve adopted nine rules. They’re so obvious it’s a pity I (and maybe you?) don’t always follow them :o(

I often break rule 6 trying to be friendly, especially in these COVID-ridden times.

If you want to read the explanations below, please go ahead. If you don’t have time, here’s the list. Click a rule to see a brief explanation.

Rules for Writing Effective Emails

Rule 1. One topic, one email
Rule 2. Main point up front
Rule 3. Don’t change the subject
Rule 4. Email when you’re fresh
Rule 5. Use complete dates
Rule 6. Keep it brief
Rule 7. Take care with Reply All
Rule 8. Check your spam folder
Rule 9. Subject rule for meetings

Simple, innit? Do you always follow these rules? I try.

Rule 1: One topic, one email

The most effective emails contain just one question or message. Busy people receive 100s of them. They scan emails, so second and subsequent messages are often missed, rarely acted upon.
Back to list.

Rule 2: Main point up front

For busy email scanners, if you want something to happen, ask in the first sentence. Leave white space afterwards for emphasis.

Add all the reasons you want below. Some may read them. Your main actor will probably be too busy. However, s/he will see you have loads of justification and might actually act. If there’s no justification s/he may notice that, too.
Back to list.

Rule 3: Don’t change the subject

How often have you said to yourself, “I said that in my email yesterday”?

Did you change the subject? Did you start a new conversation in reply to something else? And did you Reply All? It’s convenient if you’re talking to the same group of people. Many people, seeing “RE:” on the same subject line once too often, won’t bother to read it.

If you want to talk about something else, start a new conversation. One with suitable words in the “Subject” field. See rule 7, too.
Back to list.

Rule 4: Email when you’re fresh

Don’t email late at night, when you’re tired, or after booze/chocolate/whatever turns you on. I’m not going to explain this rule further. If you really feel the need, wait until tomorrow to press “Send”.
Back to list.

Rule 5: Use complete dates

It happened again. I arranged a meeting for a day next month, 21 July. One colleague read it as June. If I’d said Wednesday 21 July he’d have found out very soon and wouldn’t need to be told.

Saves everyone a lot of time sorting it out, and some people find public mistakes like this embarrassing. It’s good to be kind.
Back to list.

Rule 6: Keep it brief

After you’ve finished writing that important email, read it again and see how many words you can remove without affecting the meaning. If it’s a really important mail, get someone else to do it too.

If it’s very short, will your entire message into the Subject field?

Nobody likes spending time on unnecessary waffle. People will appreciate your brevity.
Back to list.

Rule 7: Take care with Reply All

For two reasons, do think about “Reply All”.

  • save people time by not sending them irrelevant copies to open
  • don’t copy people into conversations that don’t concern them – it can be embarrassing

If the original sender copied in other people, they intended them to be aware of the conversation, maybe join in. Reply All can, inadvertently, share information you regret, especially if you change the subject (rule 3).

Avoid wasting people’s time unnecessarily: “Reply All” only if you think the sender was correct. Back to list.

Rule 8: Check your spam folder

Email systems continually update their spam filters. This is great, but they sometimes think emails you really want are spam.

Before you switch off for the night, look through your spam folder. Move non-spam to your inbox, otherwise, links may not work. Then delete the rest to keep it tidy.
Back to list.

Rule 9: Subject rule for meetings

Put the date and time of the next meeting in your email subject.

Recipients may consider your mail non-urgent and then lose it in overfull inboxes. Making it obvious reduces the risk of being ignored when they miss the meeting; makes excuses sound lame.

[Added November 2021 after a couple of embarrassing failures.]
Back to list.

key workers rainbow with delivery truck, NHS logo and heart

BlueTree Supports Key Workers

A Badge of Honour

We’ve added this logo to our website in support of key workers during the Coronavirus difficulties. We made the badge to say “Thank you” to all key workers, visible and less so.

The NHS logo sits on the back of a lorry, as an inclusive gesture to all key workers. The rainbow also indicates inclusion, this time of races, creeds and gender preferences. The heart shows the love our doctors and nurses must feel for all humanity to do what they do in such difficult and dangerous circumstances – and the love we all feel for them and everyone working to keep us going. The little blue tree is for us, the rest of us, sitting on the sidelines, doing our bit by staying in and staying safe.

Everyone Knows Key Workers

Everyone knows a nurse or doctor, or a family with one.

When you’re out on your daily exercise hour, you’ll probably see a lorry or van delivering things to keep the rest of us alive, a bus driver taking key workers to work, or a refuse lorry clearing up our mess. Their risk level is lower than that of NHS staff, but they’re more at risk than the rest of us in our self-isolation.

Meadows Day Nursery, Cheltenham, is one of our clients. They’re just another type of business working behind the scenes to help the front line of these virus wars. Whilst many nurseries have closed, Meadows is open, looking after the children of key workers, so they’re exposed to potential infections. Key worker mums, dads and carers are on the front line and their children could bring the virus into the nursery.

Stay Safe, Everyone

So, let’s all obey the rules and hope to come out of this in one piece at the end.

Thank you to the NHS and all care workers, pharmacists, bakers, posties, shopworkers, therapists, delivery drivers, refuse collectors… and all the other unsung, overworked, under-paid, often exploited people who do so much for our community under everyone’s radar. Coronavirus has raised their profiles. Let’s hope we – and our politicians and business leaders – remember them long after the dust settles and life returns to normal.

Or maybe we’ll have a new, fairer and long-lasting version of “normal”.

General Data Protection Regulations (GDPR)

GDPR Ticklists to Help You if You Missed the May 25 Deadline

the word privacy in a sort of google fontWant to go straight to the ticklists?

Or straight to the sole trader bit?

I wonder how many businesses have deleted 75% of their hard-won contacts with “essential you opt back in” email campaigns? And they will lose them, because of this knee-jerk reaction to GDPR.

  1. everyone receives so many they’re ignoring them
  2. they’re probably not necessary
  3. they may be illegal under other regulations

You do need to act, but there’s no need to panic, even if you missed the deadline. This myth-busting piece in The Guardian may help put your mind at rest.

Like most of you guys, we’re a very small business, and this is our take on how it applies to us. This is what we’ve done, and what we’ll be doing in future. This post covers,

BlueTree GDPR Promise

We promise to treat all personal data with respect, and we’ll never knowingly share it with anyone else, nor use it for any purpose other than that for which it was collected.

GDPR Tasks to do Before May 25th

GDPR seems common sense, and we don’t have to change much anyway. Our compliance is based on this understanding:

  1. Make a list of all the places you hold personal data. We have one in a Word document.
  2. Be clear about what data you collect and why. For marketing, we hold email addresses, phone numbers and, for accounting, postal addresses.
  3. Write and Publish your Data Protection Strategy, optionally on your website. Here’s ours.
  4. Draw up plans to implement your strategy; you might not finish implementing them it before 25 May.

Before or After May 25th

  1. Only use personal data for the purpose you collected it and don’t share it with anyone else. We don’t.
  2. Hold personal data securely. We use networked, personal computers, with strong passwords. We store some in “the Cloud,” where it’s held securely by reliable, global corporations, namely Google, Dropbox and MailChimp. We don’t think we’re liable for breaches they may make, though we may need to contact people affected.
  3. Add people to your marketing list only if they opt-in; we use sign-up forms.
  4. Avoid collecting data from minors. We’ll do our best to identify them.
  5. Respond promptly to requests for copies of personal data you hold. We’ll do so for anyone who requests it on this form (it’s our usual contact form).
  6. Allow people to amend or delete their data. We’ll do this if they request it on the same form.
  7. Add an unsubscribe link in marketing emails and delete unsubscribed people. No need for us, MailChimp does this anyway.
  8. Tell the Information Commissioner, and people affected, if you get hacked. We can do this if it ever comes to our notice.

Simple GDPR for Sole Traders and Micro-Businesses

BBC Radio 4’s Money Programme (20 May) had some advice for sole traders and small organisations. Sadly, I can’t find it any more. The example they used was a small allotment society, and the advice covered micro-businesses (like sole traders and partnerships) too. T

 

Anyway, this is what we do.

  1. GDPR applies to the personal data of business contacts, not to personal contacts, though if you do business with a friend or relative, that contact is affected.
  2. Existing contacts. There’s no need to stop mailing people already on our list:
    1. It’s fine keep personal data we have already, if we have a good reason to do so, e.g. they owe us money, or we do work for them sometimes. This is called a “legitimate interest”, apparently.
    2. It’s also fine to keep it if they gave us consent when we collected it; we won’t be asking anyone to opt in again unless we’re sure they didn’t consent.
    3. If we want to use personal data for anything other than why we collected it, we’ll ask for consent.
  3. New contacts, people whose data we want to store. We’ll ask their permission, tell them why, and that we’ll change or delete it if they ask you to.
  4. Security. We’re sure the paces we store it are secure. These include phones, computers and “cloud” storage; they’re protected with a PIN or password.
  5. Website. We collect personal data on our website with a sign-up or contact form; it’s encrypted, secured with an SSL certificate (HTTPS) – more on our blog here, and protected from web spiders with a reCAPTCHA,
  6. Updates. We promise to supply, change or delete their personal data if anyone asks.

You’re also supposed to have procedures in place, but sole traders and tiny businesses don’t do this formally, as a rule. Here at BlueTree, we have a list of places where we store personal data (MS Word document) and a short GDPR policy statement, published on our website.

Free GDPR Tick List Templates

We like tick-lists: lists of things to do, expressed as 1-liners. They’re terse task reminders, in sequence if that’s important. Print them out, tick off the jobs as you do them, then file the completed list as evidence of completion.

There are two GDPR template tick-lists in this document: start-up and on-going. Yours to use as they are, or modify, so long as you don’t blame us if anything goes wrong. Here’s your link.

Disclaimer and Where to Find GDPR Advice

We’re neither legal eagles, nor GDPR experts, and we’ve decided what to do after researching the subject. You’re welcome to copy what we do, but please don’t hold us responsible if anything bad happens.

By all means, copy our policy and put it on your website, but please don’t copy / paste it. We explain this here, help for new web page authors, “Golden Rule”.

If you search for “GDPR” using your favourite search engine, you’ll find masses of information. This is a problem: there’s too much, so how do you know which is correct?

We’ve found these pages both credible and informative.

  1. Information Commissioner’s advice on GDPR
  2. Federation of Small Business’s GDPR Preparation Checklist
  3. Myth-busting explainer article in The Guardian

Best of luck!

PS: If you think we got anything wrong, or have a question, please leave a comment here. It’ll help others reading this post as well as us.

how google chrome identifies a secure website

Encryption: Improve Your Search Position Step 2

Step 2 is About Encryption

digital encryption padlock on green screenThis time we’ll discuss website security, what it is, why it’s important, and what you need to do about it.

This is a long post, so I’ll summarise it.

The Internet is becoming more security conscious. Some web browsers now issue warnings when you visit a website that isn’t secure. The others will follow. Warnings put visitors off. If you don’t want to lose visitors to your site, you need to encrypt it.

The next post in this series will explain how we are encrypting all BlueTree CMS user sites.

Meanwhile, in this post:

But first, a story.

A Website Encryption Story

We just finished a new website for a client. Stuart was very happy with the design and content, but there was a problem. He checked it on his phone, only to be told that the site was not secure! His SSL certificate doesn’t match his website.

browser pop-up that shows when an SSL certificate is invalidNow, he doesn’t have an SSL certificate, neither does he need one – any more than anyone else, that is.

We traced the problem to his phone’s over-zealous software. Our servers host many websites, some of them encrypted. The phone software wrongly assumed that, because one of the sites has a security certificate, it must apply to his as well.

No website owner wants to see something like this when visitors go to their website. So we installed a correct, temporary certificate for him.

Why Encryption Matters

Clandestine forces are eroding the Internet ideals of free speech and openness. Internet freedom is under threat from wealthy individuals, corporations, hackers, even government agencies, with

  • fake news designed to mislead
  • trackers that collect personal details
  • algorithms that control the news we read
  • data collection to support identity theft and secret government snooping

Encryption is one way the good guys are fighting back. They’re persuading us to encrypt our websites. As one encouragement, search engines are starting to reward encrypted websites with better rankings.

Here are two more reasons:

  1. The GDPR Data Protection Regulation: if you collect any personal information on your website, it should be secured to reduce your risk of compromising it.
  2. My antivirus software, Webroot, puts a big green tick next to search results it deems safe. So do many others. You’ll notice that the search result below has HTTPS:// in front of our web address. This means the website connects securely with your browser. The “S” stands for “Secure”.search result with green checkmark showing it is safe to visit

Back to top.

Benefits for You

Here are four reasons to encrypt your website:

  1. Your visitors won’t be put off by dire warning messages, like Stuart was
  2. Visitors will see at a glance your how google chrome identifies a secure websitewebsite is safe, because their browsers will display a closed padlock in the address bar; this is Google’s Chrome browser making it obvious
  3. Hackers won’t be able to snoop on your visitors
  4. Google will rank your website higher, some say as much as 5%

Many internet users are not tech savvy, so may not notice. Don’t expect this to last, however. How long ago was it that nobody understood the cookie message you now see on every website?

firefox insecure login warningWorse, if you’re asking for feedback, or collecting an email address, they’ll certainly notice something like this.

Chances are they’ll move away and you’ll lose their input or a valuable lead.

Back to top

Secure Websites Are Encrypted

My browser talks to your website using text messages. They’re structured formally, but you can read them using Windows Notepad or Apple TextEdit. Anybody can read them, including hackers.

you accessing our website over the internet cloudThese messages run over the Internet, AKA The Cloud. On the way, they pass through many servers. Servers are computers and can be hacked, exposing your messages to hijack.

Encryption converts the messages into gibberish using a cypher, possibly the oldest form of secret writing. Julius Caesar used a simple “Shift Cypher” in his correpondence. With a shift cypher, you swap each letter of the alphabet for another. “A” becomes “F”, for example, “B” becomes “G”, “C” becomes “H”, and so on. Each letter is shifted six along in this example. So BLUETREE becomes VFOYMLYY.

It’s fairly easy to crack. “E” is the most commonly-used letter in the English language…

Digital encryption is much more sophisticated, as you can imagine. It’s so secure that the US Government has tried to ban it – for some reason :-).

Back to top

Digital Certificates

Your website needs a Digital Certificate to make encryption work. Issued by a trusted authority, the certificate must be installed on your web server. The certificate provider verifies your website is owned by your company, and the certificate is proof that all was OK.

Once the certificate is installed, “HTTPS” will appear before your domain name in the address bar of each visitor’s web browser, and all communication will be encrypted. The S after HTTP stands for “Secure”.

When you look at a secure site, your browser will examine the certificate and establish that,

  1. a trusted party issued it
  2. it’s current and valid
  3. it’s related to the site you’re looking at (this is where Stuart’s phone software went wrong in the story above)

When it’s happy, your browser and the server will swap encryption keys, and you’ll be able to see the web page content. The keys are discarded at the end of your session.

There’s a complete explanation here that’s nicely written and easy to understand.

Back to top

In Conclusion

Encryption matters. All websites will be encrypted eventually. Steal a march on your competitors by encrypting yours now.

The time is right. The world moves on, the Internet world faster than most.

  • Our certificate cost over £100 a year ago and you can now get one free
  • Anti-virus software and web brosers are starting to identify non-secure sites, which they call “unsafe”

As the software evolves, some make mistakes, as Stuart discovered. Recent developments mean we can avoid this happening to your website.

In a later post, we’ll explain what we’re going to do about it, and how our plans will affect you.

Christmas E-cards with a Difference

 What’s The Difference?

Many people give to charity instead of sending paper Christmas cards. We do it too.

What if we could find a very special charity? One that:

  • treats the causes of poverty, not the symptoms
  • has transparent overheads, not taken from donations
  • has none of its money trousered by warlords or corrupt politicians
  • helps people work their way out of hardship
  • uses your donation over, and over, again

mmalemna-ayamThis charity is a crowd-funded bank that lends money to African entrepreneurs. Ten people donate £10 each and the charity lends £100 to start a business. £100 goes a long way in Africa.

This is Mmalemna Ayam. She wants a loan to grow and sell more onions to help feed her family.

When she repays our loan, we can lend it again to someone else.

Deki is Our Charity at Christmas 2016

deki logoRead all about it on their website. Tap “Play Video” and take just one minute to find out how it works. Then tap “Make a Loan” or “Donate” and help change somebody’s life :o)

And you can buy gift vouchers, so your family, friends, and important acquaintances can help more entrepreneurs work their way out of poverty.

SEO Tip

When you’ve visited Deki’s site and made your investment (or even if you haven’t), come back and leave a comment on this page. Comments increase the authority of a page like this. The more comments, the greater the authority.

That increases the value of our link to Deki.

A Search Engine That Doesn’t Track your Every Move

Leave a Reply

What’s This All About?

Well, from time to time I Google, “search engines” just to see what comes up. There are quite a few. More than you might imagine.

Though it may take a while, the influence of mighty companies always wanes. It only takes one new upstart to grab the world’s attention and the market leader starts to make mistakes. Maybe this is Google’s nemesis, maybe not.

What if there were a new search engine that doesn’t harvest my on-line life for commercial gain? One that’s simple, clean, and it doesn’t tell me I’m missing out by not being logged in to my account? Just like Google used to be, in fact.

So What’s New?

Top of my search results was an engine called DuckDuckGo.

That’s impressive too, as it proves Google really does try to give users the best results it can. DuckDuckGo is, after all, Google’s competitor, albeit a small one.

What’s Special About DuckDuckGo?Duck duck go search engine logo

DuckDuckGo’s most obvious feature is that it doesn’t recognise you, remember you, store information about you, nor tailor search results for you. Every user making the same query gets the same results. Google delivers different search results depending on location, device you’re using, and whether you’re logged in to your Google account.

Next is the way it works. DuckDuckGo doesn’t crawl the entire worldwide web in the way other search engines do. Instead, it uses developers’ interfaces to other search engines, along with publicly available information from sites like Wikipedia. Altogether it has around 50 sources, which it filters and sorts using its own algorithms.

It’s a bit simpler than Google and it seems to work quite well.

Read all about DuckDuckGo on Wikipedia.

It’s in the news right now because Apple iOS 8 now offers DuckDuckGo as an alternative search engine.

Quick Search Test

To compare its results with Google, I tried a couple of searches. Not a great test, but since I wanted to do these searches anyway it seemed a good idea. I used the Firefox web browser, so they were both on the same footing.

Search 1: Buy a Kettle

Our electric kettle at home has broken and we need a new one. The best buy in Which? is the Dualit 72400, so I searched for that. This product is available worldwide and its has a relatively long lifespan.

Here are the top four results from Google, plus some ads:search results for kettle using google

As you can see, Google displayed three ads at the top this time, then the real search results. It doesn’t display the same ads, nor even the same number, every time. I used google.co.uk, so it knows I want to buy my kettle in the UK, even though I’m not logged into my Google account. It’s just given me UK-based web pages.

Here are the DuckDuckGo results.search results for kettle using duckduckgo

Two ads from DuckDuckGo and then the first result is the same as Google’s. Both also have the Which? website at position four. However, DuckDuckGo included some .com results, which aren’t much use to me.

Google does this quite often, too, which is irritating, and it’s easier to convince DuckDuckGo that you want to search UK sites only.regional search selection on DuckDuckGo

Top right on DuckDuckGo’s search results page is a region selector button. One click sets it. This takes three clicks on Google and it doesn’t always offer the option, so then you’re forced to add “UK” to your search query – too many keystrokes :-(.

How to convince Google you only want to see UK sites.
Click Search tools > Any country > Country: the UK.change region method on google

They used to let you do this before searching. Can’t imagine why they changed it.

Search 2: Local Entertainment

I want to buy some tickets for what promises to be a very entertaining show at the Tobacco Factory in Bristol, “Elizabeth I: Virgin on the Ridiculous”, performed by “Living Spit”. We saw another of their productions in Portishead in June and it was very funny indeed.

This seems a good test because I’m looking for something that is a) local, and b) has a short lifespan. Here are the top four results from Google.

search for show using googleAnd here’s DuckDuckGo’s effort: much the same…show search using duckduckgo

They both have the Tobacco Factory website first and one other in common: Visit Bristol. The other results from both are equally useful.

Conclusion and Next Steps

Fom this very limited test, it looks as though DuckDuckGo may be a usable search engine, despite being relatively new. Its ethos is quite different from Google’s: it’s not out to make lots of money. It’s worthy of further investigation.

I’m going to continue using Google in my Chrome browser, which is permanently logged into my Google account. This always tailors search results specifically for me: it knows my age and gender, where I live, what I search for, my favourite travel destinations, the things I buy, my circle of friends and same things about them. Think how Google can influence my search results – and the way those very results influence what I do.

Interesting! Useful too, until (if ever) that influence is misused.

I use Firefox for development and research and I’m switching to DuckDuckGo for that. And I’ll definitely use it in Avast SafeZone, when I search for websites where I’m going to enter credit card or bank details.

If you’ve tried DuckDuckGo, we’d really like to know what you think of it!

How to Recognise an Internet Rip-off

Leave a Reply

Ripped off on the Internet

My Cousin was Ripped Off

Today my young cousin, Sarah, nearly 17, applied for a provisional driving licence via www.drivinglicence.uk.com. This site looks official, and invites you to “APPLY NOW” for your new or replacement licence. She checked “First Provisional Licence (with a view to passing a test)” and pressed the NEXT button.

Panel accepting fee from non-DVLA driving licence websiteThe site then made it very clear that she would have to agree to the £50 fee before going any further. This page shows the Visa and MasterCard logos and “guarantees” that “Your information is 100% secure.”

Now, £50 is what your first provisional licence costs, so that all look fine. Let’s get on with it!

Trouble is, when you’ve finished this process, you still have to pay another £50 to the DVLA for your licence. The “service” this website provides is simply to collect your details and pass them on to the DVLA. You can avoid the extra £50 charge by going directly to the DVLA’s own website, at www.gov.uk/apply-first-provisional-driving-licence. Note the “.gov” in the website address, or URL.

Sarah’s mum was incensed, naturally! “How,” she said, “Can we get the money back?”

Sadly, the answer is, “With great difficulty, and you’re unlikely to succeed.” It’s just possible you might win a prosecution in the Small Claims Court. After all, one could argue that the panel above is misleading. It does imply that the £50 you’ll pay them is the “Application Fee” for your provisional licence. Sarah believed so; they’ll say you’re applying for their service.

Is it Legal?

Probably yes. It may be morally wrong, but it is probably legal. The website makes it very clear that it has nothing to do with the DVLA, which issues driving licences. It is also very clear that the service will cost you £50, that their (very long and likely to remain unread) terms and conditions apply, and if you continue then you’re committed to the fee.

To be fair, Google does try to encourage sensible website choices. The relevant .gov websites appear before drivinglicence.uk.com (and others – yes, there are others) in many search results. And there are plenty of discussion forums that warn against scams like this. Check Mumsnet and Money Saving Expert

So What Should We Tell Our Kids?

dot gov logo

“Look for dot guv, love!”

If you’re looking for any service provided by the government, make sure you can see “.gov.uk” in your browser’s address bar. Most have this government website logo, too.

Where to Look for .gov

Here are some examples (at the time of writing) in Google Chrome, Firefox and Internet Explorer. Also look for a little padlock and the code, https:// to the left of the web page address.

a dot gov web page example in Google ChromeGoogle
Chrome

a dot gov web page example in FirefoxMozilla
Firefox

Microsoft’s Internet Explorer is different in that the padlock appears to the right of the address.

a dot gov web page example in IEMicrosoft
Internet
Explorer