16 Supercomputers Set to Join the Fight Against COVID-19

Well here we are in the 3rd week of March and it’s probably fair to say
that the last of the ‘it’s not going to be that big a deal’ way of thinking
crowd regarding COVID-19 have finally changed their tune. What was once an
epidemic has become a pandemic, and we’re seeing the entire world and our
way of life in it being turned upside down. The reality is that this is not
only a threat to the lives of human beings, but it’s also a threat to the
economy and social service infrastructures that they rely on. First and
foremost in this regard is healthcare.

Fortunately, those of us in Canada have it significantly better in that
regard than our American neighbors, but even our healthcare system is at
risk of being overwhelmed by the Pandemic if it’s not seriously constrained
in its advance. We’ve talked in the past before how 5G technology is set to
really revolutionize healthcare
<https://4goodhosting.com/blog/5g-networks-expect/> in a big way, but a lot
of these benefits are quite ready for implementation yet given that 5G is
just beginning to be rolled out. What we need to combat COVID-19 is to get
everyone on the same page and buying into what’s the best plan of attack.

Here at 4GoodHosting, we imagine we’re the same as every other Canadian web
hosting provider in that this global crisis is front and centre in our
minds and we’re equally concerned about what this may mean in a month or
two if we don’t make serious inroads into containing this pandemic virus.
But in reference to what we alluded to just above – getting people on the
same page and buying into what’s best – it would appear as if the digital
world is ready to put a few especially powerful non-animate beings on the
case too in the interest of fighting COVID-19 as best we can.

Supercomputers – To the Rescue?

Maybe so.

The battle against the Coronavirus will soon have the support of 16
supercomputers, offered for service on behalf of a new consortium of U.S.
government agencies and companies. A partnership has been announced between
the White House Office of Science and Technology Policy and the U.S.
Department of Energy where these supercomputers will be available to power
the research into what makes the coronavirus unique, and how it might best
be overcome.

Participating in the COVID-19 High Performance Computing Consortium are
well known major tech companies; IBM, Amazon Web Services, Google Cloud,
and Microsoft. Joining them are two prestigious universities, The
Massachusetts Institute of Technology and the Rensselaer Polytechnic
Institute. Rounding out the roster are five national laboratories, the
National Science Foundation, and NASA.

That’s a serious gathering of brainpower, and hopefully the best way of
judiciously deciding how this computing power will be put to work.

The 16 supercomputers pressed into service now are going to provide more
than 330 petaflops of processing power from across 775,999 CPU cores and
34,000 GPUs. Those numbers should seem as impressive as the number of
digits on either side of the comma suggest they are! Researchers can use
this massive amount of computer power to quickly run through calculations
and models which would take days, months, or even years to perform when
undertaking those calculation and models with less powerful computers.

How are they able to do this? That’s a question that would have too long an
answer to share here in its entirety, but the most powerful supercomputer
on the planet – Summit – has already enabled researchers at the Oak Ridge
National Laboratory and the University of Tennessee to screen 8,000
compounds to determine which ones are most likely to bind to the main
‘spike’ protein of the coronavirus. When this binding occurs, it renders
the virus unable to infect host cells, and as such transmission of the
infection does not occur.

Guiding the Best Current Responses

These researchers were then able to use Summit’s resources to search for
drug compounds which could act as potential cures or ones that could
majorly stem the progression of the viral infection. It only took Summit 2
days to identify 77 compounds which could be potentially useful in the
management of the disease. Adding all the other supercomputers to the fight
promises to be even more beneficial when ti comes to examining even more
data.

Huge companies with massive supercomputers contributing to coronavirus
research efforts are great, but they’re not the only ones making very
valuable contributions to the fight however.

The Folding@Home project is inviting members of the public to contribute
processing power from their home computers in a distributed computing
project. At present the project is contributing over 470 petaflops of power
in total, which is a doubling of what even the Summit supercomputer is
capable of!

If interested, anyone who thinks they have something to share can learn
about how they can contribute to the project by visiting the Folding@Home
website.

Maintaining Ecommerce Stability as Best You Can During the Global Pandemic

Well, they warned us that this was a possibility, now it’s become one. The coronavirus (Covid-19) threat has increased considerably now that it’s been defined as a global pandemic, and the shockwaves of it are being felt all around the world in a big way. It’s even been suggested that the economic slowdown resulting from it may even trigger a worldwide economic recession. For the average person whether or not that becomes a reality is something that’s beyond their control, but if you’re operating a small business online you may find that you have to change your ways.

Here at 4GoodHosting, we’re like any Canadian web hosting provider in that it seems we may be fortunate in that the nature of the work that we do allows us to be fairly isolated and working from home if need be. Doing so may be the most responsible choice to make, as there are many others who have professions that don’t allow them to do that and by staying in we lessen the chance of transmission rates increasing to very problematic levels.

As we’ve all been told, even if you are in good health with a strong functioning immune system you may be contributing to the problem just by going about your everyday lives and being out and about as usual. Without going on at length, we agree with those insisting that it’s best for as many of us as possible to stay home and help in the fight against the pandemic.

Concerns for Those Operating E-Commerce Websites

We imagine that everyone will agree that public health has to be the number one priority during the Coronavirus pandemic. eCommerce companies are advised to make plans to maintain their business in the face of this current economic volatility. You should already know that large scale disruption is likely, and problems with supply and demand that can seriously impact cash flow are already being seen. Here are the major issues and what you can do to minimize the effect they have on your online storefront to keep it open.

Product Availability Concerns

An eCommerce company does not operate if it does not have products to sell. The origin of many products and components is China – the epicentre of the pandemic – and that’s resulted in the supply of many retail goods dwindling.

As the pandemic spreads and other countries see reductions in manufacturing capacity, supply is only going to get worse. We should probably expect that employee illness, factory closures and travel restrictions will mean that the products eCommerce companies are selling will now be manufactured at a lower rate, and delivered to retailers MUCH later than they’d like them / need them.

So what can an eCommerce company do to continue their operations? One possible fix is to start sourcing these products from areas that haven’t been widely affected by the virus – if that’s possible. Having multiple sources can also make it so that you’re not entirely cut off from supply if one manufacturer or wholesaler goes out of action. Sourcing products domestically can also be helpful as they will not face the same shipping disruption as imported goods.

Product Cost Concerns

It’s now inevitable that fewer manufacturers or wholesalers will be working at capacity, and we can also expect that many of them will take advantage of the product scarcity by raising wholesale prices. Customers who place large orders and pay inflated prices will very likely be prioritized. Smaller eCommerce companies that don’t have the means of doing that may be moved to the back of the supply queue.

To keep supply going, a smaller eCommerce company may have to consider a wider range of suppliers and accept paying higher prices. Whether this can be done realistically will of course depend on your operating budget and a whole host of other dynamics that are exclusively related to your online business.

Cashflow Concerns

Supply disruptions, higher prices and far fewer incoming orders means cash flow is going to be a primary concern for many eCommerce companies during this time. Coping with this effectively will mean businesses must reduce spending and determine ways to generate income. Product scarcity is probably going to continue for some time, and so there will be less choice for customers. One possible solution that arises from this is to hold on to items that would previously have been put in the sales and to continue selling them at full price to maintain margins.

You may need to consider re evaluating your advertising budget too. You may have items in your inventory that are not going to sell given the nature of the Coronavirus crisis – travel-related items, for example, and any that meet the same type of criteria are ones you should stop advertising for. Focusing on SEO and content marketing to improve organic traffic and shifting towards email marketing which doesn’t have a high acquisition cost may be good ideas to protect your cash flow.

Proactive Communications

You can count on the general public being fully aware that Coronavirus will affect the availability of products, so they likely won’t be too surprised if something is not available to them temporarily. However, they will be displeased if a company continues to advertise products as being available but then fails to fill orders for them. Be very proactive in letting customers know about the challenges you are / will be facing as a result of the Covid-19 pandemic before they order, and this will go a long way in retaining these customers once this big mess is over.

Agile Adapting

Getting through Coronavirus will require online businesses to be more agile and creative. Some will consider new ways of selling products. Another option for some will be to look at sourcing products that are more likely to go up in demand during the pandemic. Home improvement, hobby and cooking items are some examples.

eCommerce companies also need to be prepared to adapt to the impact of the virus on their staff and day to day operations. Utilizing web-based applications so that staff can work from home may be the best – and most socially responsible – thing to do. Also, look for alternative fulfilment and shipping options and undertake video meetings rather than meeting in person.

Wrap Up

How long this Coronavirus pandemic is going to last is anyone’s guess. You may not have felt the pinch yet, but you should at least somewhat prepare in case you do. And planning in full may be the better choice. You want to ensure that your online business can withstand current disruption and is in a strong position to move forward when the pandemic finally comes to an end.

Wishing you and your family – and online business interests – all the best during this difficult time.

What 5G Will Likely Mean for Mobile App Development

If you’re the type to stay on top of developments in the digital world then you’ll almost certainly have been front and centre for all of the fanfare that the forthcoming 5G network in Canada has received. The buzz has included both positive AND negative takes on it, but if you’re one to think positively then you’re likely very enthused about being able to get so much more out of your mobile devices in making your life easier.

Here at 4GoodHosting, we believe you’ll find that every Canadian web hosting provider will be the same way we are with a real sense of anticipation for what 5G is really going to make possible once it’s rolled out. There’s been no shortage of opportunities for us to read about it, and if it’s something that has interested you in the same way it has for us then you’ll likely have been able to read a lot of different takes and perspectives. One thing’s for sure – it’s going to change the landscape in a big way.

One area of discussion that seemingly hasn’t been gone over at length is what this new supremo level of network capability is going to do for mobile app development. Even if you’re not app-savvy or and app afficionado, even the most laypeople of us tend to make use of at least a few apps on our phones these days. That goes for mobile phone games too, everyone seems to have at least one on their phone.

Everyone who’s in the know is saying how 5G is really going to have major affects on mobile app development. Here’s how.

Early Adopter Industry

This is going to move the world towards widespread connectivity, ease of accessibility, unhindered innovation, and speed. As well as being a leveraging force which is going to make everything easier for netizens of the planet. Mobile app development is almost certainly going to be one of the early adopters of this revolutionary technology, and one of the first things we all need to take into account are device features and network requirements. Developers are going to have to wade into this with an initial focus on being able to meet users’ needs and expectations.

Like most, we believe that 5G Mobile technology will enhance the following areas, especially with regards to security, augmented reality, and being able to add / incorporate new functionalities.

  • Security

5G technology be able to enhance the trust users have with their devices, network slicing, and will also likely the validity of user identities.

  • New Function Possibilities

This coming Fifth generation of network capability will also assist companies and services with mobile app development by getting rid of a pair of currently mainstay constraints – Latency and Speed. The way 5G is going to reduce the first one and increase the second one in a BIG way is the one aspect of 5G’s potential that HAS been discussed at length, so we’ll leave it at that.

It’s going to happen – and that part of it is going to be pretty darn glorious.

  • 3D gaming & immersive augmented reality

5G is poised to influence development in gaming as a whole, but where it’s really going to make a huge splash is in a pair of emerging areas. Those being 3G gaming and immersive augmented reality.

  • Rise in the Cloud-Based Apps

Once super-fast 5G is in place, the rise in the use of cloud-based applications is probably going to be nothing short of meteoric. At the same time, there’s going to also be a ‘setting free ‘ of both manufacturers and users who no longer have to be dependent on physical storage of data and can really take big-time advantage of cloud storage.

New Performance Standards

Now we’ll switch over to how 5G is going to benefit both developers AND the end users who are going to be next in line to benefit from all the super-connectivity and speedy goodness. We’ve heard all about low latency meaning far fewer delays and interference, fast-fiber speeds in wireless mode meaning the kind of quick response everyone wishes for, and wireless connectivity that’s going to be better than it’s ever been before.

Let’s look at a few aspects of this in greater detail:

  • Better Speeds

No matter what size a new app may be, 5G technology will make it so that users can download them in just seconds. This speed factor is going to benefit app marketers in a big way too as they’ll be able to promote the products as being ones that can be downloaded with lightning-fast speeds.

  • Super Quick File Transfers

Great speed helps you transfer files with speed. Likewise, 5G helps in improving the speed of money transfer and all other types of transfers from one account to another.

5G will create clean and smooth environment for flawless communication in crowded and remote areas.

  • More Engaging User Experience

The Internet speeds that are going to come with 5G will help enhance user experiences quite emphatically, and what is probably most noteworthy here is the way it will elevate the user Interface of new apps.

IoT devices are going to benefit hugely from 5G too, prolonging the battery life of these devices by 10 times or more.

  • Minimum Levels of Latency

Latency has always been annoying, and latency always will be annoying. Responses that come as fast as possible are always going to be hoped for, and with 5G we’re going to be enjoying the lowest levels of latency ever.

It’s being reported that 5G will reduce the reaction time to around 1 millisecond or even less.

Preparing Mobile Apps for the 5G Network

 

5G will connect smart devices and people together, and mobile app development is definitely going to be taken to a new and very large scale. This will be true for both Android and iOS mobile applications.

When evaluating this it’s important to know that 5G isn’t an extension of its predecessors 4G or 3G. It’s very much an entirely new entity, and one particular industry that stands to benefit in perhaps the biggest way is healthcare. Mobile apps are already a huge part of modern healthcare, and once 5G becomes available then we can expect revolutionary improvements in remote patient monitoring. This may be where 5G makes it greatest and most far-reaching positive contribution around the world.

 

 

 

Google’s Advanced Protection & ‘Titan’ Key Ready to Fortify Gmail Accounts

It’s surprisingly common for people to be more insistent on having some type of virus protection on their home desktop or notebook but, but less so when it comes to their smartphone. The worst way to become aware of the deficiency is if you find yourself with an infected smartphone OS and having to factory reset your phone to get rid of it. As we’re sure you know, however, that’s a best case scenario a lot of the time.

These days most people keep an extensive amount of personal information in your Google account, from bank account balances to phone numbers, email addresses, and even photos of you or your family that could be used for facial recognition. Any conscientious Canadian web hosting provider is going to know that the nature of the Information Superhighway is that it’s all too easy to get your hands on what’s not yours. Phones do get hacked, and when they do it can be a big problem, especially if someone gets your financial information.

These days some type of virus protection for your Android – or iPhone – is a good idea.

Which leads us to what we’re highlighting today. In the face of increasing security risks for smartphones, Google is going to take some of the heat off Android smartphone users with the new Google Advanced Protection Program. What it’s being advertised as able to do is protect sensitive data with the highest level of security you can get and making it nearly impossible for anyone other than you to access your Gmail, Google Drive, Google Photos or other Google services.

Sound good? We bet it does

Darn Good Defence

Plus, just after rollout a follow up update has now added what Google claims is the strongest level of consumer-grade security possible for your Google account. And the superlative there is important, because data breaches are occurring more frequently than ever before. Companies alone reported a staggering 5,183 data breaches in 2019 alone. Most will have heard of how even Amazon CEO Jeff Bezos’ phone was hacked. And then there’s the fact that even the ‘strongest’ passwords can be determined. The risk is always going to be there.

Here’s everything you need to know about the Google Advanced Protection Program and how it can protect your data.

Introducing – the Titan Key

The means by which Google Advanced Protection Program protects your personal information is by a physical security key, and in appearance its not unlike the kind of dongle you use to start a car with keyless ignition. There’s no need to plug it into your phone, laptop or desktop, and instead you only keep it nearby whenever you access your Google account. Keeping it on a keychain is a good idea. You can get a set of Titan security keys for about $65 or so at the Google Store, but most people will be more interested in the new ap available for Android AND iOS that then creates your mobile device itself as the security key.

One aspect seen in pretty much every data breach is attacks being carried out remotely. That’s why the Titan key and other physical security keys are more effective, they’re with you and working in immediate proximity to lock and unlock your phone. It looks like it’s going to be an effective defense against online hackers.

And if a scammer did steal your username and password, they still would fail to get into your account without that physical key. The same type of insurmountable obstacle will be in place for anyone who might try to steal your password. The reality is that without that key, your Google account is practically impenetrable. The Titan Security Key comes in both a USB and Bluetooth version.

Better Defenses, Little Less Ease of Access

There is a trade off to all this advanced security goodness. Once an account is enrolled in the Google Advanced Protection Program, you may not be able to fly right in and out of Google services like you’ve been accustomed to. This will be true for you as well as for most 3rd-party apps trying to access Google Drive or anywhere else similar.

It should also be mentioned that YubiKey also makes security keys such as this one that are compatible with the Google Advanced Protection Program.

Rest assured that Google apps will still function though, and a few select few non-Google apps like Apple’s Mail, Calendar and Contact apps for iOS, as well as Mozilla’s Thunderbird email client will too. Oppositely, ones like Travel tracking apps, or apps that aggregate your online purchases by scanning your Gmail for receipt are not going to work.

Plus, any Google services accessed via mobile or desktop browser will now only work with Chrome or Firefox. And if you happen to lose both your security key and your backup key, the process for regaining access to your Google account may be slower than you like, as Google will go through extra steps to verify your identity before unlocking it. Don’t complain about that – sometimes hackers contact companies like Google pretending to be you in the hopes of having your password reset and hijacking your account.

Google recommends having one Bluetooth key as your primary and one USB key as a backup, but if you prefer the program allows you to set up both as Bluetooth keys and for mobile devices too. If you have an iPhone or iPad, downloading the Google Smart Lock app to turn your phone or tablet into a security key is probably the best choice. Android users don’t need to use a separate app to activate their built-in security key, and only to register it.

 

 

Passwords Passé? Industry Effort to Replace Them Now Has Apple Onboard

Unless you’ve got an absolutely stellar long-term memory you’re likely one of the millions of people around the world who rely on some type of password reminder or organizer app to be able to remember passwords from time to time. It’s natural that the ones you use regularly are fairly committed to memory, but we all have ones that don’t need to be entered very often. These are the ones where we may well be drawing a blank when it comes time to use them, and where a password reminder app comes in especially handy.

But then there’s the ongoing fact that even the most unique password isn’t going to be 100% failsafe, and being ‘hacked’ does happen to a lot of people. Add to that the fact in today’s increasingly digital world we have more and more passwords to keep track of than ever before and for some people passwords are going to be both untrusted and inconvenient. Here at 4GoodHosting, we can certainly relate as being the leading Canadian web hosting provider AND digital world enthusiasts that we are we can certainly relate to having the sheer volume of passwords adding up big time and being tough to keep track of all of them.

However, it seems that passwords actually might be becoming a thing of the past, and web security experts are venturing their opinions that there may be a more effective – and less demanding – way to ensure that accesses to certain spots aren’t available to just anyone online.

This is what we’re going to discuss in our entry for today – are character and numeric passwords soon to become obsolete, and is there something better and more user-friendly while still equally effective in the works? It seems that there is.

Who’s the ‘FIDO Alliance’

Say the word Fido and most people will immediately think of a less-expensive cell phone provider option, but when it comes to web security development the FIDO Alliance is an acronym for Fast Identity Online Alliance. They’re an authentication standards group dedicated to replacing passwords with a different, faster, and more secure method for folks who want to log into online services reliably and safely without any fuss or need to keep notes on sometimes hundreds of different entries.

What’s noteworthy in all of this is the fact that super-entity Apple has now gotten onboard with the FIDO Alliance and is adding their big-time resources to the quest to make no-password-required secure access a reality sometime in the not-too-distant future. They’re joining a group that already includes Amazon, Facebook, Google, Intel, Microsoft, RSA, Samsung, Qualcomm and VMware. Financial service firms are already in the mix too, like American Express, ING, Mastercard, PayPal, Visa and Wells Fargo.

Rise of the Cloud a Big Factor

In an increasingly cloud-based digital world, FIDO is a key initiative to authentication and one where companies have seen the promise in it quite quickly. If there is going to be a password-less world, what is going to take their place? Good question, and the FIDO Alliance has the answer for you. Since 2012, they’ve been pushing the idea of two-factor authentication for services and apps because passwords and pass codes are always going to be insecure to at least some degree.

To highlight that fact, they rolled out this stat – 81% of all security breaches from hackers can be traced to stolen or poor passwords, and this is something that’s agreed upon by a number of different industry interest groups. (the exact number itself is courtesy of Verizon in the US, that needs to be said). Choosing to rely on username/email address and password – or not having any other choice – means you are rolling the dice as far as password re-usage from other breaches or being exposed to malware as a result of gaining secure access by this means.

WebAuthn at Its Best

Web Authentication API (better known as WebAuthn) has been taking root in this part of the digital world for some time now, and with great success. The WebAuthn specification is already supported – to different degrees – by Chrome, Firefox and Edge browsers and it’s safe to assume new ones coming in the future will be supporting it too. Those browsers also support cloud credential creation using a U2F Token, which can use Bluetooth, NFC or USB to provide two-factor authentication to online services and apps.

It was just two years ago that Apple added experimental support for the WebAuthn protocol on Safari. And at the end of 2019 they added native support for FIDO-compliant security keys. This meant that the security authentication was now able to function with much of the same wide-reaching device connectivity that made Bluetooth the smash hit it was when it arrived on the scene.

It means greater numbers of devices with features and functions can be used to provide authentication. As examples, mobile devices or laptops may use fingerprint readers or facial recognition technology to enable log-in. The key in making this work was determining and implementing a common language that could be leveraged for authentication. Fail to do so and proprietary drivers and software would be required.

FIDO, like Bluetooth, allows application developers and security leaders to enable strong authentication that can encompass a wide range of authentication methods, while making it available for devices with minimal code and no need for proprietary driver of any sort.

It has the potential to mean that digital services from banks, ecommerce sites and others can actually recognize users through their devices, and not having to rely on those users entering correct usernames and passwords.

How it Works

FIDO’s specification enables anyone using it to gain access to an app or online service with a private and public key pair. After the user has registered with an online service, the authenticator device (a server) creates a private/public key pair that is unique to that user. This private key is stored on the user’s device, while the public key is then attached to that device’s identity through whichever online service or app is being utilized.

Authentication occurs when the client server sends an electronic challenge to the user’s device. The client’s private keys will only be admissible after they are unlocked locally on the device by the user. That local unlock is made possible by a secure action such as a biometric reader (fingerprint scan or facial recognition being common and already-seen examples), entering a PIN, speaking into a microphone, or inserting a second–factor device.

 

FIDO and U2F

U2F is an open-authentication standard that sets internet users up to securely access web-based resources instantly with one security key instantly and no need for drivers or client software. FIDO2 is the latest generation of the U2F protocol.

As you might expect, the other mega-giant, Google, is involved as well. Last April they joined the Alliance and many of you will know that Google has already added two-factor authentication specification for Android 7 devices and up.

The industry consensus is that FIDO authentication protocol is more than sufficiently secure and allows a lot of flexibility because of wide-ranging industry support. For Mac users, there is a smart card on the way from a company called Jamf that will allow users to sign into Mac devices from the cloud using elliptic-curve cryptography pairing keys in much the same way.

All of which promises to be good news for those of you who would never be able to commit all your passwords to memory, but aren’t particularly keen about sifting through them in a password app and then copy / pasting them into the field. In fact, we should look to this trend as one that really should take off in a big way over the course of the next couple of years.

Chrome 80: Everything You Need to Know

Shouldn’t come as much of a surprise that Google Chrome continues to be the world’s most preferred web browser, and there doesn’t seem to be much of a risk of it relinquishing that title anytime soon. Sure, there’s going to be plenty of iPhone users that will be perfectly fine with Safari when web browsing with their mobile devices, but even most of them will probably spend more than a little time using Chrome on their notebook or desktop. One thing’s for sure, both of them (along with Firefox) have definitely left the now-obsolete Internet Explorer in the dust.

 

Which is the way it should be, but it’s still true that even Google’s super-popular web browser hasn’t avoided having a few glitches as it’s been progressively rolled out. Here at 4GoodHosting, we imagine we’re just the same as any good Canadian web hosting provider in that we understand that a person’s web browser of-choice is going to be very relevant in regards to how well they experience the websites and other dynamic multimedia content that’s offered by those of people like the very same clients we have. It’s for that reason we’ve decided that a brief overview of the extensive Chrome 80 version update is a worthwhile topic of discussion for this week’s blog.

 

So let’s get to it.

 

Ambitious and Extensive Offering

 

Chrome 😯 arrived a week and some back, and it’s been promoted most notably as promising to put the clamps on cookies while patching 56 vulnerabilities at the same time. Making this happen has reportedly cost Google about 48k to address the vulnerabilities to ‘bugs’, with 10 specific ones being prioritized as ‘high risk’. Half of those 10 were submitted by engineers of Google’s own Project Zero team.

 

Chrome updates in the background, so by relaunching their browser most users can complete the upgrade. If a manual update is needed, then select ‘About Google Chrome’ from the Help menu under the vertical ellipsis at the upper right. You’ll then see a tab showing that the browser has been updated or displays the download process before making a “relaunch” button available.

 

Limiting Function of ‘Cookies’

 

This is a huge part of what makes the Chrome 80 update such a big deal, and especially for anyone who feels a little put off about how their computer seems to ‘know so much about them.’

 

Google had already promised it would find a way to restrict cookies. For those of you who may not know what a ‘Cookie’ is, they are small bits of code websites rely on to identify individual users. This is done using the SameSite standard. SameSite was designed to give web developers a way to control which cookies can be sent by a browser – under certain conditions.

 

The Chrome 80 update will mean that Google will begin enforcing SameSite, and Cookies distributed from a third-party source – ones not initiated by the site the user is currently visiting – must be correctly set and will now only be accessible over secure connections. It’s also reported that enforcement of the new cookie classification system in Chrome 80 will commence later in February, and we should remember that Google generally prefers to roll out new features and other changes in stages, to verify things are working as expected before making them available to their enormous pool of users. The company has stated this week of Feb. 17 is going to be the switch-on-SameSite salvo, so we may get news of that today or tomorrow in confirmation.

 

Another aspect of Chrome 80 is that cookies without a SameSite definition will be considered as first-party only by default; third-party cookies – ones from an external ad distributor tracking users as they wander the web – won’t be sendable.

 

It’s believed that the idea behind this is an aggressive push by Google to motivate site makers and other cookie distributors to get behind the SameSite standard, and that this is important and advisable based on Google Chrome being the industry leader for web browsers. We’ll keep in mind that SameSite is not Google’s answer to the increasing anti-tracking positions being offered by rivals like Mozilla and Microsoft. However, Google is quick to tout SameSite’s better, security prowess, and especially for preventing cross-site request forgery (CSRF) attacks,

 

A Cease to Notification Nagging

 

Chrome 80 is implementing the quieter notifications that Google promised last month too. Instead of letting sites place pop-ups on the page requesting permission to send notifications, following the Chrome 80 update you’ll instead see an alarm bell icon with a strike-through near the right edge of the address bar. We’re one of the many who’ve found notification pop ups to be very annoying, so this is very likely going to be extremely well received.

 

Users will be able to manually engage the new notification UI using an option in Settings > Advanced > Privacy and security > Site Settings > Notifications. Toggle the “Use quieter messaging (blocks notification prompts from interrupting you)” switch and you’ll immediately have activated the pop-up blocker.

 

Google has said it would also automatically enable the quieter UI for some, and a new feature where users who repeatedly deny notification requests will be auto-enrolled in it. Google will automatically silence some sites too, and ones that fish extremely hard for notification enrolments are going to be targeted.

 

Tab groups are also expected to debut in Chrome 80, but as of this writing it seems that feature has yet to be entirely rolled out yet. For those of you who’ll be eager to see it this is where you’ll be able to confirm:

 

  • The option to turn it on is behind chrome://flags: Search for Tab Groups, change the setting at the right to Enabled, and relaunch the browser

 

Google is claiming that the feature should begin rolling out to users with Chrome 80, but it may not be in final form until March’s Chrome 81 which is scheduled to arrive on March 17, 20202. When it does, users should be able to right-click tabs and choose new menu items to create groups, assign tabs to them or remove tabs from those groups.

 

On least thing to note for the Chrome 80 update is that it will allow for effective blocking of employees trying to install external add-ons. Administrators can call on the BlockExternalExtensions policy to stop the practice.

Security Risks Increasing Considerably When Moving Sensitive Data to Enterprise Cloud

Stick your head around pretty much any corner and there’s bound to be something about the ever wider reaches of cloud computing and what it promises to entail for the future in the digital world. The ability to utilize non-physical storage and then share data with requiring access to this storage has really been a game changer. Now with good usually comes at least a little not-so-good, and – surprise, surprise – cloud computing is no exception. However, if there was a ‘do over’ button would anyone press it and go back to the times of exclusively physical location storage and access?

Not a chance.

Cloud computing is going to be one of the centerpieces of modern computing technology for the foreseeable future, so we are going to need to accept and overcome a few bumps in the road along the say. Increased security risks are at everyone’s forefront in the digital realm these days, and here at 4GoodHosting we’re like any reputable Canadian web hosting provider in that we’re making enterprise-level security measures standard with most of our web hosting packages.

And while we’re huge fans of cloud computing, our expertise is in web hosting and we don’t claim to know much if anything about security risks related to cloud computing. However, research is something we ARE very proficient with and as such we’re always happy to dig into topics that our customers are likely to find relevant to what they do on a day-to-day business on the World Wide Web.

Cloud with Caution

And so here we are in a brand new decade and there’s going to be no one surprised with the fact that enterprises continue to feed their clouds with increasingly sensitive information. However, it would seem doing is increasingly risky and decision makers are being urged to move forward with caution. A recent study logged from anonymous data from 30 million enterprise cloud users found that roughly 26 percent of files analysed in the cloud now contain sensitive data, and the trend has been for this to increase some 23% year over year.

This becomes potentially problematic when you consider that 91% of cloud services do not encrypt data upon entering cloud storage. That means of every 10 or so entries, more than 9 aren’t guarded well – if guarded at all – sitting in the cloud.

Now, to be fair, data loss protection (DLP) software does exist and a lot of it is quite good and reasonably effective. However, it’s also estimated that only 37% of cloud service providers say they are utilising DLP. Add next that nearly 80% of them also access to enterprise-approved cloud services from personal devices, and – perhaps more alarmingly – a quarter of companies report having sensitive data downloaded from the cloud to an unmanaged personal device.

Spotty Security and Risk Management

It’s not that the current infrastructures in place are bad, and more that they’re insufficient and spotty with how and where they’ve been rolled out. Gaps in data visibility and shielding continue to mean that certain networks look very inviting to breach attempts and non-compliance.

A recent survey found that 93% of cloud storage providers agree that the responsibility to secure data in the clouds is theirs. However, many of these same respondents say there is an emerging trend in the industry where there are simply not enough individuals with the skills required to put the right infrastructure in place and maintain it. SaaS (software as a service) is new, but it’s not that new and to some degree it’s hard to believe this assertion.

It IS fair to say, however, that technology and training continues to be outpaced by cloud’s aggressive enterprise growth. The expression ‘growing pains’ may be very appropriate here.

Smart Reactionary / Precautionary Measures

So what are the recommendations for anyone with above-average concerns about sensitive data of theirs being stored in the cloud?

Here are 3 things you can – and should – do to increase security of cloud-stored data:

  1. Evaluate your data protection strategy for devices and the cloud

Consider the difference between a disparate set of technologies at each control point, along with the advantages of merging them into a single set of policies, workflows, and results

  1. Investigate the breadth and risk of shadow IT

Determine your scope of cloud use, and put a primary focus on high-risk services; then move to enabling your approved services and restricting access to any that have the potential of putting data at risk

  1. Plan for the future with unified security for your data

Context about devices improves cloud data security, and context about the risk of cloud services improves access policy through the web. Many more efficiencies will exist, while some are yet to be discovered. The smart merging of all these control points will be what will deliver the future of data security when it comes to utilizing all the advantages of cloud storage and access.

In conclusion, a last consideration that you can have is to look a little longer at what sensitive files will be fine in physical storage and better there with all the inherent security that comes with that. Never look at cloud storage as something to be used just because it’s there. If you don’t see a particular set of files as needing the ease accessibility the cloud provides, and they don’t ask much for much space, then perhaps they’re just fine staying stored where they are.

 

New Windows 10 Patch More of a Problem Creator than Problem Solver

It’s not often we choose to use relevant recent software news as the subject for our weekly blog post, and the reason for that is not only because there’s usually plenty more noteworthy news out there, but also because often times these software shortcomings don’t affect a large swath of people. However, any time it’s about anything related to a Windows OS issue then the sheer number of people that rely on that particular operating system make it so that it’s worthy of mention. We’re certain that the software engineers that put out these patches are qualified and have best intentions, but we all get it wrong sometimes.

Here at 4GoodHosting, we’re just the same as any quality Canadian web hosting provider in that we’ll see the value in putting certain news on the billboard – if you will – so long as it will be welcome information for a good many of our customers. Now we’re fairly sure that there’s more than a few of you sitting with a Windows OS device in front of you, so that’s we’ve decided to make the shortcomings of the new Windows patch our topic of discussion this week.

Admittedly it’s not the most engrossing stuff. But if it leads even a few of you to avoid major headaches by skipping this patch and ‘leaving well enough alone’, as the expression goes, then we will have done something for the collective good.

Alright, let’s get to it.

A Not-So-Good Fix for Search Function Bugs?

Windows 10 recently issued forth an update which was promoting itself as being the cure for the long-standing bugs in the search function that have been a real thorn in the side for Microsoft Windows OS users. To get right to the meat of this, what seems to have happened is that in their efforts to find a working fix for the search bugs (which was accomplished), what this patch has actually done has tampered with other parts of the OS and as such introduced a whole manner of new issues.

Hate to be overly critical, but sometimes you just have to call it as it is – this is really quite the mess for Windows 10 users who were simply looking to get past the Search hang up. If you haven’t downloaded the newest Windows 10 patch yet, you might want to avoid doing that altogether.

And here’s that worse case scenario we were talking about – more than a few people have reported installing update KB4532695 – and then receiving a ‘blue screen of death’ for their troubles, meaning their PC is totally locked up and probably needing a trip to see a computer repairman unless you’re something of a computer repair tech yourself.

The bad continues; if a thread on Microsoft’s Answers.com help forum is to be believed, the patch is isn’t done there when it comes to undesirable outcomes; a reported boot failure, disabling audio and the sound card on the PC, rendering Bluetooth useless, or making connection to the Internet and impossibility – even after reboots.

And if you are still booting fine, they may be sluggish and annoyingly slow. Some people described being stuck at the splash screen for a good 5 minutes at least, and only deinstalling the update fixed this for them.

Glitches Too

KB4532695 is something of a failure for other reasons too; while it’s true not everyone is going to experience ALL of this, it’s still expected to be a huge nuisance for a number of people to the extent that the onus is definitely on Microsoft to fix this, and fix it without too much delay.

Fortunately, deinstalling the update IS possible, and it may well be your best choice to do this, put up with poor search functionality for the time being, and wait until a better and more wholesome patch is issued from Seattle.

Search Fix, Any Fix?

We’ve established that this patch does little to solve the sear problems with File Explorer, despite this being the reason for its creation. We will give credit where its due and say the KB4532695 patch DOES resolve issues with right-clicking, and the search bar being unresponsive. However, there are still bugs affecting the bar even after installing this patch. So that’s a negative too

Users have reported having to left-click twice to get the cursor to appear in the place where they’re clicking inside the search bar. Apparently you need to left-click first before a right-click on the search bar has any function.

Obviously not intentional and I’m sure certain individuals have been told to get back to the drawing board without delay – but one things for sure, this new Microsoft search bar issue patch is something of a dud. Not recommended, especially if you can make do until a PROPER and FUNCTIONAL successive patch arrives.

 

A Reminder About the Relationship Between VPNs and SEO

It’s likely fair to say that Virtual Private Networks have been enthusiastically promoted by web hosting providers in Canada enough for the foreseeable future, at least from a consumer’s perspective. But it’s also fair to say that if the interests that lead you to have an online presence have SEO and search engine page rankings among them then the benefits of a virtual private network can’t be overstated. We may have touched on this before, but in a new decade where the digital sphere is scheduled to become even more prevalent in the business world it needs to be said again.

So that’s what we’ll talk about here today. Part of being a leading Canadian web hosting provider here at 4GoodHosting is being attuned to what’s important to people who trust us to ensure their website is up and open 24/7 and 365. We don’t need to take a survey to know that for the vast majority who have business interests with their website, ranking well in SERPs is going to be well up there. That people aren’t inclined to sift past the end of the first page – if they even get that far – isn’t likely ever going to change. And so the importance of 1st page search rankings isn’t going to change either.

So let’s take a short but thorough look at it for anyone who’s open to the idea of anything that can improve my website’s SEO and search engine rankings.

Brief VPN Introduction

Virtual private network services, or VPNs, are different from shared networks in that the user is able to create a new path for their online activities to connect to the Internet. Rather than directly connecting to the web, a virtual private network directs the traffic via one of its own servers in advance of sending it on to the resource. Data is also encrypted in this process, and that’s also a big part of the appeal of VPNs, but we’ll leave that for anther discussion.

We will say that when end-users connects to the Internet in this way, there’s a lot of security benefits; Their identity, IP address and what they’re accessing online is all kept entirely private and masked from view. This functionality has plenty of practicality for people working in SEO, but what that is may not be immediately clear.

Local SEO Results

Anyone working on SEO projects for global clients will be aware that achieving good organic results and paid ads on search engines can be quite challenging. The difference with a VPN is that since it allows people to choose their country of connection, they are then able to search via the VPN to get a clear view of how competitive it is to rank for certain keywords. Being able to easily switch between countries makes it a lot easier to handle multiple clients, especially when those clients are a geographically diverse bunch.

Better Visibility with Domestic Searches

Unless you’re extremely SEO savvy, you likely won’t know that the search results that Google shows a person is based strongly on their search history and location, plus other markers that the search engine uses to identify an individual. As a result, simply checking on rankings to see whether they made progress with their clients’ sites isn’t a very accurate representation of the strength of a site’s SEO. They will be a viewing a skewed representation that may not reflect how frequently or withing what phrasings people are searching for these keywords. However, when a user’s identity is masked, the VPN service takes out the identity-based adjustments that Google makes and allows the webmaster (or anyone else) a much more accurate representation.

They can then report this information to their client and give them a more smartly designed plan to improve their search engine rankings. By being able to see the competition and exactly how far they have to go, they can create a plan that best addresses the reality of their search engine ranking deficiencies.

Protection of Sensitive SEO Data

Effective SEO strategies and targeted keywords will be something you will want to keep to yourself, not only for a competitive advantage but also because this can be sensitive information. You won’t want the competition or another unauthorized entity to get their hands on it. Malware exists in many forms and hackers are quite sophisticated in their strategic approches these days, so anything extra an SEO pro can do to protect this information when it’s moving from their computer to the client is going to be helpful.

A VPN offers this to the user, with strong encryption built into the system that makes it fairly unlikely that a hacker would be unable to access useable information, even if they mange to intercept the transmission.

It’s also true that some VPN services have infrastructure in place to block ads and protect the user against malware and phishing attempts automatically. That’s always going to be a big plus, no matter what you’re doing and how vigorously you’re working to improve your SEO.

Stay Safer on Public Wi-Fi

SEO experts do enjoy the freedom to be a digital nomad as one of the perks that come with the nature of their work. Working remotely in different locations is almost always going to involve public Wi-Fi internet connections now and then. They’re great, but they put data and systems at risk. The potential risks of public Wi-Fi networks are nothing new, but some people have more to lose than others

The good news with a virtual private network in this regard is that A VPN encrypts all of the traffic going from the person’s computer through the VPN server. Plus, not needing to tether to mobile data-reliant device in order to get the same level of safety is advantageous for obvious reasons too.

Advanced Understanding of Google Ads

The benefits of a VPN don’t end there. It’s also a better choice for anyone who makes regular use of Google Ads in the promotion of their business. When you use a VPN for paid ad placement it allows you to see whether it’s showing up in the position you’re expecting it to. You can see the geographic disparity as they move around servers. Information learnt from this process can prompt you to make smart strategic changes to your SEO strategy and other improvements.

No Geo-Restrictions

Some countries have geo-restricted content, and for some people that impedes their efforts to do their job. A VPN gets around these limitations since that traffic will look like it’s coming from a different country. Firewalls aren’t much of a wall at all when you’re working from a VPN.

 

Choosing the Right VPN

A good place to start is by looking for ones that have a variety of supported countries. Another important consideration is the type of encryption that the service uses. Look for VPNs that have military-grade or bank-grade levels of encryption. If someone has the means of getting through this type of security, they’re probably the type who would be getting through no matter what you had in place to lock them out.

Most quality VPNs will also have a kill switch that stops all Internet usage if the VPN connection goes down. Price is also a consideration, but those who opt for a free VPN will almost certainly find it’s bare boned nature isn’t to their liking. Typical restrictions for free services include a small number of supported devices and connections, and a data cap. Premium services don’t have these types of limits or eliminate them entirely to make life easier for their users.

 

“Fleeceware” – What is It, and What’s the Risk?

It’s likely accurate to say that most people put a lot more priority on security measures for their desktops or notebooks than they do for their phones. While it is true that most mobile operating systems will have anti-virus features to some extent, it’s becoming increasingly clear that nowadays that’s not going to be sufficient much of the time.

Incidences of phones become infected with malware are increasingly common, and there’s going to be very few people who aren’t familiar with that term.

However, one newer variety of ‘ware’ that isn’t going to be as universally well known as malware is going to the subject our post here today. Here at 4GoodHosting, we may a quality Canadian web hosting provider but our higher level of web-savviness doesn’t make us any less at risk of these bugs messing with our mobile devices than the rest of the average citizenry is. The difference is we’re in a position to always be made aware of new threats that come along, whereas most of your likely aren’t.

That’s why we always make a point to share these types of information. Who wouldn’t be especially displeased to find out their phone has been compromised, so here it is – a discussion about the newest type of malware to arrive onto the scene – what exactly is ‘fleeceware’, and what can we do about it?

Perils of Free Trial Periods

Before we discuss this new type of malware, iPhone users can breathe easier and then see themselves out. Fleeceware is making victims out of Android users exclusively, at least for now, and it’s de facto delivery method is actually through the Google Play Store. Obviously this is one of the most visited digital storefronts in the world, if a recent research survey is to be believed then these Fleeceware apps have been unwittingly downloaded and installed by over 600 million Android users after making purchases through Google Play.

Now for those of you who don’t have the most expansive vocabulary, fleece – when used as a verb – is ‘to strip of money or property by fraud or extortion’ (credit to the good folks behind Merriam-Webster’ excellent online dictionary). So that gives you an idea of what’s going on here with this.

It was last September when this term was coined, after it was discovered a new type of financial fraud taking place on the Google Play Store. The term itself refers to apps that abuse the ability to offer trial periods to users before their accounts are charged. But of particular caution here is when a person signs up for an Android app’s ‘trial period’. If this is something you’re considering, be forewarned that you really need to proceed with caution.

How it Happens

Here’s how this plays out, both nefariously and all too discreetly; When a user signs up for an Android app trial period, they must manually cancel the trial to avoid being charged. Most users choose instead to uninstall apps they don’t like, and most app developers take this as an indication they wish to cancel the trial period without being charged.

It was only recently that it was discovered that some app developers made no such cancellations to an Android app’s trial period after it was uninstalled. Rather, they kept charging them in spite of the fact that they were no longer using the app.

They were ‘fleecing’ these former free trial-period users, and doing so in a way that didn’t allow these individuals any way of knowing they were still ‘on the hook’ for the app even though they’d deleted it from their devices before the free trial period ended.

More Than a Few Fleeceware Apps

Industry watchdogs discovered 24 Android apps that were charging high fees, ones that were between $100 and $240 on average per year, for simple apps such as QR readers and calculators. And again, after their trial periods hand ended and independent of whether or not the person had deleted the app from their phone

Plus, it’s also been revealed that another set of Android fleeceware apps have been unwittingly downloaded by people through the Google Play Store with no reason for them to be suspicious. The good news is that many of these dark-sided apps have telltale signs that indicate a possible fleeceware app.

  • Unprofessional design and ‘cheap’ appearance and / or UI (user interface)
  • Abnormal number of 4 or 5-star reviews that do not have any commentary attached to them, or very little and vague wording (aka ‘sockpuppet reviews’)

The industry consensus seems to be that while fleeceware apps are being scrutinized and put in the public spotlight more, there’s still less focus on them as compared to ‘debilitating’ types of malware that affect the function of the device more directly. It’s a problem that Google will have to deal with for their Play Store, and it would be nice to seem them move more quickly in response to this.

What can you do to protect yourself? For starters, and quite basically, you should think twice about signing up for any trial period, and especially for any app that meets the criteria listed above for possible fleeceware ones. Next, be sure to actually cancel any trial periods rather than opting to simply delete the app.

More and more folks are choosing an anti-malware software for use with their mobile devices, and it’s really a smart call these days. Here’s hoping all of you who frequent the Google Play Store are more informed when it comes to shopping safely these days.