Who cares about encryption & why hard disk cryptography is only part of the solution... |
||||||||||||||||||||||||||||||||||
|
Posted on: July 26, 2010
I just read an article by Jon Collins which details results of a recent poll asking about general use of encryption and what people thought were the main areas where cryptography should be used to protect sensitive information. Run by research company Freeform Dynamics, Jon points out that their polls typically attract those interested in the subject matter, so its safe to say my Mum wasn't answering the questions. The first analysis from the article looks at the answers to "Which of the following drivers are likely to influence your organisation when it comes to requirements for encrypting data?" Pretty obvious results with compliance in first place, then protecting the storage of confidential information and protecting information due to an increasingly mobile workforce.
No surprises here, more and more regulatory controls specify that credit card data, patient information, etc needs to be encrypted. Companies with large amounts of sensitive information, such as financial data, intellectual property and trade secrets need to protect the storage of that data and also when it's used on a mobile device, typically a laptop. However when the poll asked what the most important areas of encryption were, the results revealed concerns of the modern, mobile workplace. The question was "In an ideal world, which of the following do you think should be encrypted and to what degree?"
So the top three ideal-world targets for encrypting everything are, in order:
Combine this with the following quote from Jon's article... "The executive who found himself personally responsible for a data breach when his laptop was stolen from his house may have been taken by surprise, as there is a lingering mindset that security is a central infrastructure thing. But rules and regs like PCI are not fussy about which particular part of the IT infrastructure is involved, be it a SAN in the data centre, or an SD card in a phone. It's all just IT." Information rights management is a perfect solution for these encryption challenges. But it goes beyond just the mobile or home use, IRM uses encryption at the document or email level. So no matter where the information is stored, it's always encrypted. Another really nice feature of IRM is that even when the content is in USE, it is protected. So the file on the hard disk, the file being sent over the network and the file in your Word/Excel/PowerPoint/Adobe Reader/Internet Explorer etc is ALWAYS secured with IRM. Unfortunately the article ends with some not so good news. The poll finds that one of the main reasons not to encrypt information on notebooks, removable devices (DVD's, CD's, USB drives etc) is the "practicalities around implementation" and "challenges with key management". So people view that deploying an encryption solution for mobile devices is difficult. Yet IRM is actually pretty easy to deploy and use and Oracle IRM has excellent key management. Finally, and this is the real killer for me, is Jon's closing message, "Meanwhile, the message to end-users is, if you haven't already encrypted your laptop data, you'd best get on with it - or at least ask your IT department how to do it". I would be that most IT departments are going to end up looking at hard disk encryption to secure documents stored on mobile devices. Yet this really doesn't solve the greatest risk. The advantage of hard disk encryption is it protect every file stored on it, unlike IRM which applies encryption to a limited set of supported file formats. However, that is also one of its main weaknesses... hard disk encryption ONLY protects the information whilst it is stored on the disk. It doesn't do anything to protect against the following challenges.
So whilst IRM is not the be all and end all of information security, combined with technologies like DLP, hard disk encryption, network encryption etc, it brings a huge difference in the reduction of the risk and exposure of an organization to losing control of their most sensitive information. http://blogs.oracle.com/irm/2010/07/who_cares_about_encryption_why.html Post Link |
||||||||||||||||||||||||||||||||||
State of the Browsers and ad blocking |
||||||||||||||||||||||||||||||||||
|
Posted on: July 19, 2010 In my last post about CSS layout and ads, a commenter brought up that the dealnews.com web site did not handle extensions like Ad Block very gracefully. To which I responded that I don't care. To which he responded with download counts. Well, the reason I don't care is that ad impressions when compared to page views on dealnews.com are within 2% of each other. So, at best, less than 2% of users are blocking ads. In reality, that is going to include some DNS failures, network issues, or something else. I would bet our logo graphic has about the same difference. The reality is that normal people don't block ads. In my opinion, if you make your money by working on the web, you shouldn't either. I should add that this site's (my geeky blog) ad views was about 16% lower than the recorded page views. So, geeks block ads more I guess. But, geeks have dominated the web for a long time. This got me thinking that I had not look at the browser stats very much lately. dealnews has a very odd graph on browser statistics. We do not follow the industry averages. Our audience is dominantly tech savy (that does not mean geeks). Our users don't just use the stuff that is installed on the computer when they get it. This kind of proves my point about ad blocking even more. We have non-moron users and they still don't block ads. 
As you can see, Firefox is very prevalent on our site. We generally test in IE7/8, Firefox 3, Safari and Chrome. I will occasionally test a major change in Opera. Typically, well formed HTML and CSS works fine in Opera so everything is all good. As for operating systems, Windows still dominates, but we have more Macs than the average site I would guess. 
Interesting that iPhone beats out Linux. That is just another sign to me that Linux is still not a real choice for real people. Be that a product issue from OEMs or user choice. That is debatable. It is notable that most of our company uses Macs. I don't think we make up a speck of that traffic though. If we did, our home state of Alabama would be our most dominant. It isn't. We are very typical in that regard, California is number one. We only have one employee there. http://brian.moonspot.net/browser-stats-januaray-2010 Post Link |
||||||||||||||||||||||||||||||||||
Antivirus Product Testing is Changing, Whether Vendors Like it or Not |
||||||||||||||||||||||||||||||||||
|
Posted on: June 25, 2010
Sponsor As security threats evolve, e-mail has been displaced by the Web as the primary delivery mechanism for malicious code. The old model of virus definition based antivirus software has been increasingly called into question. In 2007, Australia's Computer Emergency Response Team claimed that leading products missed 80% of new viruses. To compensate, companies like Trend Micro and Kaspersky are developing cloud based "reputation services" to evaluate URLs and code. NSS president, and former VP of marketing at antivirus vendor ESET, Rick Moy explained in a phone interview: cybercriminals now typically use social engineering to trick users into downloading malware from web sites and run it voluntarily. Malware creators run "campaigns" on Twitter and other social media sites baiting users with anything from pornography to free iPads. Even the most savvy of users can occasionally be tricked by social engineering - we posted our own list of tech savvy Twitter users who fell for phishing scam last year. For an explanation of how such savvy users get fooled, read Cory Doctorow's recent Lotus Magazine piece explaining why he fell for a phishing scam. Trend Micro recently published an independent report claiming the IT industry is being lulled into a false sense of security by vendors. The report cites an NSS survey which found half of respondents thought their antivirus solutions would protect them from threats 100% of the time, and that another 10% of respondents thought their solutions would protect them 99% of the time. Moy says there's also a perception in the enterprise that anti-malware products are essentially interchangeable, but that's turning out not be the case: NSS's testing found wild disparities between the efficacy of different products, and found that a company's previous track record is no indication of how well it will perform. According to Moy, typical testing involves using malware sets from Wildlist or Antivirus Bulletin - both of which use samples provided by the antivirus protection industry, some of which might be quite old. The results of AV-Comparatives' most recent report, its "Retrospective/Proactive Test," are radically different from NSS's. Trend Micro did fairly poorly in this test, while Panda did quite well. AVG out performed Trend Micro. Peter Stelzhammer of AV-Comparatives confirmed via e-mail that the NSS and AV-Comparatives tests are not comparable, and that AV-Comparatives is working on a test similar to NSS's.
A consensus is forming in the security industry that there's a need for new prevention techniques - and new testing methodologies to evaluate those techniques. The need for new testing methodologies was the theme of the "Measuring The Actual Security Anti-Virus Products Provide Customers" panel at SOURCE 2010 Boston in May, which included Stelzhammer, NSS CEO Vik Phatak, and representatives from CheckVir Labs, Dennis Technology Labs, PC Security Labs and West Coast Labs. Stelzhammer detailed the difficulties involved in doing live, Internet-connected testing and explained the methodologies for AV-Comparatives' future NSS-like tests. AV-Test has released a test based on methodologies similar to NSS's, with comparable results. According to the report published by Trend Micro: "ICSA and others such as Virus Bulletin state they will be evolving their certification practices in coming months to include real-time testing and/or testing against today's threats."
In March of 2009 NSS published the results of a Microsoft sponsored test that found Internet Explorer 8 was more effective in blocking malicious web sites than Firefox, Safarai, Chrome, and Opera. This lead to many skeptical articles and accusations of bias. However, when looking at what was actually being tested, the results aren't particularly radical: NSS found that Microsoft's blacklist blocked more sites than the blacklists used by other browsers. NSS was not tested for other browser vulnerabilities. In September 2009, Network World reported that NSS was shifting its focus towards conducting self-funded tests instead of vendor sponsored tests. NSS would sell the reports and consult vendors, but would not take money for testing. One of NSS's first self-funded tests found 3com TippingPoint 10 firewall to be deficient. Moy told TechWorld he thought that Tipping Point must not have been investing enough in improving its products. Some commenters were, shall we say, skeptical about NSS's rating. That same month, NSS released its first Corporate Endpoint Protection Products test, unfunded and using its new live testing methodology. It ranked AVG, Panda and Moy's former employers ESET at the bottom of the heap. It gave top marks to Trend Micro. In March of this year NSS released a free report detailing the failure of many commercial products to defeat variants of the infamous Aurora virus that infected Google's computers. McAfee was the only product NSS tested that successfully blocked variants of the virus, and NSS found AVG was the only product tested that didn't block the original exploit.
ESET also fired back at NSS, claiming that NSS's report didn't comply with two of the Anti-Malware Testing Standards Organization's Fundamental Principles of Testing. ESET also complained that NSS did not provide access to samples used in its testing. Since NSS has moved ESET out of "caution" category in the newest report, we asked ESET if it had made any changes to its product to improve its ratings with NSS. "ESET was unable to get any useful feedback on its performance in the previous test without paying a substantial sum to NSS for 'consultancy,'" replied David Harley, ESET Research Fellow & Director of Malware Intelligence via e-mail. "Even when ESET offered to pay the agreed-upon sum, the fee kept escalating. To this day, information on the test samples has never been supplied, so we are unable to assess the competence and validity of the test, let alone make any changes that would impact our performance in the more recent test." In a post seemingly in response to ESET, Moy wrote: Some vendors used the anti-malware testing standards organization (AMTSO) to try to discredit the test. One of their objections was that we recommend against buying products that scored on the bottom third of our test. Sorry, we unabashedly believe malware protection should indeed be the key purchasing criteria for an AV product. And for vendors who claim their anti-spam on the corporate desktop will improve their protection against socially-engineered malware hosted on web sites, that's just stretching it. Moy told us that all the NSS test methodology is available for free on the company's web site and that ESET was mostly upset NSS didn't release its malware sample set. Although NSS has received money from vendors for past tests, and does do security consulting, Phatak told us NSS did not receive money from Trend Micro or McAfee before the tests were conducted. ConclusionScience is about repeatable, verifiable results. The only way to glean a better understanding of the efficacy of various endpoint protection products is for more labs to employ cutting edge testing methodologies. The more tests released in the future, the more information enterprises will have in making informed decisions. Discuss
|
||||||||||||||||||||||||||||||||||
Quick guide to Oracle IRM 11g: Creating your first sealed document |
||||||||||||||||||||||||||||||||||
|
Posted on: June 15, 2010 Quick guide to Oracle IRM 11g index
ContentsInstall the Oracle IRM Desktop
Seal your first document
But before we finish this guide, there is one more article and arguably the most important article of all. Next I discuss the all important decision making surrounding the actually implementation of Oracle IRM inside your business. Who has rights to what? How do you map contexts to your existing business practices? It is the next article which actually ensures you deploy a successful IRM solution by looking at the business and understanding how they use your sensitive information and then configuring Oracle IRM to reflect their use. http://blogs.oracle.com/irm/2010/06/quick_guide_to_oracle_irm_11g_2.html Post Link |
||||||||||||||||||||||||||||||||||
Place Your Tweets with Twitter Locations |
||||||||||||||||||||||||||||||||||
|
Posted on: June 15, 2010
"Starting today, you can tag Tweets with specific places, including all World Cup stadiums in South Africa, and create new Twitter Places. You can also click a Twitter Place within a Tweet to see recent Tweets from a particular location." Sponsor Twitter has "data partnerships" with TomTom and Localeze in order to make Twitter Locations work. Over the coming week, it is rolling Locations out to 65 countries. It is also working to add Twitter Places to Twitter for iPhone, Android, and Blackberry. Other features of Twitter Locations include the following.
Twitter has more detailed information on how to use Locations here.
|
||||||||||||||||||||||||||||||||||
5 Basic Guidelines of Dallas Web Design |
||||||||||||||||||||||||||||||||||
|
Posted on: May 15, 2010 By Eric Brantner As the online marketplace has grown exponentially, the importance of web design has increased significantly. For many businesses, their website is the only image their customers will ever have of them. The website acts as their salesman. For this reason, it's essential to have a website that captures the visitor's attention and helps them become a customer. What follows is a list of 5 Dallas web design basics to help make your website as effective as possible. 1. Use Whitespace to Your Advantage- People don't read the text online in the same way they would a traditional print document. Pages with large blocks of text overwhelm visitors, and will cause them to hit the "back" button quickly. Use whitespace between small sections of text to provide a warm, comfortable look for your customers. It's easy on the eyes, and it allows your customers to easily read your content. Always remember that whitespace is just as important as any other aspect of Dallas web design. 2. Keep Load Time in Mind- Despite the growing number of individuals with broadband internet, there are still a large percentage of individuals with slower connections. Keep these consumers in mind by building a website that loads quickly and seamlessly. Websites with too many flashy images ruin the user experience and drive visitors away. To ensure your webpage loads quickly, avoid excessive use of flash and keep your images sized appropriately. 3. Don't Forget About the Search Engines- Search engines have become one of the leading methods of finding information. Internet users utilize these tools to find information on the products they want to buy. A site properly optimized for the search engines can increase its web traffic many times over. Common SEO basics include using relevant keywords in the title tags, urls, headings, anchor text, and site content. 4. Limit the Ads- As tempting as it may be to sell ad space on your website, keep the consumer in mind before doing so. Visitors aren't coming to your website to view a bunch of ads. In fact, nothing will turn them off faster. If you insist on displaying ads, limit the number of them. Keep them small, and make sure they don't distract the user from your message. 5. Remember the Different Browsers- One of the most important aspects of Dallas web design is ensuring all visitors can view your website. This means you need to have a webpage that can be viewed in all versions of Internet Explorer and Firefox, among other browsers. Perform a test of your website to see how it looks in each browser. If it doesn't look right in a certain browser, you might consider modifying your site to fit all browsers. This will guarantee all visitors who come to your site are seeing the same thing.  |
||||||||||||||||||||||||||||||||||
Script For Detecting Availability of XMLHttp in Internet Explorer |
||||||||||||||||||||||||||||||||||
|
Posted on: May 10, 2010 Having the XMLHttpRequest API available is key to any ADF Faces Rich Client application. Unfortunately, it is possible for users to switch off this option in Internet Explorer as a Security setting. Without XMLHttpRequest available, your ADF Faces application will simply not work correctly, but rather than giving the user a bad user experience wouldn't it be nicer to tell them that they need to make some changes in order to use the application? ; Thanks to Blake Sullivan in the ADF Faces team we now have a little script that can do just this. The script is available from https://samplecode.oracle.com here - The attached file browserCheck.js is what you'll need to add to your project. The best way to use this script is to make changes to whatever template you are using for the entry points to your application. If you're not currently using template then you'll have to make the same change in each of your JSPX pages.
; ; ; ; ;
http://blogs.oracle.com/groundside/2010/05/script_for_detecting_availability_of_xmlhttp_in_internet_explorer.html
Post Link
|
||||||||||||||||||||||||||||||||||
Web Design Basics & Tips |
||||||||||||||||||||||||||||||||||
|
Posted on: May 01, 2010 By Thomas Kearo When you're setting out to design a website, it's often hard to know where to begin. This is especially true if you have no background or experience in coding a website from scratch. Even if you're brand new to web design, there are a few things that every web designer should know. Knowing this information is key to the usability of your website! Bigger isn't always better. When designing a website, always keep in mind that the internet is host to a very diverse group of viewers. Some of your visitors are using a brand new state of the art computer, but others aren't. By using small file sizes and optimizing for a lower end machine, you cut out the possibility of long loading times and user frustration. When choosing a layout, don't try to reinvent the wheel. The wheel is still around because it works! Choose a template or design that your customers and viewers are going to be used to looking at. This builds visitor comfort and familiarity. Think about it. Nobody wants to go to a really cool looking site that has no usability. If your customers and viewers can't navigate or read things clearly, it doesn't matter how cool your website looks! If you're building a blog or just making modifications to it, remember that content is key. It's very easy to get caught up in the design and on page optimization aspect of the web and neglect the real "meat" of the site - content. On page optimization and a clever design is going to help ATTRACT visitors to the site but it won't keep them there. A great website is going to need to nail both aspects of traffic generation. Design AND Content. So you've got your site done and you're ready to launch it? WAIT. Before launch, test everything about the site. Look over absolutely everything that went into the design. Make sure the URLs are optimized. Check the site in different browsers. If you have the opportunity, check the site from two machines with different operating systems. Two of the most popular web browsers and Firefox and Internet Explorer. If your website is broken in Internet Explorer, you're going to alienate that portion of your viewers! St. Louis Web Design (Artworks Design) offers nearly 14 years of reliable, dependable website design and programming experience for the best web and graphic design in St. Louis. We specialize in customized, high-end web design, shopping carts, dynamic, database-driven websites, user-editable websites, brochures and logo design. Artworks also offers full website SEO (Search Engine Optimization) for increased visibility and ranking on search engines.  |
||||||||||||||||||||||||||||||||||
Recommended Firefox Addons, Plugins & Extensions |
||||||||||||||||||||||||||||||||||
Posted on: April 30, 2010
 |
||||||||||||||||||||||||||||||||||
Migrating to Mozilla Firefox: the Pros, Cons & Installation |
||||||||||||||||||||||||||||||||||
|
Posted on: April 25, 2010 Part 1: The Pros and Cons Things change quickly in the world of computers. Just a year ago Microsoft's Internet Explorer seemed to have an unassailable hold on the Internet browser market. Then all of a sudden through a combination of multiple security vulnerabilities, an aging set of features and the emergence of more modern browsers, Internet Explorer has started to look vulnerable. So vulnerable in fact that over 100 million users have already switched over to other browsers. And the browser most have switched to is Mozilla Firefox. Firefox is a fast, lean tabbed browser produced by the Mozilla Corporation. It's the young nimble brother of the original full-featured Mozilla Suite that itself being a spin-off from the ill fated Netscape browser. The current version of Firefox is 2.0, the first major update since V1.0, the first official release. Firefox is an impressive product but it's certainly not perfect. A decision to move from Internet Explorer to Firefox is a decision involving trading one set of attributes for another. Each individual will need to weigh the pros and cons and make a decision based on their own needs. The purpose of this guide is to help you make that choice. And if you decide to go for Firefox I hope to provide you with some tips to make the transition from Internet Explorer as smooth as possible. Three Good Reasons to Abandon Internet Explorer 1. It's an ongoing security risk. Even the most one-eyed Microsoft supporter would have to accept that IE has been plagued with security problems. First, as the world's most popular browser it's a target for hackers. That's because any vulnerability they uncover can be utilized against over 90% of all computers. That's quite a temptation. In fact there have been more attacks against IE than any other Windows component or application and there is no reason to believe this will lesson in the future. Second it's a security risk because it employs Microsoft's propriety active scripting component called ActiveX. Now ActiveX offers users some real convenience features but those features come at a high cost. Security experts have been concerned about ActiveX right from its introduction and those concerns have proven justified as ActiveX has been at the center of multiple security vulnerabilities including many of the most serious. And it's not only ActiveX, IE also makes use of VBScript and browser helper objects (BHOs) two other convenience technologies that has been heavily exploited by hackers. The latest version of Internet Explorer, IE7, includes enhancements that address many of these scripting problems but the fundamental problem remains. Third it's a security risk because IE is too close to the core of the Windows operating system. In fact Microsoft itself argues that it's actually not a browser but part of the operating system. Such closeness is not a good thing; it means that a hacker who breaks into IE may not only have hacked your browser but may also be able to gain access to the operating system itself. Finally Microsoft's record for responding to reported flaws in IE has been checkered. In several well publicized instances Microsoft have denied the existence of the flaws and instead, gone into "blame the messenger for the message" mode rather than respond. In other cases they have questioned the severity of the claimed flaws. This strange PR-driven stance has meant that patches for a number of critical flaws have been slow to arrive. Indeed even today there are over 20 publicly reported but yet unpatched critical IE flaws. And don't expect things to change much in the future. Firefox is not exempt from flaws and as it has becomes more popular, these flaws are emerging. Part of this is due to the fact that, unlike IE, the Firefox source code is in the public domain and can be scrutinized for flaws by hackers. However Mozilla has shown itself to be very responsive to fixing reported flaws, often doing so within a few days. This is a far cry from Microsoft's poor track record. 2. If you are not using Windows XP, Microsoft has abandoned you Internet Explorer 7 is only available to those using Windows XP SP2 or later. Users of earlier versions of Windows have to IE6, a version which has proven highly vulnerable to exploitation. Worse still, the folks at Redmond have announced that any future security enhancements to IE6 offered to Windows XP SP2 users will not necessarily be made available for any Windows operating system prior to XP. The intent is evident; they want everyone to upgrade to Windows XP or the upcoming Vista. The Microsoft announcement will inevitably embolden hackers to target future attacks on IE to versions on non-XP PCs. So if you don't use Windows XP, this alone is sufficient reason to look for an alternative to Internet Explorer. And it's not only security. IE6 is a dated browser that doesn't even offer tabbed surfing. Yet another reason for users of earlier Windows versions to shift to Firefox. 3. Internet Explorer is less configurable than Firefox Although IE7 now offers a useful collection of add-ons that allow you to customize your browsing experience the number of such add-ons just can't compare to the 1000+ free extensions available for Firefox. For example To many users, these free extensions are more than niceties; they are integral to the browsing experience. For example the free Adblock extension that eliminates the vast majority of web ads. At the time of writing there is no comparable free extension available for IE7. IE6 is even less configurable than IE7 and most of the add-ons available are commercial products not free Three Good Reasons to Stay with Internet Explorer 1. Some web sites won't work properly with Firefox A number of web sites utilize non-standard, proprietary Microsoft features such as ActiveX in order to provide site navigation and other features. It's probably not a good web design practice but that doesn't stop people doing it. If you visit one of these non-standard sites using Firefox you will find that some functions won't work or work differently. This could be could be something trivial like the screen colors are wrong or an animation doesn't work or it could be some v Luckily there aren't too many such sites and thankfully, their number seems to be reducing. However there are sufficient that you will encounter one sooner or later. If it's an important site such as your internet banking site then you are going to be frustrated. One site that definitely doesn't work with Firefox is Microsoft Windows Update. Hardly surprising but still an annoyance. You can of course, simply open IE when you encounter any of these sites. Firefox even has a downloadable extension that allows you to open a page using IE from within Firefox. This significantly reduces the nuisance value but does not of course, solve the basic problem. If you use Firefox you are going to have to accept that certain sites will be broken and will require you to fire up IE to access them. This is a simple reality. 2. Firefox loads slower than Internet Explorer and takes more memory Firefox may load web pages faster than IE but the program itself takes longer to load. Much longer, maybe twice as long. Firefox also uses more memory than IE. IE's better performance here is to some degree an illusion. That's because some of the major components of Internet Explorer are always running on your PC, they are pre-loaded when Windows starts. That means IE has less work to do when it starts so it loads quicker. It also means that IE actually takes up more memory than it appears to. This Firefox load time inconvenience can be eliminated by always keeping Firefox loaded and simply minimizing it when not in use. In fact it doesn't even need to take up any task bar space as there is a free Firefox extension that allows you to minimize it to the system tray. Minimizing Firefox also releases some of its memory space so you are killing two birds with the one stone That said it is a reality that IE loads faster and all potential Firefox users should be aware of this. 3. Firefox has had its own security problems Firefox may be safer than IE but it has had its own share of security problems. Indeed since V1 was released there have been more than seven new versions containing security enhancements. This may be so but Mozilla have to be commended how quickly they have released patches for newly discovered flaws, often only a day or two after the flaw was first demonstrated. This is in sharp contrast to Microsoft's tardy response to fixing IE problems. In fact I have never encountered a hostile website that successfully exploits flaws in the then current version of Firefox. In other words, if you keep your copy of Firefox up to date it is extremely unlikely your browser security will be penetrated. The same cannot be said of Internet Explorer, particularly IE6. Conclusion So what do I think? There is no doubt that Firefox is currently less of a security risk than IE6. In particular it is way less liable to Spyware infection. Every week I get letters from readers who have migrated to Firefox from IE because of recurrent IE6 based spyware infections. Commonly these folks tell me since changing over, they have never had a spyware infection. This equates with my own experience. Not only have I never had a spyware infection since using Firefox but I have never even seen a circulating spyware exploit for Firefox. By contrast I encounter IE6 based spyware exploits every day. There is no doubt that IE7 offers better security then IE6 and maybe as good as Firefox 2. However IE7 will remain a target for malware writers simply because of its popularity. That means that there will be more flaws discovered and more exploits released than for Firefox. Combine that with Microsoft's slow response to releasing patches and IE7 security becomes a serious concern.  |
||||||||||||||||||||||||||||||||||
Web Design - Why is it Important to Me? |
||||||||||||||||||||||||||||||||||
|
Posted on: April 24, 2010 By Kevin Symons and Laura Symons Services Web Design the Winning Inch Introduction to Web site design Part 1 of 10 Imagine this web page as the tip of a very large iceberg. What you see on screen is actually the smallest part. To be successful on the World Wide Web / Internet takes time, effort and of course money. Introduction Deciding to get onto the World Wide Web / Internet today has never been quicker or easier. There are so many options from "do it yourself", Choose a pre-made template or choose from over a million Web designers ranging from the ridiculously cheap to the mega expensive. Many first ventures onto the Internet end in disillusionment, massive expense, or simply walk away the project and forgetting the whole thing. Why is that? The Internet is a massive beast and is built on a highly technical environment. The reality of the environment is hidden from us by friendly front-end systems. Which is great by encouraging more people to use it. But by not understanding how it all works means that you can not use it to your advantage. With so much competition on the Internet this means you will not get the results you want or expect. This article is the first in a series of 10 over which we will provide a simple guide to services for web design and to provide the winning inch of knowledge to ensure your success on the Internet. In this introduction we will cover some of the basics to act as backdrop as you to move through the remaining nine short articles. We have adopted a process of nine steps courtesy of Services Web Design. Introduction 1. Consulting 2. Keywords 3. Domain Naming 4. Design 5. Hosting 6. Integration 7. E-commerce 8. SEO (Search Engine Optimization) 9. Internet Marketing Introduction to Web Design - Basic technology: HyperText Markup Language (HTML) Client Server Technology Web Browsers 1. HyperText Markup Language (HTML) Many will have heard of it and many will know what it does, however many will never want to use it. Dating back, it was a language for formatting text to allow academics to communicate and share with each other. Today, there are many software products that present a simple user interface to creating web pages. The software then translates your colors, text styles, lines, boxes and graphical image placement into HTML. This removes the user from the technology altogether. On one hand it is great, it means more people get low cost access to the Internet, whilst on the other hand, not so great as it also means that you are not in control of your web pages! When you need to add or change something in the HTML, which you will, you are suddenly confronted with reality of what the software has created! Trying to navigate your way through it is both daunting and potentially harmful to your Website. To make things easier Frames were introduced to help speed up physical layouts and remove the need for HTML knowledge. Many templates on offer today will be "frames based". The problem with frames is that search engines do not like them. The search engine robots that index your site likes to start at the top right and work through bottom left. So when it finds a table it can become confused. All this means that your Website may not get indexed or if it does it may not index what you want it to. This may cause poor page ranking meaning that your Website will never make it to the first two or three pages of a search result. The same is true of you use a Flash based Website. But there will be more on this and the whole issue of Search Engine Optimization in chapter 8. The World Wide Web Consortium (W3C) have agreed a standard for better layout and formatting by using Cascading Style Sheets (CSS). This is a separate file to the HTML page. It is used by a Web Browser to interpret both the HTML and the Style of a web page. A lot can be achieved using CSS with the benefit of the HTML page remaining pure. CSS is more complicated to learn and use but it has significant advantages in making changes across large sites from a single file. All professional Website designers are being encouraged to use CSS and most good ones do. The W3C provides self-certification for Websites that conforms to the standards laid out for both HTML and CSS. Lookout for the certification symbols / link on pages that conform to W3C standards as you browse. You can use the link yourself it will take you directly the validation page. You can check any Web page in this way for yourself. http://jigsaw.w3.org/ Things to take away from section 1: * Exposure to HTML to fix or add things is inevitable regardless of Software package used * Clean HTML improves your likelihood of success on the Internet * CSS is an approved standard that all future / most current web browsers support. 2. Server and storage - Internet Service Provider Internet Service Providers (ISP) will sell/rent you space to host your Website using their hardware. They own massive server farms and usually offer two core technologies namely Unix (many variants) and Microsoft. In simple terms the ISP, for a fee, will create a directory on a server (hard disc) in much the same way you would on your own computer i.e. to organize and store your files. This directory is then given an address. On your computer you will probably have a directory called "My Documents". On an ISP server it will http://www. This address is called a "Universal Resource Locator" (URL). A URL is a way of accessing the documents within a directory created by an ISP "the Website address. Web addresses / urls look like this http://www.services-web-design.co.uk/index.htm To break this address down we begin with "HTTP" (HyperText Transfer Protocol) as a way of identifying that you want to access an hypertext page. HTTP is a request/response protocol between you, the client, and an ISP server. The request is transferred to the server via Transmission Control Protocol (TCP) and is used again to deliver the HyperText Markup Language (HTML) page to your web page viewer (browser such as Internet Explorer, Firefox etc) The browser, which is located on your local computer, interprets the HTML page and displays it on your screen according to the design. The :// part is simply telling the TCP to look at the highest directory. On your computer this is probably C:/ or "My Computer". "WWW" tells the TCP to look on the World Wide Web followed by the "." (period) followed by your specific Website address "." (period) extension i.e. COMpany or ORGanisation etc. Finally "/" to indicate the actual page in the example given it is the Index page (home page). If no page name is given the default will always be the Index (home) page. You may have seen other address types such HTTPS://name.website.com. The "S" indicates "Secure", you will most likely see this when making any transaction via a web page or filling out a form. The important aspect to take from this section is that a Website is a collection of documents (HTML pages). A Website is really nothing more than a common address to those pages. You can address any page of the site directly e.g. http://www.services-web-design.com will default to the home page (Index.htm) http://www.services-web-design.com/process_map.htm will take you directly to the process map page. Loading pages to your space on the ISPs server is achieved by using another protocol. The File Transfer Protocol (FTP). Much like TCP is the "get page" protocol, FTP is the "put a page" protocol. To do this you will need to know the FTP address, the directory (usually "htdocs"), your user name (assigned by the ISP), your password and of course a document list on your local computer to "upload". It is no more complicated than copying files from one location to another. However, the speed is governed by your connection. The choices of connection range from a modem using your telephone line or broadband. You may be on a network, but your network server will still use variants of either. The only thing to watch for is your firewall or your computer security software that may want to block the FTP transmission. Things to take away from this section 2: * A Website is a collection of HTML pages * Any HTML page can be accessed directly * Websites are hosted by an Internet Service Provider who acts as the "sever" 3. Internet Browsers. We talked a little about these earlier. This software is located on your computer and it translates the HTML page to your screen. Not all browsers interpret the HTML page in the same way! When designing your Website you must make allowances for the lowest possible common browser. Your web page may look great in Firefox version 2.0 but may actually crash someone else's computer if they are using Internet Explorer version 5! The World Wide Web Consortium (W3C) together with the Internet Engineering Task Force have created standards. This covers HTTP, HTML, CSS etc. With standards in place all Web browser vendors can develop / build their browsers to a common standard. Meaning they will all interpret and display web pages in the same way. But as there are millions of people using a multitude of computers of varying technology with various browsers. The rule for Web designers is to allow for the lowest common version possible. You may see this demonstrated on professional Websites where two versions are made available. One version for latter day browsers and an alternative version for older browsers. But all professionally built Websites will provide an alternative / simple "text-link" based menu in additional to the main menu, and will use complexity sparingly. This allows all browsers to read your web page and thus reach as many people as possible. Things to take away from this section 3: * Web Browsers interpret the HTML page to your screen "the client" * Not all Web browser interpret HTML pages in the same way * Website designers must make allowance for the lowest possible browser technology In this section we covered the basics on how the World Wide Web / Internet technology works. The next article covers the importance of planning your Website and using appropriate consulting to avoid making costly mistakes.  |
||||||||||||||||||||||||||||||||||
'Browser Wars 2.0' |
||||||||||||||||||||||||||||||||||
|
Posted on: April 23, 2010 As a relatively recent convert onto Firefox I was a little tentative as to how it could possibly be better than Internet Explorer. After all Microsoft has Billions at it's disposal and the 'browser wars' were meant to already have been fought and won (Netscape was blown out of the water and ~95% of the browsing world were now locked into IE forever)? But now having used Firefox for about a year now - I'll never go back. I've also looked at IE7 and to be honest it's still a long way off Firefox2. How could Microsoft have exposed their soft underside in this manner - simple, the complacency that comes with such a big market share. Recently Firefox have clawed back a significant 15% of the market and this is growing so, don't delay join the revolution today!  |
||||||||||||||||||||||||||||||||||
Frequently Asked Web Design Questions |
||||||||||||||||||||||||||||||||||
|
Posted on: April 18, 2010 By Shelley Lowery If you'd like to do business on the Internet, launching a quality web site is an absolute must. Learning how to design your own web site can be a little intimidating. However, there is a wealth of free information available on the Internet to assist you. The best way to learn is by doing. Take the first step and begin researching. Once you understand the basics of web design, you can begin experimenting with some more advanced coding techniques. A great place to start is HTML Goodies: http://www.htmlgoodies.com/primers/primer_1.html Over the years, I have received many questions in regard to web design. Below, are some of the most frequently asked questions I receive on a regular basis: Question: I am in the process of designing my first web page and am confused about making it compatible with all the different web browsers. Can you help? Answer: Although there really isn't a "set in stone" solution to developing a web page that will display properly in all browsers, there are some basic guidelines that will assist you. The best advice I can offer is to develop your site to be compatible with Internet Explorer and Netscape Navigator, as these are the two most widely used browsers. Although the latest versions of the two browsers are fairly comparable, you must take into consideration that many of your visitors won't have the latest versions. Some of the main differences between earlier versions of the two browsers are as follows: (1) In order to center a "table" within earlier versions of Netscape, you must enclose your "table" code with the CENTER and /CENTER tags instead of using P ALIGN=CENTER. The CENTER tag is compatible with both browsers. (2) When creating form fields, if you use the maxlength code within your code, Netscape will display the input box the length of the maxlength code value. (3) If you would like to display your web page full-screen or adjust the margins, you'll need to use the following codes within your BODY tag: < BODY topmargin=0 bottommargin=0 leftmargin=0 rightmargin=0 marginheight=0 marginwidth=0 > This margin code is compatible with both browsers. Internet Explorer supports: topmargin=0 bottommargin=0 leftmargin=0 rightmargin=0 Netscape Navigator supports: marginheight=0 marginwidth=0 (4) Avoid using special design techniques that require a special browser extension or plug-in, as many of your visitors will need to download and install the plug-in before they can use your site -- most won't. If you follow these few guidelines, you shouldn't have any problems with browser compatibility. A great way to ensure your site displays properly is to download and install both Internet Explorer and Netscape Navigator. This will enable you to view your site through both browsers. Internet Explorer http://www.microsoft.com/windows/ie/default.asp Netscape Navigator http://channels.netscape.com/ns/browsers/download.jsp You can find a nice "Browser Compatibility" chart at the following web address: http://www.webreview.com/browsers/browsers.shtml You can test your site's compatibility at the following web addresses: http://www.anybrowser.com http://www.netmechanic.com Question: I can't get my image to display on my web page. I placed the image code in my page, but all I see is a "red X" where the image should display. Can you tell me what the problem may be? Answer: In order for an image to display on a web page, it must first be uploaded to your server in "binary" mode. If you've verified that your image has been uploaded properly, your next step will be to double check your image HTML code. Make sure that the image address leads to your image and is spelled exactly the same. Keep in mind, the name of your image is CaSE SeNsiTIve. In other words, if your image name is "Image.gif" on your server, it must look exactly the same within your code. Question: I would like to display my text, side by side, like a newspaper, but I can't figure out the code. Answer: In order to display your text like a newspaper, you must place it within a table. < TABLE > < TR > < TD >text< /TD > < TD >text< /TD > < /TR > < /TABLE > Question: When I placed my text within my page, it's right up against the left border. Is there any way I can correct this? Answer: Yes, you can place your text within a table. You can specify the width of your table to determine the distance between your text and the left and right border of your web page. < CENTER > < TABLE WIDTH="80%" > < TR > < TD >text< /TD > < /TR > < /TABLE > < /CENTER > This table code will display your text across 80% of your web page with a border of 10% on the left and right side. If you'd rather not use a table, you can also set your page borders within your BODY tag: < BODY topmargin=0 bottommargin=0 leftmargin=0 rightmargin=0 marginheight=0 marginwidth=0 > Question: I have specified a font face at the beginning of my web page, but the font face isn't displaying within my tables. Can you tell me what the problem may be? Answer: In order to display a specific font face within your tables, you must use a separate font tag within each table cell. < TABLE > < TR > < TD font face="Arial" >text< /font >< /TD > < TD font face="Arial" >text< /font >< /TD > < /TR > < /TABLE > If you'd rather not use a font tag within each of your table cells, there is an easier way. Place the following code between the HEAD and /HEAD tags. This code will specify the font style for all of your table cells. < STYLE TYPE="text/css" > < !-- TD{font-family: Arial; font-size: 12pt;} --> < /STYLE > Question: I've placed a form code within my web page, but my form isn't working. Can you help? Answer: In order for a form to function, in addition to placing the form HTML within your web page, you must also use a CGI form processing script. This script will reside on your server within your CGI-bin and will be called from your form code within your HTML. Your code might look something like this: < form method=post action="/cgi-bin/example.cgi" > The "cgi-bin/example.cgi" text should be changed to the address of your form processing script. You can find free form processing scripts at the CGI Resource Index. http://cgi.resourceindex.com/Programs_and_Scripts/Perl/ Learning how to design a great web site isn't easy. However, if you take the time to educate yourself and start with the basics, you'll be well on your way to designing a great site.  |
||||||||||||||||||||||||||||||||||
Apple To End iPhone 2G Support? Jobs Says So |
||||||||||||||||||||||||||||||||||
|
Posted on: April 12, 2010
We know it's only been a couple of years since the iPhone was originally released, but is this all that surprising? Sponsor  It has been nearly two years since the iPhone 2G was available for sale, though you can still find plenty of them on Ebay, but the same can be said for other old beasts. Should we really expect Apple to continue releasing updates for outdated hardware? As it is, the iPhone OS 4.0 isn't going to support the iPhone 3G for half of its functionality - what are we looking for with iPhone 2G support then? After all, with Apple's infamously closed platform, are we looking for much in the way of bug fixes and security holes? Now, if only Microsoft would do the same for Internet Explorer 6, we could all move on with our lives. Discuss
|
||||||||||||||||||||||||||||||||||
This week 
running in your tool tray, bottom right of the desktop.
Apparently Steve Jobs has gone and answered another customer email, this time sending shockwaves through the tech world with two words - "Sorry, no." TagCloud: Explorer ???? CGI Java Perl php Know U'r TWEAK GUI Blog ?????? blogger ATL Oracle VB internet explorer
Recent Posts
Move Over Taylor Swift, Occipital Brings Real-Time Panorama Creation to the iPhoneData Centers Suited For Dr. Evil and Servers, Too
Official BI 11g Launch Page
Google Places API Could Do For Check-ins What Google Maps Did For Maps
Twitter Annotations Not Coming Soon, After All
PHP command line progress bar
links for 2010-07-30
BI11g - New Features - Custom Groups
The Truth About Legacy Technology
Forget Technical Terms - Whoever Gets the Most Developers Wins...Period