Reading Time: 1 minutes ... the Pentagon has quietly built a multibillion-dollar cyberwarfare capability and trained its commanders to integrate these weapons into their battlefield plans. U.S. Cyber Command was officially stood up in 2010, based at Fort Meade in the Maryland suburbs of the nation’s capital, consolidating intelligence and cyberwarfare capabilities of the Army, Air Force, Navy and Marines under one house. Soon, billions of dollars were being invested in the concept that cyberattackers targeting America should be prepared to sustain their own damage. Little has been discussed in public about U.S. Cyber Command’s specific capabilities since, though budget documents detail a growing commitment to this form of warfare. The Pentagon’s cyberwarfare budget has grown from $3.9 billion in 2013 to $4.7 billion in 2014 and an estimated $5.1 billion in 2015. More at: original Washington Times December 22nd Article Link For an additional layer of internet security from many forms of spying and hacking, see information about our SSL certificates .
You may find this interesting too.
Reading Time: 15 minutes What are we talking about in this creative original blog post? How about a freshly deployed “blank content” completely-isolated-new-private-virtual-internet-environment; just like a starter internet on a different planet. In other words, imagine being on an internet where you and your friends are the only inhabitants of Mars but you are all connected through a common (and private) internet on the surface of that distant planet. We think you should be able to deploy and command your own completely isolated Virtual Private Internet (VPI) or perhaps better marketing name Virtual Private Planet (VPP); just add users! ) In this new age of omnipresent internet surveillance/spying/intrusions/ddos attacks, etc and creeping and shadowy “Orwellian” state takeovers, we here at 4GoodHosting thought thinking-up a new service offering, as private and secure as possible, could be a big value-add overall for our customers. So does the idea of a Virtual Private Server(VPS) still sound impressive? Well, try this instead... Virtual Private Internet(VPI) - or Virtual Private Planet (VPP - as private and secure as you and your friends and family living on another extremely distant planet and interacting over your own private internet). "Imagine" a virtual instance of an entirely other pre-configured "encapsulated internet" with almost no content stored in it, maybe just a couple of images and some started 'hello world!' webpages and templates and web builder programs. What if all “content” and logfiles were deleted from this internet, with just open-source webservers and virtualization software (vps - virtual private servers, instead of physical ones) and applications, programming languages, and scripts left on it? And then compiled and condensed into a VPI/VPP container with extra starter terabytes of storage (deeply encrypted by the VPP container) available only to itself and using its own entirely unique ip address protocol? As the whole container is encrypted other than its login sevice, so ,you would need to authenticate into, to get onto, that virtual private internet. Inside it, or on it, you could only request webpages and emails and voice communications from the other users within that self-contained virtual internet. Your ‘allowed-in’ VPI/VPP users can even pick their fantasy geographical location in your virtual fantasy world. Your...
You may find this interesting too.
Reading Time: 4 minutes A Scandinavian technology company, Fox IT, was one of the first discovers of a new threat to PHP based programs (such as WordPress, Drupal, Joomla, etc. ) The Fox IT CryptoPHP white paper is quite technical but we will summarize the issue for you here. It is about something termed ‘Nulled Scripts’ and given another label too, CryptoPHP. This is perhaps a new term to most of our customers. So what exactly are these so-called Nulled Scripts? Nulled scripts are scraps of PHP code, which can be found on free or otherwise non-approved WordPress plugin sites or even in WordPress theme archives; which have had their copy-protection removed. Various *pro* plugins and themes come with a serial number, or key, which enables paid features or provides access to download free upgrades. Nulled scripts have such protections removed (so that it is become ‘free’). There are many websites that are offering these nulled-scripts and also nulled WordPress plugins and theme installers. They shouldn’t be used because of the following problem: CryptoPHP explained The programmers who published the white paper have witnessed a drastic increase in the availability of nulled/corrupted scripts. read_more Of course it is not “new” news that alot of “free” WordPress plugins might have this kind of malware embedded in it; if it was not downloaded from a trusted source such as WordPress.org, WooThemes, WooThemes, Theme Forest, Drupal.org Joomla.org, etc. But this particular kind infection is more of a threat than previous malware because in it encrypts data before transmitting it back to its controlling servers; which of course can be located anywhere in the world. Identifying the infection is rather simple though: For example take this line of code: include('wpassets/images/someimage.png'); A web developer that could be reviewing the code should be suspicious of it because an 'image' is not supposed to be included this way into an PHP script. This “ include() “ function call is supposed to be used for importing PHP code. So this has turned out to be be a way of injecting malware PHP code contained in a fake image file. This devious technique isn’t readily detected by malware/virus scanners because most of the...
You may find this interesting too.
Reading Time: 3 minutes Do you ever feel like somebody is watching your back (and not your computer screen) when you are on the internet? Well Canada’s privacy law is still protecting you when you are online surfing. Our fellow Canadian Social media users are shielded from the complex details Terms of Service on many popular social services. Just because you are forced to check the many lengthy terms of service, that of course most of us don’t sit there for a half and hour and actually read, our privacy law trumps any provision that is against the grain of our current privacy law. "This overriding provision in our federal privacy legislation actually does provide protection for unexpected, unreasonable uses, even with consent," stated a Toronto-based lawyer and expert on internet law Barry Sookman. "So I actually think there is a standard here that applies that is fairly useful and is consumer friendly." “An organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances." reads Canada's Personal Information Protection and Electronic Documents Act. This means that "the person has to agree to the terms," Sookman said. "So a person who simply accesses a social networking site and hasn't seen or hasn't had a reasonable opportunity to review the terms wouldn't be bound by them." If the policy had terms that a reasonable person wouldn't consider appropriate, then those terms may not be binding. "There’s two good examples of when a service’s privacy policy wouldn't be enforceable: either when a person hasn’t been put on notice that there’s going to be a policy that’s binding, or when it’s an unreasonable term." Depending on the service, when somebody accesses their website, many website companies automatically collect basic information to know, for example, where people are coming from and to know if they are a returning visitor. Those kind of data collection is rather hidden and it is automated usually to facilitate the operation of their site. When data collection crosses the line: read_more Where there is some completely unexpected use of one's personal information, matters “may go over the line.”. "So the test in...
You may find this interesting too.
Reading Time: 3 minutes Did you know what google gives a very slight ranking boost to websites that use SSL (https://...) encryption? There are other more significant reasons for your website to offer secure connections to your website visitors, especially if your website conducts ecommerce or credit card transactions. Nowadays, people everywhere have to purchase a SSL certificate if they want to offer secure/private connections to their website visitors. However, that might just be a thing of the past with https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html As their website explains: “ The challenge is server certificates. The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you’re actually talking to is the server you intended to talk to. For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It’s tricky to install correctly. It’s a pain to update. Let’s Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process. Mozilla Corporation, Cisco Systems, Inc., Akamai Technologies, Electronic Frontier Foundation, IdenTrust, Inc., and researchers at the University of Michigan are working through the Internet Security Research Group (“ISRG”), a California public benefit corporation, to deliver this much-needed infrastructure in Q2 2015. The ISRG welcomes other organizations dedicated to the same ideal of ubiquitous, open Internet security. The key principles behind Let’s Encrypt are: Free: Anyone who owns a domain can get a certificate validated for that domain at zero cost. Automatic: The entire enrollment process for certificates occurs painlessly during the server’s native installation or configuration process, while renewal occurs automatically in the background. Secure: Let’s Encrypt will serve as a platform for implementing modern security techniques and best practices. Transparent: All records of certificate issuance and revocation will be available to anyone who wishes to inspect them. Open: The automated issuance and renewal protocol will be an open standard and as much of the software as possible will be open source. Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a...
You may find this interesting too.
Reading Time: 2 minutes Dear Customer and/or blog visitor, Please do see this important video presentation. It is certainly worth the time it takes us to wake up to what has really being going on: http://vimeo.com/106681730 For your information, when people send you email to your 4GoodHosting hosted website account (for example: me@my-very-own-site.ca ), or when you send email to another person at another 4GoodHosting hosted website, your email conversation is 'really' or 'actually' "private" - just like real snail-mail used to be. We actually do honor your right to control your private information and to guard it from information wholesaling. We don't look, share, or sell any of your private information. We believe in doing this, and we base our business model on respecting your wishes. But when you email somebody at a @gmail.com account, then your email is definitely wide open to at least google (and who-knows-who-else ultimately gets a copy of it from them throughout the future). Basically if you have a conversation with somebody using google mail (gmail, or yahoo mail, etc.) then your conversation is being recorded for prying eyes and will be potentially/possibly used to profile you to interested parties throughout the future. That's just one point of this eye-opening presentation. We are recommending this video been seen by you, because we believe in the old-fashioned concepts of personal privacy. If you feel the same way, please share the link of this article with your friends. https://4goodhosting.com/blog/value-privacy/ read_more Thank you for your patronage and time reading this.
You may find this interesting too.
Reading Time: 3 minutes Benefits of Shared Web Hosting Affordable cost - The benefits shared hosting come in terms of cost as you share a common server with other clients of the web hosting company. With this, we can save money so that we can offer you the services at a lower cost. With less than $10 per month, you can get two different plans of shared hosting. If you consider the features that you are able to get today, our web hosting packages will be more effective and gives excellent value. Simplicity – We maintain the servers and their associated hardware in our peer data center, provide you with the connectivity and along with it, we will maintain all the server administrative tasks that are complex for you. For those people who don't know or who don't have the necessary manpower to run severer or who just need to focus on the critical aspects of their business, shared hosting is a perfect solution. read_more Apart from this, tools such as control panel software and our 4GoodHosting/4GH website builder will make the environment of shared web hosting easy to understand. Even the most technically challenged can succeed because of the rapid evolution in this type of web hosting technology. For more information on shared web hosting, see: Canadian Web Hosting Are you developing a shared hosting account? Performance problems: Sometimes performance varies. For example, if you are having average traffic to your website when compared to Joe who is sharing the server with you has a sudden burst in the traffic. To be frank, in shared web hosting, there is a chance of your website getting affected with neighborhood traffic, which causes the sever delays for a second when it is serving pages. One more issue with shared environment is security that is not sealed-off in shared hosting. Although we are able to provide abundant power to our customers these days, all that requires is one amateur web master to misuse the .htaccess, or another sensitive component for creating a problem on the server. Our server engineers will always diagnose and resolve the problems quickly and will be available 24/7. Your web applications will...
You may find this interesting too.
Reading Time: 5 minutes It has been roughly a year back the truth that US national security agency NSA has been accumulating huge amounts of personal data on American and other international citizens secretly. This year, a year after Edward Snowden leaked the documents on how and to what extent government has collected huge amounts of personal data, he has become an icon of the movement that demands more transparency from government agencies when they are using Internet technologies for the purpose of surveillance. However, transparency is just a one-way street in that regard to this heavily corrupted and non-constitutional government. They want to know everything you are doing but they want you not to know how they are spying on you, and are secretive in dozens if not hundreds of other ways. Dauntless and strident calls for reforms in government government surveillance are coming from the companies that hold large amount of customer and client data on the Web. The compulsions come in the form of threats of prosecution through court orders issued by the Foreign International Surveillance Court. The orders seek the information without intimation of such a move to the customer. This sounds like the Nazi era during World War II. The companies who are responsible for personal data are working over strengthening their security backbone through encryption of customer's data at least at some key junctions. The move came after NSA managed to intercept customer data flowing between various private data centers of Google. read_more Tech companies are of the view that government can take considerable steps to safeguard the consumer's data and protect them from unreasonable access to government agencies. But in contrast, government seems to be working in violating the 4th amendment rather than protecting it. An interest group named Reform Government surveillance is working to bring together the large hitech companies like Google, Yahoo, Apple, Dropbox, Microsoft and others to address the government to help them in bringing back the lost faith in their Internet user community. They believe that the surveillance of the government should be constricted by clearly demarcated by laws and the laws should be transparent. They should be proportional to the risks and...
You may find this interesting too.
Reading Time: 2 minutes Date posted: May 6th , 2014 An increased number of big tech companies are denying compliance with government with regard to personal data by updating their terms and conditions and other policies. News that raises concern Washington Post has published that many businesses such as Apple, Google, Facebook and Microsoft will be notifying their users when their personal data will be asked by the government. They are changing their company policies to suit this. They would comply with such requests only if a judge or other agencies to do so secretly. Many of the protectors of law are concerned that these moves of the company will intimate the criminals before hand and they will try to destroy the evidence of the crimes committed. The government can loose important information on the case. But they need to know that it is criminal and not just on the part of the government to spy on their citizens seeking their personal information. read_more Peter Carr, spokesperson of Justice Department says,“These risks of endangering life, risking destruction of evidence, or allowing suspects to flee or intimidate witnesses are not merely hypothetical, but unfortunately routine.” The tech companies have decided not to pay heed to the guidelines of the subpoenas that ask the tech companies not to inform the users of the data request by the government. This move came after Edward Snowden revealed the spying by NSA last year. As of today, Google notifies users about “legal demands” from government agencies under Google's relevant policy unless prohibited by the court. Kristen Huguet of Apple says, “Later this month, Apple will update its policies so that in most cases when law enforcement requests personal information about a customer, the customer will receive a notification from Apple.” Facebook and Microsoft are reported to have following the leads and take similar steps. As of now, 4GoodHosting has not received any requests from the governments of US or Canada asking for client data. But we'll protect our customers' data and let them know if a customer when the government wants to spy on them.
You may find this interesting too.
Reading Time: 1 minutes Homeland Security Advises Not to Use Internet Explorer It's very tremendous to come to know about Internet Explorer. Even the government of the United States do not like to use IE until they get a new browser that does not have any problem. The version that brings the problem is version 6 and beyond. These versions enable people with malicious intentions to get into a PC through a bad website. The security firm that deals with these issues is known as "Operation Clandestine Fox" by the Fireeye. The threat is true and is dangerous. The department of Homeland Security in the United States issued security alerts to computer software many times. But this time they acted differently. Multiple number of agencies of the government use IE versions. We advise users to use another internet browser until a new official update is available. Microsoft's schedule will be available until May 13. The company may release an unscheduled update before this date. If you use an unsupported form of Windows such as Windows XP, you'll not get any update. And, if you're looking for hassle free things, choosing Mozilla Firefox could be an optimal solution.
You may find this interesting too.
