Role of Hypervisors in Virtual Private Servers

Reading Time: 3 minutes

Role of Hypervisors in Virtual Private Servers

All of us breathe most optimally through our noses, and our elbows, knees, or any other joint in the body will have nothing to do with oxygen intake and delivery. But when people talk about elbow space it can have a very direct and figurative connection to another term – breathing room. Any time you say something needs more elbow room or breathing space it means that the current accommodating environment is too small. More space is needed for the area around you or whatever else it may be. There’s a very valid analogy that can be connected between these expressions and web hosting through a virtual private server.

The primary and nearly exclusive reason that someone will move their site from a shared hosting arrangement to a VPS one is because there website needs more breathing room, elbow space, or whatever you want to call it. Sites that are larger and / or have more dynamic multimedia content will often eventually need to have VPS hosting. Another common scenario is that a site becomes more popular and has more inbound traffic and there’s not enough to accommodate that with shared hosting.

Like any good Canadian web hosting provider we’re keen to make prospective customers aware of what type of web hosting will fit them best, along with explaining what makes one or the other work as well as it does. That’s what we’ll do here with this week’s entry in talking about how hypervisors are an important of what gives VPS hosting the power and potential it does for people who need a more capable environment for their business website.

Role of Hypervisors in Virtual Private Servers

Role of Hypervisors in Virtual Private Servers

Smart Splits

Understanding what a hypervisor is first requires an understanding what a virtual private server is, and how they work. We have gone over this at length before so we’ll just go over it briefly here. A VPS server is one server that’s split up into many different servers. Try thinking of it as an office building. While there is only one building, it’s separated into different units and there are different businesses or professional service providers renting just one unit for their own use. Having other units right next to you in the same building doesn’t take away from any one of their abilities to operate their business.

This is sort of how a virtual private server works, and what a hypervisor does is allow for truer and more ideal virtualization so that each site is able to function as their webmaster intends with fewer compromises in performance or any other attribute. They are able to install their own operating system, and use their own drivers and software on their own VPS. Quality hypervisors make it so that nothing on a virtual private server will be relying on any underlying software.

Only virtual private servers that use hypervisor visualization will come with this type of technology, and it is most optimally rolled out as part of ones with OS-level virtualization. There is an important difference there, and that’s where we’ll move to next. Full OS-level virtualization means there is an operating system (OS), a kernel, hardware, drivers, and more that will be used by every virtual server located there out of functional necessity.

Better Customization

A VPS without a hypervisor will still be an option for sites that need that space, but you’ll have plenty of constraints when it comes to customization. You’ll still have access to as much bandwidth and storage space as you want, and you can reboot your own virtual server without having any effect on the other websites being run off the physical server. Where you will be lacking is with the ability to customize – you won’t be able to fully customize it as you would be able to with a virtual private server that works with a hypervisor.

A hypervisor-based VPS is also superior for in-site optimization and even the ability to upgrade without leaving your current web hosting package. Otherwise if you need a great deal more resources than what you currently have, or if you’re changing your package completely, you may need to be moved to a different server. Those who need true virtualization and are choosing VPS hosting are advised to make sure that they’re choosing Hypervisor-based VPS and not OS-level virtualization.

As always we are happy to discuss this in further detail with you if you are considering upgrading from shared hosting or starting with VPS hosting to begin with.

New Google Chrome IP Protection Feature Set to Offer Timely Value

Reading Time: 3 minutes
New Google Chrome IP Protection Feature Set to Offer Timely Value

New Google Chrome IP Protection Feature Set to Offer Timely Value

Most people don’t give much thought to what’s going on beyond their view when they’re utilizing the Internet for whatever reason, and in an ideal world there wouldn’t be any reason for them to think about risks connected to that very normal and commonplace activity. And these days most of us are online with our mobile devices just as often as we’re doing so seated at a notebook or desktop. In much the same way your home or building has an address on the front of it, so does your spot along the information superhighway.

That’s a very simplistic way of defining what an IP address is, but it works well enough in context here as it indicated where you’re accessing the internet from, and it provides a fairly accurate ‘location’ as part of the basic workings of how the Internet functions. IP addresses allow for consistent user profiles and are needed for critical web functionalities like routing traffic, fraud prevention, and other vital network tasks.

Nine times out of 10 it is not going to matter if your IP address is ‘exposed’, meaning that there’s an identifiable spot on the Web where you’re accessing it from. But every once in a while there are real risks with having it on display like that, and so now a new feature with the world’s most popular web browser is aiming to remove that risk factor.

As you’ll find is the case with most reputable Canadian web hosting providers, we like to point out these types of developments when they have the potential to be very valuable for people. This is definitely the case here, and especially considering that you and most others who’ll be reading this are very likely doing so on a Chrome browser. So with this week’s entry here we will talk about how the newest Chrome update comes with an excellent new feature that can ‘hide’ your IP address from view.

New Google Chrome IP Protection Feature Set to Offer Timely Value

New Google Chrome IP Protection Feature Set to Offer Timely Value

Made Anonymous

Have your IP address exposed and you’re at risk of cyberattacks of all sorts, location tracking, hacking, Cyberattacks, information intercepts, network system breaches, data transmission spying, and monitoring of your browsing activity for no-good purposes. There’s more in the way of potential bad outcomes too, and the risks of all of them are more pronounced today than ever before.

Google’s new IP Protection solution is a potential fix that redirects 3rd-party traffic from specific domains through proxies, making users’ IP addresses invisible to those domains. It’s expected that IP Protecting will evolve alongside the ecosystem, and continue to adapt for optimum safeguarding of users from cross-site tracking and adding additional domains to the proxied traffic. IP address will be anonymized for qualifying traffic.

To start with this will be an opt-in feature, but it’s expected that most users will readily activate it when made aware, and their reasoning being that most people will want to have better control over their privacy and letting Google monitor behavior trends. It’s expected that there will be regional considerations that need to be taken into account to start, but that eventually there some degree of uniformity in application will be realized.

Exploratory Roll Out

Initially only the domains listed will be affected in 3rd-party contexts, with the primary focus being on those believed to be tracking users. Apparently this going to be known as ‘Phase 0’ and during it Google will be proxying requests only to its own domains and via a proprietary proxy. The understanding is that this approach will help Google test the system’s infrastructure and better define domain lists.

To start with users logged into Google Chrome and with US-based IPs will be the only ones who can access these proxies, but what goes down South usually goes up North here before long. As a safety feature that may only be temporary, a Google-operated authentication server will distribute access tokens to the proxy and each user will have a quota set for them.

Google also plans to adopt a 2-hop proxy system to increase privacy further, with a 2nd proxy run by an external CDN. The advantage of this will be that neither proxy can see both the client IP address and the destination support chaining of proxies. Google plans on assigning IP addresses to proxy connections that represent a more approximate location of a user rather than their specific location, due to the fact that many online services utilize GeoIP to determine a user’s location for offering services.

Soon-to-Arrive HBM4 Memory for Superior Bandwidth Increases

Reading Time: 3 minutes

Soon-to-Arrive HBM4 Memory for Superior Bandwidth Increases

This is the time of year when people start thinking they just can’t get enough sunshine, but it’s natural to feel that way when the days get shorter and the weather tends to be darker and drearier. But nonetheless it’s an incredible free resource that contributes to our overall well-being in so many ways, and there’s people with seasonal affective disorder who actually become sick due to a lack of rays.

Now it may seem strange that we’d be talking about sunshine in a discussion of memory, bandwidth and anything tied into the way we are collectively utilizing digital technologies. But here’s the connection; we may be able to get by with shorter and darker days because we know eventually spring will come around again. But when it comes to bandwidth and the lack of it slowing down our movements online there’s no reprieve coming and there’s also a lot of the concept of induced demand too.

So building more and wider free ways to accommodate traffic never works, but with bandwidth there are real tangible benefits to expanding, improving, and optimizing memory capacities. What’s new isn’t new for very long here, but these advances are the kinds of stuff that will appeal to any good Canadian web hosting provider and that’s true for us here at 4GoodHosting too. For that reason the coming advent of HBM4 memory is definitely a blog-worthy topic, and so that’s where we’re going for this week.

Businessman pressing virtual button in quantum computing concept

Fast Data Transfer Rates

High-bandwidth memory (HBM) is much more considerable today than it was 10 years ago even, and the way it has supercharged data transfer rates is something we’ve all benefited from. Much more in the way of features has come along with it too, and it seems that the best is yet to come with HBM memory and courtesy of the super digitally-savvy developers at Samsung.

The new HBM4 memory is expected to become available to consumers through standard product fare by next year (2024) and will feature a 2048-bit interface per stack that is 2x as wide as HBM3’s 1024-bit. This superior new memory is going to feature technologies optimized for high thermal properties in development, such as non-conductive film assembly and hybrid copper bonding.

This increase in interface width from 1024-bit per stack to 2048-bit per stack will likely constitute the biggest change in HBM memory technology ever seen. 1024-bit interfaces have been the norm for HBM stacks since 2015, and so over the course of 8 years many people have become accustomed to limitations created by them. This coming doubling up of capacity is going to be a treat for many of them as they make themselves newly accustomed to it.

Per-stack capacities of between 32GB and 64GB and peak bandwidth of 2 TB/s per stack or higher are going to facilitate major differences in operability right across the board. Let’s make it clear though that to build a 64GB stack you will need a 16-Hi stack with 32GB memory devices. To date nothing even close to that has been developed though, so it looks like such dense stacks will only hit the market alongside the introduction of HBM4.

Some TBD

All this rosy outlook may need to be tempered somewhat as we still don’t know whether memory makers will be able to take those ~9 GT/s data transfer rates supported by HBM3E stacks for HBM4 stacks with a 2048-bit interface and make them stick. But the belief is that with some trial and error over the next 6 months to a year they will and the increase in bus width will double peak bandwidth from 1.15 TB/s per stack to 2.30 TB/s per stack.

That’s power, space and flexibility in one tidy package, but we also need to be looking at how widening of a per-stack memory interface will affect the number of stacks processors and interposers can handle. We need to take today’s massive processors into account with relation to the implementation of new and superior memory technologies.

Nvidia’s H100 is a good example, and its support of six 1024-bit wide HBM3/HBM3E doesn’t go so well when its operating with a massive 6144-bit wide interface. However, if the interface of a single KGSD increases to 2048 bits then the question becomes do processor developers keep using the same number of HBM4 stacks, or do they need to find ways of reducing them will hopefully still maintaining high-performance standards.

All this said, HBM4 memory looks like it’s going to be a fantastic add, even though implementation of it still has a few building blocks that have yet to be put in place.

Future of Access Control Tech Dependent on Cloud-Based Solutions

Reading Time: 4 minutes

Profound developments in digital technology over the last 10+ years have made it so that there’s more than one means of doing something 9 times out of 10. As it relates to being able to access and utilize data that’s been hugely beneficial, but with greater means of whatever it may be comes greater risk of that accessibility being abused by those who don’t have legit intentions when it comes to how that data and / or resources are utilized.

It is not really physical access control that’s at issue here when it comes to security risks associated with all of this, and instead it’s much more related to logical access controls. The difference between the two is that logical access is primarily for access to a digital space of some sort, and so it makes sense that any and all cybersecurity risks that are inherently increased with digital access controls are going to bee seen in that logical access space. Examples can be passwords to access files on a shared server, or biometric credentials to access certain features on corporate networks.

As we all know there’s no going back when it comes to tech progress, and part of being a quality Canadian web hosting provider is seeing, understanding, and being responsive to changing realities that are occurring as technology makes resources accessible is a part of being accountable to those who trust us with their web hosting. Some people won’t have any need to take so much of an interest in it, but others will and we feel it’s helpful to be informative where we can be.

We’ve also seen how cloud computing has become so integral in every aspect of modern computing and with ecommerce very much tied into tit. What we’re seeing now is how access control tech is increasingly dependent on cloud-based solutions, and there’s plenty of good reasons for that It’s what we’ll look at with this blog entry.

Progressively Less Secure

Developing and implementing managed access control systems continues to be an aspect of physical security that is of paramount importance for most modern organizations. There are reports indicating the global access control and authentication market is growing at cumulative annual rate of 11.4% and should reach a total market size of $37.2 billion by 2032.

The relevance of this is based on the way physical access control systems continue to be utilized by organizations of all sizes, with estimates putting 41% of businesses operating physical access control technology believing their systems meet or exceed necessary functional requirements.

But these days several contributing factors are detracting from the efficacy of some installed physical access systems. There is an estimated 38% increase in global cyberattacks that pose significant threats to security systems, and many businesses may feel their systems need updating to incorporate more touchless access solutions in the wake of the pandemic.

In response to all this there have been continued developments in the field of cloud-based access control technology that aim to address the growth of more pressing security concerns. Integrated systems can now provide security teams with automated responses, predictive analysis features and remote-access functionality. But why is it that cloud-based solutions are so integral to the future of access control tech for modern businesses?

Flexibility & Authority

Cloud-based security management platforms enable admins to configure and adjust active systems much more quickly and from remote locations using any secure smart device. One of the biggest pluses is this lets teams to immediately respond to detected anomalies and revoke live permissions if necessary. They can also view live data feeds pertaining to connected devices to better understand unfolding incidents.

Organizations with a cloud-based access control solutions enjoy so much more in the way of flexibility and authority over the management of physical security responses and there are significant benefits to cloud-based access control. For starters they have the option of hosting the management of access control solutions within cloud servers, security and IT teams to extend the functionality of existing hardware, and extending it far beyond the limitations of a segregated system.

This means access control devices can be informed by data from additional systems to measurably improve the efficacy of incident responses, along with much more far-reaching customization. It will also prevent unauthorized access to private properties by limiting entry only to persons carrying verified credentials. This will be dependent on modern access control systems being designed to provide users with a convenient way to enter facilities though.

Cloud-based access control solutions are well equipped to mitigate these concerns, and they do it by enabling security and IT teams to view live access logs and adjust active hardware remotely. This means issues regarding suspected faults can be seen to without delay and admins can grant access to guests and visitors remotely. The biggest advantage to this is contractors and interviewees can be managed appropriately.

The last big advantage we’ll highlight here is how cloud-based security cameras equipped with AI data analytics software can be connected to access readers via a wider web-based management platform. When cameras are able to intelligently detect suspicious events and correctly identify them and their nature then access control locks can be automatically engaged and security teams can be notified remotely.

Cloud-based access control systems will also be set to receive significant data security and maintenance benefits when they are hosted on cloud servers. Identifiable user data is then made available to teams when needed and smart automatic backups will minimize the risk of data loss.

Protecting Inboxes from Domain Name Spoofing

Reading Time: 4 minutes

Not everyone has the same vocation, but some of us have ones where we’ve been referred to as ‘white collar’ types who are in an office 9 to 5 Monday to Friday. For us it’s normal to need to go through a long list of unopened emails every morning, and if you’re more of a blue collar than white type of person then you can be thankful you don’t need to do that. But that’s neither here nor there with what we’re going to discuss for our blog entry here this week.

Email may have had the soundest of beginnings, and the value it has had in allowing speedy yet detailed interpersonal communications has been invaluable. But these days nearly everything has the potential to be corrupted to some extent and by whatever means, and your inbox is the farthest thing from being immune to that. If you’re on of the office guys or gals we talked about to begin with, you may have already had to deal with domain name spoofing. What’s also like is that you’ve received a company-wide email warning you to be on the lookout for it.

99+% of customers for every good Canadian web hosting provider is going to have an inbox of their own, and many of them may be the same hotbed of activity and incoming emails in the same way it is for us. Domain name spoofing is one of the more pronounced risks where recipients can be fooled into greenlighting scams and other types of nefarious digital activity, so let’s use this entry to talk about what you can do to keep yourself safe from it.

What is Display Name Spoofing?

Mail display name spoofing involves cybercriminals impersonating others and manipulating the sender’s display name so that the email appears to come from a trusted source. In worst-case scenarios – and they unfortunately work out this way often – recipients then open the mail and possibly end up clicking on malicious links, or revealing sensitive information.

Getting into more specifics, this is the way it works and what you’ll probably quickly come to see is that display name spoofing isn’t difficult to do. The perps will first identify a target, and the best ones for them are organizations or individuals with a level of trustworthiness or a reputation that’s ripe for exploitation. From there an email message is crafted and they make every effort to make it seems genuine and containing a message that will see legitimate to the recipient.

There are even means by which they can use the same logos and formatting that you’d see in an email coming from that specific source, and the best ones do really well in imitating the same the type of language that would be used. Often times with even the same type of syntax structures.

But the most essential part of this construction is in the way the email address isn’t changed, while the sender’s display name is. And quite often the change is very small and subtle and you would need to look at it with more than just a glance to detect an inaccuracy. What the attacker does is change the sender’s display name to match that of the trusted source.

The Sending

Once the email has been built then it is sent to the target, and the problem is in the fact that the recipient sees only the spoofed display name and not the actual email address. If their guard is down and / or they’re not paying close attention, they may open the email and then interact with in the same way the spoofer wants.

It’s common to incorporate a deceptive subject line too, and quite often they will use one that instills urgency or curiosity, encouraging the recipient to open the email. Too many people become victims here , and the reason for that is because recipients often trust emails that appear to come from familiar names or organizations. When that happens they are more likely to engage with the messages.

You don’t even need a lot of skill or proficiency to be able to do this, and that may also be a part of why domain name spoofing is occurring a lot more frequently these days.

How to Protect Yourself

The first thing you can do is look at the email addresses much more carefully to verify them. Always check the sender’s full email address, and this means not looking at only the display name. If it is unrecognizable or is oddly put together and doesn’t ‘look’ right, don’t open the email and if you’re convinced it is fraudulent you should block the sender and report it to your IT team if you are in an office workplace environment.

It’s also advisable to be skeptical of emails that demand immediate action or contain urgent requests. This is a way that the senders try to trick you into making hasty decisions. You should also hover over links to get a visual of where you’re going to be redirected to. If the URL looks suspicious, don’t do it.

Email authentication protocols like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are also recommended to avoid domain name spoofing. Enabling Multi-Factor Authentication is advisable too as it adds an extra layer of security to your email account, and the attackers will have more difficulty gaining access to it.