Tag Archives: could
5 Website Security Issues You Should Be Aware Of?
Technology has become more advanced, and with it, hack attacks in the online world are increasing at an alarming rate.
Hackers use known vulnerabilities in third-party softwares to target your website and web server, and use it for their advantage.
The effect of this maybe just defacing of your website, stealing your confidential client data, or even worse, use your server resources to perform illegal activities.
There are some simple tips you can leverage to strengthen your website software and sleep with peace of mind.
- XSS or Cross Site Scripting
- SQL Injection
- DoS or Denial of Service Attack
- Weak Passwords
- Brute-force Attack
- Code Injection
- Unencrypted Protocol
- Debug Mode on Production Server
- Old Software Versions
- No Backup Plan
XSS occurs when a hacker embeds scripting code into a web form or url, and run malicious code to change your web visitor’s experience and steal passwords or other data.
XSS can also be persistent nature, where an attacker can manipulate a specific web page and show it as a login screen to users. The recent XSS comment hack on WordPress 4.2 is an example of such permanent loophole.
SQL injection occurs when a hacker uses a web form field or URL parameter to manipulate your database. Almost all web platforms have a database and generally open source CMS platforms maintain dynamic aspects of the website in database.
Denial of Service (DoS) or Distributed Denial of Service (DDos) attacks are by far the most notorious kinds of attacks.
That is because, any level of hacker with a small investment can bombard a victim website, with millions of requests, and make them look like they are legit users.
This eventually crashes the web server, and makes the site offline, requiring manual intervention to bring it back online.
We should all use complex passwords, because the weakest link is all it takes to break the chain. It is imperative to use strong passwords for admin areas, but equally important for all users to protect the security of their accounts.
One account compromised can lead to another and that could lead to admin account hacked. It is recommended to have passwords with minimum 8 letters, digits and special characters to avoid quick password guesses.
These attacks are trial-n-error methods to guess your username and password. Weak passwords are prone to getting hacked easily.
Methods like temporary blocking of IP and accounts, and multi-factor authentication, help mitigating such attacks.
Websites with file upload capability, or sites missing proper client and server side form validation, can be dangerous.
The risk is that any file uploaded, could contain a script which can be leveraged as root-kit ie. administrator access to your website.
Lack of form validation on simple form fields could lead to malicious code being inserted into the database, and could cause undesirable results in your website.
An unencrypted channel allows man-in-middle attack to steal information from your users.
It preferred to use security certificate SSL, whenever passing personal information between the website and web server or database.
Some developers may accidentally enable debug mode on the live production server, which dumps extensive error logs to the browser.
Thus a hacker can obtain valuable information about the softwares used by the webserver and target his attack much better. Its crucial to hide as much internal information about server to minimize and delay the attacks.
It may seem obvious, but ensuring you keep all software up to date is vital in keeping your site secure. This applies to both the server operating system and any software you may be running on your website such as a CMS or forum.
When website security holes are found in software, hackers are quick to abuse them.
No matter how much vigilant you are, attackers can find new loopholes to doom your website. So besides prevention, you should also have a backup-restore plan.
Just in case your site is compromised, you should have a team which can quickly restore the last known backup, and avoid reputation and sales loss.
Coversine provides a simple affordable solution to all these problems. Your own security professional who will maintain your site’s uptime, performance and security, all-in-one for as low as $10 per month.
The subscription takes care of performance checks, and regular updates to softwares and apps as well.
The Smart Contact Lens Bubble
The Smart Contact Lens Bubble
New technology is being created faster and faster these days. The rapid pace of development in the tech sector is changing the world around us in fantastic ways, connecting all aspects of our lives through tiny gadgets.
In less than ten years weve seen the release of the first smart watch, the IPhone, the first smart TV and internet connected cars among many innovations. The internet of things, as it has become to be called, is only in its infancy, but tech companies are trying to find new and imaginative ways to integrate the World Wide Web into our lives. Our clothing, think of the self-drying coat and self-tying shoes from Back to the future 2, our kitchen appliances, refrigerators that tell you what food and when you need to buy it, and even our books, have become internet connected. The newest gizmo in the internet of things that is soon to be released is the smart contact lens.
Sony, Samsung, Google and a few lesser known companies have all filed patents in the last couple of years in a race to be the first to bring the lenses to the market for consumer purchase. Each company seems to have focused on a different issue. Each one encompasses a unique feature, such as taking photos, augmented reality or addressing health concerns, while other features are ubiquitous to all the manufacturers lenses.
Sony was recently awarded a patent in April of 2016 for a smart contact lens that will take photos and videos of what the wearer is seeing. The lens can do most of what a camera can do. Just like a camera it is capable of autofocus, exposure adjustment and zooming. The patent lays out the lenses ability to calibrate the camera with a wearers blink. Want to take a photo? Just blink three times really fast. Want to take a video? Just squint really hard for three seconds. The contact also uses an electroluminescence display screen to playback recorded content. You can do all this without ever looking at your smartphone, but just by looking straight ahead. All of the registered content can then be wirelessly transferred to your smart phone or computer for later viewing.
Samsung was also given a patent in April 2016 in South Korea for its own smart contact lens. The Samsung lens will take photos and videos just like the Sony lens, however it will also have imbedded augmented reality. With a built in display that projects images directly into the wearers eye, the Samsung smart contact lenses will have the ability to superimpose computer generated images onto the real world, all while being less visible when worn. If you are curious what the restaurant across the street serves simply look at the front of the building and the menu will appear across your field of vision. Look down the street to see who has the best gas prices and little speech bubbles will pop out from the curb with the amount per gallon inside. Say youre on a blind date and want to find out more about the person sitting across from you. You can check their Facebook page without ever having to leave the table or pull out your phone. Imagine having the ability to read a foreign language without ever having taken classes, or being able to navigate a place youve never been to effortlessly. The applications for this are endless.
Googles smart contact lens patent approval arrived a month later than Sony and Samsung in May 2016. Google being Google though, they are taking the smart contact lens road a little less traveled; the contact lenses will have to be surgically implanted in your head. Google has partnered with Novartis, the parent company of Alcon contact lenses, the company that used to be known as Cibavision, to develop a lens with flexible electronics and sensors thinner than a human hair that will help those suffering from diabetes. The embedded lenses will read chemicals in the tear fluid to determine if the wearers blood sugar levels have fallen to near fatal levels. Upon diagnosing the patients glucose condition the smart contact will then be able to administer the insulin itself, if needed. While it may seem a bit intrusive, this would be a great, pain-free alternative for diabetics who prick their fingers daily or who constantly wear a glucose monitor. This is excellent news for diabetics, but Googles smart lenses could be used by anyone looking to maintain great energy levels or even stick to a healthy diet. In the long run Google is also looking to implement features that would be capable of correcting myopia, hyperopia, and astigmatism as well as presbyopia eye conditions. This would make the need for wearing glasses and traditional contact lenses a thing of the past. The patent states that the smart lenses will either be solar powered or be charged by the movements of your eyes. Now that right there is just amazing!
One last company that is on the forefront of the smart lens bubble is Ocumetrics. While lesser known than the previous three tech giants, Ocumetrics may be the first company to roll out a smart lens for sale to the public. Designed by Dr. Garth Webb to enhance the vision of those that need it, the Ocumetrics Bionic Lens as theyre calling it, will not only give the user 20/20 vision, but could actually enhance that by up to three times yup thats right, a zoom lens! These lenses would need to be surgically inserted in an in and out eight minute operation. The result would be immediate vision correction. In addition to overcoming the list of ocular vision ailments, the patient would never have a chance of getting cataracts as the lenses would never wear away and the software could be updated wirelessly as needed. Trials need to be carried out first, but the tech could be ready to go in just a few years.
This is an amazing time we live in.