Archive for the ‘Web Technology News’ Category

« Older Entries

Flaw in popular mobile apps exposes users to identity theft

Friday, April 20th, 2012

Flaw in popular mobile apps exposes users to identity theft

A security flaw that exposes iOS and possibly Android smartphone users to identity theft has been discovered in mobile apps for Facebook, Dropbox, and LinkedIn. Smartphone owners would be well served to take extra precautions to protect their devices, as the flaw may well be present in other mobile applications as well.

The flaw exposes users to identity theft by saving user authentication keys in easily accessible, unencrypted plain text files, or .plists. By stealing those files and transferring them to another device — regardless of whether the device is jailbroken — a cyber thief could access the victim’s associated accounts without having to enter any log-in credentials.

Security researcher Gareth Wright reported discovering the flaw in the mobile Facebook application for iOS late last week. Wright sent his Facebook .plist to an associate — Scoopz blooger Neil Cooper — who copied the file onto his own device, opened up the Facebook app, and had immediate, full access to Wright’s Facebook account.

According to Wright, Facebook is working on closing the hole, "but unless app developers follow suit and start encrypting the 60-day access token Facebook supplies, it’s only a matter of time before someone starts using the info for ill purpose — if they aren’t already."

Wright did not test the Android version of the application for the flaw. He did write, however, that "given the programming oversight in the iOS app, it stands to reason the issue will translate to other platforms."

Since Wright published his findings, The Next Web found that the iOS app for Dropbox also has the flaw, as does the LinkedIn app for iOS, according to Scoopz. The flaw is present in various iOS mobile games, too, according to Wright, which players can exploit to cheat.

Given that the flaw is present in apps for Facebook, Dropbox, LinkedIn, and various games, it’s entirely like it affects other mobile apps — which means it’s up to developers to double-check how their wares handle profile information.

According to Wright, the biggest risk a user faces is that of malware designed to slurp data from devices plugged into PCs, e.g. for charging. Wright offered the following advice for protecting your smartphone. First, set a complex password, not a simple four-digit PIN, for your device. Second, turn on your device’s Find My iPhone function. Third, if you plug your device into a shared computer to charge it, don’t unlock the device until you disconnect it.

source:

http://www.infoworld.com/t/mobile-security/flaw-in-popular-mobile-apps-exposes-users-identity-theft-190430

Did you like this? Share it:

Tags: , , ,
Posted in Web Technology News | Comments Off

HP advances public cloud as part of ambitious hybrid cloud strategy

Wednesday, April 18th, 2012

After a year of chatter and several months of private beta testing, HP today announced the public beta of its public cloud services, which the company is billing as part of its overarching hybrid cloud-solution dubbed HP Converged Cloud.

HP Cloud Services — built on OpenStack, HP Converged Infrastructure, and other HP-grown software — aims to deliver an open source public cloud infrastructure. Five core components comprise HP’s Cloud Services: HP Cloud Compute, HP Cloud Object Storage, and HP Cloud Content Delivery Network (CDN), which will enter public beta on May 10, and HP Cloud Block Storage and HP Cloud Relational Database (RDB), which will enter private beta the same day.

HP Cloud Compute lets user deploy compute instances on demand and customize instances though RESTful APIs. HP Cloud Object Storage provides scalable, on-demand online storage capacity suited for archiving and backing up data, serving static content for Web applications, and storing large public or private data sets. HP Cloud CDN, built around Akamai’s Intelligent Platform technology, accelerates the delivery of cached content, thus reducing latency and boosting cloud performance.

HP Cloud Block Storage, meanwhile, enables users to move data between compute instances. The offering is geared toward applications that require frequent read and write access. HP Cloud RDB for MySQL provides developers with on-demand access to application data and is capable of scaling based on the number of instances deployed or the storage capacity required.

In conjunction with the Cloud Services news, HP also announced HP Converged Cloud, which HP said enables enterprises to build, manage, secure, and consume public, private, and managed cloud services within their existing IT infrastructure, thus creating "a seamless, hybrid environment."

Like HP Cloud Services, HP Converged Cloud is built on HP Converged Infrastructure, OpenStack, as well as HP’s homegrown Management and Security software. As part of the HP Converged Cloud, the company announced over 100 new HP Cloud Maps, which provide prepackaged application templates for creating a customized catalog of services, deployable at the push of a button.

What’s more, HP announced plans to enhance it FlexNetwork architecture with features to reduce bottlenecks associated with the development of new cloud services. HP’s Virtual Application Networks speeds service delivery, simplifies management, and guarantees network service levels in cloud and other dynamic computing models, according to the company.

scource:

http://www.infoworld.com/t/hybrid-cloud/hp-advances-public-cloud-part-of-ambitious-hybrid-cloud-strategy-190524

Did you like this? Share it:

Tags: , , , ,
Posted in Web Technology News | Comments Off

Yahoo Serves Mojito for Web App Development

Monday, April 16th, 2012

Yahoo on Monday released an open-source Web application framework called Mojito that aims to make it faster for developers to write apps that can run on all major device platforms, including smartphones, PCs, iOS and Android.

While Web app frameworks are nothing new, Yahoo claims Mojito is different because it addresses the problem of delivering content to devices that have weak or intermittent connections, said Bruno Fernandez-Ruiz, chief architect with Yahoo’s platform technology group.

Developers use Mojito to write apps using Javascript, HTML and CSS that can run both on the client, using an embedded Javascript engine, and on the server, using the emerging Node.js platform. That means that if bandwidth is limited, an app can switch between rendering on the client and rendering on the server, providing a better experience for the user, Fernandez-Ruiz said.

Yahoo announced Mojito in November and is making the code available to developers this week under an open-source BSD license. It positions Mojito as a way to free developers from what it calls “closed, proprietary” platforms such as Apple’s iOS, and from having to choose which platform to develop for.

It sees Mojito being used primarily by publishers to deliver newspapers and magazines, and for interactive ads. Yahoo has released a few Mojito apps to show what it can do, including Livestand, an iPad app for reading articles from various sources.

It’s part of a wider Yahoo project called Cocktail, to build a Web presentation platform for devices. The Cocktail project also includes Manhattan, a Yahoo-hosted server environment based on Node.js where developers will be able to host their applications.

Yahoo is opening Manhattan to a small group of Javascript developers this week, and it will be made more widely available “when it’s ready,” Fernandez-Ruiz said. Developers can also deploy Mojito apps in any other environment that supports Node.js, such as Amazon Web Services, he said.

Yahoo has struggled to compete with Google and to return to the Internet leadership position it once held. It’s had several changes of leadership and is frequently rumored to be a takeover target. That could make developers wary of jumping on board a new platform from the company.

But Fernandez-Ruiz argued that developers can have confidence in the project because it is open source. Should Yahoo’s support for Mojito ever waver, the code would still be available for development, he noted.

Source:

http://www.pcworld.com/businesscenter/article/253008/yahoo_serves_

mojito_for_web_app_development.html

Did you like this? Share it:

Tags: , , ,
Posted in Web Technology News | Comments Off

How Will Web Browsers Look Like in the Future?

Thursday, March 15th, 2012

At present, the most frequently used software of a computer is probably the browser. People are very familiar with it, as familiar as the starting up and shutting down. Everything we do about the Internet should be accomplished by the browser. Do you wonder what browsers will look like in the future? How about we review the history of browsers at first?

Creative efforts

Lose for the instability. In 1994, the first commercialized browser in history Netscape was born. The value of browsers was then discovered, so the operating system can be left aside, and the demand of PC turned to the Internet. The idea and the goal of cross-platform of Netscape made itself a big threat to the Microsoft, and forced Microsoft to develop its own browser – IE (Internet Explorer). In the period of the “Browser War”, the Netscape and Microsoft updated their products rapidly, lots of functions were added, and the versions are escalated all the time.

Microsoft adopted the strategy of free bound. In the mean time, the Netscape browsers are supposed to be bought for its profit pressure. The pressure given by Microsoft became harder and harder to bear for Netscape. When IE4.0 came out, the advantages of Netscape browsers were hardly seen. According to the critics, the Netscape added functions all the time, without maintaining the stability of the browser. The users’ favourable impressions of Netscape declined and IE monopolized the browser market.

Lose for the insecurity. The lost Netscape did not vanish afterwards. In January, 1998, Netscape declared to open source – Mozilla plan started to be carried out.

Mozilla Firefox is based on Gecko, the core of the old Netscape browser. The developer hoped to solve the usability reduction caused by the variety of functions, and share the market once fully occupied by Microsoft.

The Firefox started to win the market shares of IE after the Firefox browser was officially released in September, 2004. The analysts thought that there were two reasons for why Firefox is well-received, one is the inward improvement, and the other is the outward conditions.

Firefox started to offer free and open products. Firefox has been more compatible since Firefox3, and lots of APIs were provided to developers (which is highly praised for its expansibility). The interface was more attractive, and the security was also greatly improved. IE, the one who had beaten Netscape, did not improve very much after IE6, and the update of version is rather slow, and it improved slowly on the compatibility and supporting the network standard. What was worse, the security problems of IE were serious. Trojans, junk ads and viruses spread on the Internet are all due to the security flaws of IE. To mend these flaws will always take Microsoft a large amount of time, let alone the update.

Facing the old-fashioned and arrogant IE, the users started to choose the Firefox which is more active. Security and stability are doubtlessly the motivation for the users to transfer.

Lose the favourable impression for the low speed. Firefox is more advanced in security and stability than IE (and more quick to mend flaws), but it also has its own problems. Firefox began to turn clumsy with expansions. Some pointed out that it took more time to start up Firefox than many other browsers, even the IE6 was faster than Firefox.

The Google browser (the open source version is Chromium) came out in September in 2008, which immediately cached people’s attention. The simple and efficient browser won the users for its high speed, and became the browser whose users increase the most rapidly. Only three years after its releasing, the global shares of it got close to those of Firefox, even the user number of it become the largest in some countries. Firefox lost its reliability from experts and users while competing with Google browser. Although the Mozilla fund is still engaged in some great goals, but Firefox is no longer what it was. Now we have witnessed that the Google browser era has come.

Constant evolution

The history of browsers is short but eventful. The brands were frequently replaced and the competition is fierce. Only an all-around developed browser can win the hearts of users. What will browsers be like in the future? We may see the future of browsers from the development of Google browsers.

The overall development goals of Google browsers are to improve stability, security and speed.

The browsers in the future should at first be stable. It is like a car needs a powerful engine, so that it can run stably. The Google browser adopted the multi-process architecture to keep the users’ confidence in its stability (it is a unique feature of it different from all other browsers, and a technique to ensure the stability when users are surfing the Internet. For every tab page is independent as a window procedure, if one tab breaks down, the whole procedure will not all break down, and the users can still visit other sites.

Besides the stability when surfing the Internet, the stability of products are also guaranteed. Four versions of Google browsers were released at the same time, and they can be updated spontaneously, which ensures that the browser is always the latest and most stable whenever the user use it.

The browsers in the future should also be secure. The browser is the gate which accesses to the Internet, so many ill-disposed people attempt to spy on the users’ privacy with it. Much effort has been made to improve the security of Google browser. Multi-process architecture was mentioned in the previous paragraph. Actually, every tap page of the Google browser is also a sandbox. In the sandbox, malicious programs cannot steal users’ sensitive data and control the computers, just like the prisoners in jail. After closing the tabs, malicious programs are wiped out.

Google browser’s security is also guaranteed by functions such as blacklist, and blocking fraud and malicious programs. In the 2011 Pwn2Own Hacker Contest, Google prepared $20,000 for the person who is able to break through the defence of the Google browser, but no one could take the money.

The browsers in the future should be faster. Compared with the slow IE and the clumsy Firefox, Google browser is like a light-footed teenager. It gained large quantities of users just by its public praise and its pleasant speed. The technologies behind the speed are worthier speaking: the core of the browser Webkit is the basis of the speed, and the newly developed V8 JavaScript engine, so it accelerates the speed of websites using plenty of JavaScript (including videos, online games and online IM). It is pretty unique in the era when Web2.0 is quite popular. It also has the GPU acceleration function. Although lots of tabs are opened, you can still shift freely.

Google browser’s configuration is very likely to be the standard configuration of all browsers. The OmniBox combines the address bar, the search box and the book mark together, which saves space and is fashionable. You just have to type the address in the address bar, and the instant pages will be loaded immediately. When you surf the Internet, you do not have to copy and paste, you just need to choose the text and press the right-hand button of mouse to search. It supports HTML5 well, for example, you can deal with e-mails and agendas offline.

Did you like this? Share it:

Tags: , , , ,
Posted in Web Technology News | Comments Off

Hadoop Distributed File System

Monday, March 12th, 2012

Hadoop Distributed File System (here-in-after referred as HDFS) is a file system designed to store large files (hundreds MBs, GBs or even TBs) in a streamed data access mode (write one, read many). It is running on the business hardware clusters (ordinary software can be bought in various stores).

The conditions in which HDFS is inapplicable:

1) Low latency data access (HDFS will optimize to reach high data throughout, but in the risk of delay)

2) A great deal of small files (the name nodes stores metadata of the file system, so the limit of the file number is determined by the amount of memory of name nodes)

3) Multi-users alter files willfully (there is only one writer of HDFS’s files, and the write operation is always done at the end of the files). It is tacitly approved that the module of HDFS is 64MB, and the module of the disc is 512 Bytes. The module of HDFS is larger than that of the disc to reduce addressing spending.

Name nodes and data nodes

HDFS cluster has two nodes: one is running in a director – worker mode, or just one name node (the director) and several data nodes (the workers). The name node manages the name space of file systems; it preserves the files’ system tree and all the files and index of the tree.

The data node is the worker of the file system. It records and locates the service of modules (when it is used by a user or a name node), and sends the list of modules it records to the name node regularly.

Hadoop provides two systems to make sure that the name node can stand bugs:

1) To copy those permanent files which consist file system metadata. (The usual configuration option is that, while writing in the local disc, a remote NFS mount code should also be written)

2) To operate a secondary name node, and combine and name the space mirror images by editing daily recording regularly to avoid the daily records being oversize.

Compression and input segmentation

The gzip format uses DEFLATE to store the compressed data, the DEFLAT stores the data as a series of compressed modules. The gzip does not support the segmentation of modules.

The basic compressed format does not provide methods for the reader to make it synchronic with the stream.

The bzip2 format provides synchronous markups between modules, so it supports the segmentation.

The ZIP file supports the document bounds segmentation, and every segment contains one or more documents of the ZIP file.

Did you like this? Share it:

Tags: , , , , ,
Posted in Web Technology News | Comments Off

Apple’s Annual Meeting: 3 Things to Watch

Thursday, February 23rd, 2012

Apple, the world’s most valuable company, is scheduled to convene its annual shareholder meeting Thursday at its headquarters in Cupertino, Calif.

As at most U.S. companies that have performed well, there are no challenges to nominees for the board of directors nor controversial proposals for the shareholders to consider.

So Chairman Art Levinson, 61, who succeeded the late Steve Jobs, 56, who became Apple’s first chairman when he resigned as CEO last August, will have easy sailing. Levinson, CEO of Genentech, will introduce new CEO Tim Cook, 51, as well as the board of directors, whose only new member is Walt Disney CEO Robert Iger, 61.

The best-known member of the board is former U.S. Vice President Al Gore, 63. The Democrat is also a Nobel Peace Prize winner as well as Oscar winner.

Here are three things to watch:

What will management say about alleged  "slave labor" practices at Foxconn? Management last week tried to pre-empt this by announcing a probe into conditions at its principal contractor, Hon Hai Precision Industries, the official name of Foxconn, which employs as many as 700,000 workers in China.

Source: http://www.ibtimes.com/articles/302310/20120221/apple-cook-steve-jobs-slave-labor-foxconn.htm

Did you like this? Share it:

Tags: , , , , , , ,
Posted in Web Technology News | Comments Off

Drupal Web Development Technology for Medium Businesses

Friday, March 25th, 2011

Among all the CMS in the world, Drupal development has become one of the favorites systems, which require very little technical expertise to manage but provide robust solutions. So the number of small businesses using Drupal is growing every day. Compared with other technologies, Drupal CMS has changed it all for the small and medium businesses and is providing them a competitive advantage. You can hire developers flexed depending on your business needs. This gives you a chance to lock horns with their giant competitors.

Let’s see some reasons for Drupal popular:

It is an open source development platform and has been written and distributed under the GNU General Public License.

It is one of the easiest CMS in the world, Lower technical expertise to manage; easily add graphics and media elements to their website.

It is very cost effective compared to traditional ways of building and managing a website.

The welcome of Drupal has fuelled the growth of groups and forums on the Internet where you can easily get solutions to your entire problem.

All above things make Drupal so powerful and an ideal platform for small and medium businesses.

Source:http://articlewild.com/Drupal-The-Technology-for-Medium-Businesses-155398.html

Did you like this? Share it:

Tags: , , , , , , ,
Posted in Web Technology News | Comments Off

The benefits of web development with Ajax

Thursday, March 24th, 2011

Ajax is a combination of technologies such as HTML, CSS, DOM, XML, and JavaScript, which is performing an important role in creating useful web applications and used by many Website Development companies for the development of the next generation quality applications. Especially for Asynchronous JavaScript and Xml, this is majorly used in web application.

The Ajax technology is expected to grow rapidly in the future due to its following benefits to the E-commerce Development business:

First, Ajax web applications is free from the limitations of browsers, so can be developed for most of the web browsers such as IE, Mozilla-Firefox, Google chrome, Netscape, Safari etc.

Second, Ajax is faster than traditional applications, as the developers have the facility to select the portion of their web applications to be sent on server. Besides, it provides better App experience to the users due to its latest and amazing components.

Third, Ajax interfaces support many key components of web 2.0, which provide more user interactions and better App experience to the users.

Fourth, it is compatible with various server side languages such as PHP, Asp.net, Perl, and Cold Fusion.

Source: http://business.ezinemark.com/ajax-in-web-development-7d2dc7c7b424.html

Did you like this? Share it:

Tags: , , , , , , ,
Posted in Web Technology News | Comments Off

Are there Web service security standards or risk assessment checklists?

Friday, March 11th, 2011

Is there a benchmark that can be used in a comprehensive security review of a Web service that accepts interaction via multiple interfaces (such as touch-screen kiosks and Web-based forms) in any industry?

Web services technology is growing in the enterprise sector, as companies begin to use Web services for business-critical functions to meet operational needs. For example, airlines, car rental companies, restaurants and hotels have adopted Web services in the form of online reservation applications to make booking an easy and fast process.

However, the deployment of Web services potentially can expose an organization to a variety of threats. These include:

  • Eavesdropping on messages en route, leading to disclosure of information;
  • Tampering with messages in transit to change transactions;
  • Denying the sending of a message, potentially leading to loss, and;
  • Denial-of-service attacks leading to operational disruption.

All the above can have serious consequences for an organisation, so there is a need for strong information security assurance.

Although there are Web services security standards, such as XML Signature (XML-Sig), XML Encryption (XML-Enc) and Web Services Security (WS-Security), they are not in themselves sufficient to ensure security is built into Web services because of their complexity and diversity. Rather, for the services to be truly secure, security has to be systematically identified, designed, tested, documented and incorporated in the Web services Software Development Life Cycle (SDLC). As a minimum, organisations should consider deploying SSL for data transfer confidentiality and use client-side certificates to validate claimed identities.

Source:http://searchsecurity.techtarget.co.uk/answer/Are-there-Web-service-security-standards-or-risk-assessment-checklists

Did you like this? Share it:

Tags: , , ,
Posted in Web Technology News | Comments Off

12 Excellent Tools for Picking a Domain Name

Thursday, March 10th, 2011

Selecting the perfect domain name for your website is the most important, and oftentimes hardest, step in establishing a web presence. There are plenty of tools out there that can help you ease the burden of checking available domains and suggesting similar names that are related to your searches.

In this article, you’ll read about 12 neat web tools that will lend you a hand in finding and choosing domain names. You’ll find a variety of search and suggestion tools that have an assortment of features so that, hopefully, you’ll discover a few favorites.

1. Domainr

Domainr - screen shot.

Nowadays, it’s difficult to find a domain name that end with the popular .com, .net, and .org TLD‘s. Domainr is an innovative web tool that helps you explore other TLD’s that have made popular websites like last.fm and del.icio.us stand out from the crowd. Of course, searches will also include popular top-level domains that are available.

2. Dot-o-mator

Dot-o-mator - screen shot.

Dot-o-mator is a web tool that suggests site names based on prefixes and suffixes that you’ve entered (keywords). Alternatively, you can use a category of prefixes (like "Tech" or "Games") and suffixes (like "Hardware" or "Web 2.0 words") to generate suggested site names for you. It’s a helpful tool for, at the very least, obtaining inspiration for a site name.

They also have a fun tool called Web 2.0 Domain Name Generator that generates "Web 2.0" site names like "Yakidoo" or "Zoompulse".

3. BustAName

BustAName - screen shot.

BustAName is a robust and feature-packed domain finder that uses linguistic data to help you search domains. BustAName allows you to save and manage/organize your searches for later use. It has a "List of Words" feature that advise you of similar words to your search – which you can then organize inside folders.

Available domains that are returned can be sorted in a number of ways such as "by quality (readability)" or "by length" for easier viewing. Though the web tool is very intuitive, the creators have a video tutorial on how to utilize BustAName.

4. Domain Tools

Domain Tools - screen shot.

Domain Tools is a set of domain name search engines that will help you uncover relevant information about certain domain names. They have a "Whois" search that reveals records about the party who registered the domain, a "Suggestions" search to help you find similar domain names, a "Domain Search" which shows you what TLDs of a domain name are available, and domain names that are "For Sale" or "At Auction".

5. Domize

Domize - screen shot.

Domize is a fast, Ajax-based search engine that you can use to rapidly check the availability of domains. Domize has a widget that you can install on your website to provide a domain search engine to your visitors. Domize also has an iPhone app – because domain name inspiration can hit you at anytime (hopefully you have your iPhone with you when it happens).

6. squurl

squurl - screen shot.

squurl is another fast Ajax-based domain search engine. It has a "Suggestions" feature to help you discover similar domains to the ones you’ve typed.

7. DomainsBot

DomainsBot - screen shot.

DomainsBot is a domain search engine that has an "Advanced" search feature so that you can conduct a more customized and refined search. For example, you can set the maximum domain character length to eliminate lengthy domain names from the results or exclude domain results that have a hyphen (-).

8. dnScoop

dnScoop - screen shot.

dnScoop tries to estimate the value of a particular domain based on several statistics such as site traffic, links pointing to the domain, and other factors. This will help you gain some insight on the value of a particular domain name in case the name you really want is "for sale" and you want to see if the asking price is fair, or to make an offer to a site owner that owns the domain you really want.

9. StuckDomains

StuckDomains - screen shot.

StuckDomains is a database of expired domain names that previous owners have not renewed. This can be an opportunity to find a domain name that doesn’t involve odd names like "fujiyakuku.com".

10. Nameboy

Nameboy - screen shot.

Nameboy is a popular domain name generator. This straightforward web tool asks for a "Primary Word" and "Secondary Word" that describe the topic of your website, and based on your input, it suggests possible domain names.

For example, typing in "web" as the Primary Word and "superman" as the Secondary Word returned results such as webhero, supeweb and supermanweb. There’s a "Rhyme" option that tries to suggest domain names that rhyme with the search phrases, but the feature didn’t seem to work on the above example.

11. dyyo.com

dyyo.com - screen shot.

It’s common practice to keep domain names as short as possible so that it can be quickly typed and also so that they’re easier to remember. dyyo.com specializes in helping you find 4-letter domain names to keep your URLs terse.

12. Ajax Whois

Ajax Whois - screen shot.

Ajax Whois is a simple Ajax-based domain search that makes domain-name-hunting effortless and rapid. To make your searches even faster, they have a set of useful keyboard shortcuts to satisfy the power user in you.

Source: http://sixrevisions.com/resources/12-excellent-tools-for-picking-a-domain-name/

Did you like this? Share it:

Tags: , , , , ,
Posted in Web Technology News | Comments Off

« Older Entries