Category: Security

July 22, 2019

Hosting Related, Security, Security Related

Reading Time: 4 minutes

Rats have always had a bad rap, and among all the many negative things associated with the rodents is the fact that ‘rat’ is no longer only a noun in the English language. It’s now also a verb. To ‘rat’ out someone or something is to make someone in position of power or authority aware of what that thing or person is doing when they shouldn’t be doing it. An example could be when you were kids and telling the school principal the names of the students you saw scratching their names into the side of the gymnasium. They’re sure to be punished for it, but only you and the principal will ever know who exactly ‘ratted them out.’ Here at 4GoodHosting, we’re like any quality Canadian web hosting provider in that we don’t need to be prompted to stay on top of interesting developments in the digital world. We do it quite naturally, and we also have an at-least somewhat vested interest in maintaining a functional integrity for the World Wide Web. All of which makes this recent news entirely newsworthy for our blog here. Introducing the Suspicious Site Reporter Google this week started requesting help in identifying suspicious websites, and to that end is making an add-on that lets them ‘rat out’ suspicious URLs through their Chrome browser. They can add the Suspicious Site Reporter, and what they’ll then see is a new flag-style icon on the top bar of the browser. When they come across a URL that’s fishy looking, all they have to do is click on the icon to report unsafe sites to Safe Browsing for further evaluation by the overlords at Google. Safe Browsing is a ubiquitous term between Chrome, Mozilla's Firefox, Apple's Safari, and Android when users are steered away from sites that contain malicious or deceptive content. Google uses robots to scan the web and compile lists of websites that host malware, harmful downloads or deceptive ads and pages. Software developers then have the option of plugging into an API to integrate this list into their own applications. In honesty, rival browser makers have done this for years, but it’s a fact...

July 10, 2019

Domain Related, Security

Reading Time: 4 minutes

It’s July 9th and two weeks from today the web is officially going with full HTTPS as requisite, and that’s a development that’s been a long time in the making. Securing traffic on the internet is an obvious priority, but of course there are people who are strongly opposed to having a secure web. Two weeks today Google will be uniformly labeling any site loaded in Chrome without HTTPS to be not secure. Most webmasters will be on top of this and accordingly usage of HTTPS is exploding right now. In the 6 months up to a recent report, 32% growth in the use of HTTPS was seen in the top 1 million sites. Mozilla tracks anonymous telemetry via Firefox browser and recorded big growth (75% page loads) in the rate of pages being loaded over HTTPS. Chrome too, at around the same 75 percent. We’re a Canadian web hosting provider who’s always got our thumb on the pulse of the industry, so it’s important to relate that quite a few popular sites on the web still don’t support HTTPS (or fail to redirect insecure requests) and will soon be flagged by Google. Plus, let’s clear up a few emerging myths about HTTPS: It’s a Hassle I Don’t Need It It’s Gonna be Slow It’s A Hassle No, it’s pretty darn simple. You can protect your site with HTTPS in a matter of seconds for FREE. Sign up for Cloudflare or using a CA such as Let’s Encrypt. We can assist you with any other web security and accessibility concerns you may have beyond https encryption of your website. I Don’t Need It Well it turns out, you do - particularly as it relates to the safety and privacy of those visiting your site. Without HTTPS, anyone in the path between your visitor’s browser and your site or API can peer in on (or make modifications to) your content without you needing to be made aware of it. Governments, employers, and even especially internet service providers can and have been overseeing content without user consent. If having your users receiving content unmodified and safe from maliciously injected advertisements or malware...

June 25, 2019

Security, Security Related

Reading Time: 5 minutes

Even the most tuned-out of us will be aware of how Bitcoin seemingly went out with a whimper after arriving on the digital cryptocurrency scene with a bang a few years back. The same could be said for the hype about cryptocurrency as a whole, but of course now it’s made something of resurgence. Now it seems the acceptance of a global currency that’s not bound by the constraints of the world bank and international currency norms is an actual large-scale possibility, and no doubt we’re going to see a rush on bitcoin mining flare up again too. Whether or not you believe in the validity of cryptocurrencies and if they’ll ever gain a foothold in the world of e-commerce and beyond is one thing, but it would seem that Apple is forecasting it’s going to do that to at least some extent. To cut right to it, it seems that they’re preparing to let iPhone users turn their devices into hardware wallets that will allow them to store and use bitcoin and other cryptocurrencies for mobile purchases of pretty much everything. The bulk of us here at 4GoodHosting are like the staff you’d find at any leading Canadian web hosting provider in that we take a keen interest in any major shift in the web world landscape, and if cryptocurrency is now to gain traction like it was predicted to then that definitely qualifies. That and the fact that iPhone users likely make a good half of the majority of those of you, and so let’s look at what can we read into the possibility of iPhones becoming crypto wallets. iOS 13 – WITH CryptoKit At the recent Worldwide Developers Conference (WWDC) a few weeks back, Apple's new CryptoKit for iOS 13 was on display. What it will do is allow developers to easily create hashes for digital signatures and public and private keys that can be stored and managed by Apple's Secure Enclave. The keys will represent cryptocurrencies, which iPhone owners can then exchange as a form of payment through an app. This doesn’t necessarily mean that Apple is going down the cryptocurrency path, but if it is...

June 11, 2019

Domain Related, Hosting Related, Security, Security Related

Reading Time: 4 minutes

Many people lament the fact that the Internet can’t be an unimpeded digital information source and not have commercial interests to the extent it does. It would be nice if it was a fountain of knowledge that exists for everyone’s own information gathering exclusively, but living in the world we do when there’s a buck to be made somewhere the opportunity will be taken. It’s especially frustrating for people who aren’t big consumers and have never clicked on a link or purchased very little online. Google has recently moved to limit Chrome’s ad-blocking capabilities, and no doubt many of you using an ad-blocker will have already noticed this. Google also announced that this feature will not apply for Google’s paid G Suite Enterprise subscribers. Here at 4GoodHosting, we’re a Canadian web hosting provider who keeps our thumbs on the pulse of the digital world and the prospect of ad-free internet browsing only via paid web browsers would be a pretty big deal for nearly all of us who source information online. According to a recent study, as many as 40% of people browsing the web from laptops use an ad blocker. That’s a big group of people that aren’t viewing Google’s ads. So why’s this happening, and what’s the underlying current here? Beyond Blocked Blockers It’s been reported in the news how Chrome users - and developers of Chrome-friendly, ad-blocker extensions - are none too pleased with Google’s proposed changes to the Chrome Extensions platform. We have to go back to when Google announced Manifest V3, which constituted a set of proposed changes to Google Chrome’s Extensions platform. In it, specific changes to Chrome’s webRequest API were proposed with an eye to limiting the blocking version of it and this potentially would remove blocking options from most events and creating them as observational only. Content blockers would now use a different API instead, known as a ‘declarativeNetRequest.’ The Manifest concluded that this new API is “more performant and offers better privacy guarantees to users.” The reality is though that Google’s Manifest V3 changes will prevent Chrome’s ad-blocker extensions from using the webRequest API as it normally, but it will also...

June 3, 2019

Hosting Related, Security, Security Related

Reading Time: 5 minutes

Just a few weeks back we were sharing with you how WhatsApp was recommending users reinstall their app because of it being hacked. Hopefully those of you that use it have already done so, and if you have then you’re probably good to go with instant messaging for the foreseeable future. It turns out however that the problem of hacks, infection, malware and more is a lot more extensive than just one app and one operating system. A quality Canadian web hosting provider is going to be one that appreciates the full extent of just how much digital connectiveness is important to people, and here at 4GoodHosting we have a front row seat to see the way mobile web browsing has pulled away from desktop in as far as being the means of choice for people. It all points to one well-understood reality; we’re turning to our mobile devices for more and more of everything that we do during the day. A good many of us (myself included) have Android phones, and that’s why recent news from Quick Heal Security Labs is really undeniable when it comes to highlighting the extent of the cyber-attack problem for Android users in nor. And that is that apparently over 3 million malware were detected on Android OS in 2018. Big Number, Big Problem We can paint a picture of the severity of this best by sharing some numbers: 3,059 malware infections per day, working out to 2 every minute across the country for Android devices 1,786 adware infections per day, equally 1 per minute 4,670 PUAs per day, and that’s 3 per minute Yes, there’s an awful lot of smartphones out there, and a good many of them are going to have an Android OS. Those numbers are still fairly staggering though, and it really does put the problem in some perspective. And what’s interesting is that despite the rapid rise in cyberattacks on mobile devices, cyber security experts say device owners aren’t taking this as seriously as they should be. Serious Business Experts state that there will be a significant rise in mobile-focused malware and banking trojans, and another major mobile-based threat...

May 27, 2019

Domain Related, Hosting Related, Security, Security Related

Reading Time: 7 minutes

No doubt the Internet of Things needs no introduction here given how the latest big wrinkle in the application of World Wide Web-based technology has become so integrally involved in both our private and working lives. As it stands currently, working with IoT applies to some businesses more than others, but it’s fair to say that any of them that put a premium on customer accessibility and control will need to be adhering to IoT realities. Here at 4GoodHosting, we’re a good Canadian web hosting provider like any other in that we prefer to keep our thumbs on the pulse of certain trends in the greater industry more so than others. IoT is definitely one of them, and it continues to be interesting to watch how it reaches further into our digital world every day. Consumers are going to expect more and more ‘smartness’ from their ‘things’ going forward, and businesses of course need to be receptive to that. This makes choosing the right IoT platform a complex endeavor. The landscape can be confusing for IoT hobbyists, experienced developers, and senior executives alike. Today we’ll give you a quick overview of the IoT platform landscape and how you should evaluate IoT platforms based on your needs. Defining an IoT Platform Quite simply, an IoT platform is an integrated service offering what’s needed to bring physical objects online. Supporting millions of simultaneous device connections is the challenge, and your platform needs to allow you to configure your devices for optimized communication between machines. The consensus among developers is that it’s really quite difficult to build a well-functioning IoT product. IoT Platform Types End-to-end IoT Platforms End-to-end IoT platforms provide hardware, software, connectivity, security, and device management tools to handle the massive numbers of concurrent device connections. They also provide all managed integrations needed, which can include OTA firmware updates, device management, cloud connection, cellular modem and more, all of which connect and monitor a fleet of devices online. Connectivity Management Platforms These platforms offer low-power and low-cost connectivity management solutions via Wi-Fi and cellular technologies. Connectivity hardware, cellular networks, and data routing features are all part of connectivity management platforms in...

May 21, 2019

Hosting Related, Security, Security Related

Reading Time: 4 minutes

WhatsApp is one of the most ubiquitous and popular instant messenger apps these days, and it’s fair to say that there’s likely hundreds of thousands of people who have it installed on their smartphone and make frequent use of it. Well, no one’s about to tell you should stop doing so if you’re one of them, but it turns out that you may want to update it manually now - or perhaps even better delete and re-install it - due to recent developments that have just now gotten out into the media. Part of being a good Canadian web hosting provider is giving clients a heads up on such developments, and that describes 4GoodHosting to a tee if we may say so ourselves. Often times these sorts of things aren’t quite ‘newsworthy’ in that sense, but again considering how common WhatsApp is these days we decided to make it our topic for the week. Right then. So, despite encrypting every conversation and following best security practices, WhatsApp (which is owned by Facebook for those of you who care about those things) it seems has been the victim of a cyber attack. It recently announced that it found a vulnerability that was allowing shady types to infect WhatsApp users with spyware when they made - or even attempted to make - a call using the app. No Answer - No Problem Now most people aren’t ones to take notes of character and number chains, but it would seem this this WhatsApp vulnerability is going by CVE-2019-3568. What makes it especially noteworthy is that it allows attackers to infect the device, and have success doing so even if the user at the other end receiving the call didn’t answer it. The means by which these nefarious individuals did this was by exploiting a buffer overflow weakness in the app, one that enables them to hack into WhatsApp before doing the same on the device running the app. When asked about it, the security team at WhatsApp chose to refer to it as an ‘advanced cyber actor’ - a rare but very dangerous type of cyberattack. It is different from other malware attacks...

May 13, 2019

Security, Security Related

Reading Time: 7 minutes

One of the unfortunate realities for human beings is that as we get older, it’s not as easy for us to perform athletically like we once did. When we’re on the right side of 30 it’s not too challenging to run fast, jump high, and turn on a dime. The 30s are a bit of a transition, and once the 40s arrive it’s pretty clear we’re past our prime. Computers slow down as they age too, but that’s a situation that is remedied a lot more easily. You can take your OS back to it’s virtual 20s quite straightforwardly if you know what to do. That’ll be the topic of discussion here today, and for the world’s most common OS specifically – Windows 10. Here at 4GoodHosting, we’re a good Canadian web hosting provider like any other in that we can relate to how it’s frustrating to have to deal with a device – desktop, tablet, smartphone – that’s more putt-putt than vroom-vroom. What we’ve put together here today is 5 ways to speed up your PC running Windows 10, and they’re all fairly easy to implement. Change your power settings Those of you using Windows 10’s Power saver plan should be aware that you’re actually slowing down your PC. It reduces your PC’s performance in order to save energy (most desktop PCs will usually have a Power saver plan of some sort). Switching your power plan from Power Saver to High Performance or Balanced will provide you with an instant performance boost. Here’s how to do it in Windows 10; Launch Control Panel, then select Hardware and Sound > Power Options You’ll then see two options: Balanced (recommended) and Power Saver. (Certain makes and models will have other plans here as well, including manufacturer-branded ones with some.) Clicking the down arrow will show any additional plans that are options to the High Power setting. To change your power setting, simply choose the one you want, then leave then the Control Panel. High performance will provide the most oomph, but as you’d expect it uses the most power; Balanced finds a nice medium between power use and better performance; Power...

April 1, 2019

Domain Related, Hosting Related, Security, Security Related

Reading Time: 6 minutes

One thing that certainly hasn’t changed from previous years as we move towards the quarter pole for 2019 is that hackers are keeping IT security teams on their toes as much as ever. That shouldn’t come as much of a surprise given the cat and mouse game that’s been going on in cyberspace between the two sides for a long time now. Cyber threats are as sophisticated as ever now, and for everyday individuals they biggest concern is always that the privacy of sensitive data will be compromised. One of the most common responses to enhanced and more enabled threats is to go with a Virtual Private Network and all the enhanced security features that come with them. Here at 4GoodHosting, we’ve been promoting them for our customers very actively in likely what same way every other Canadian web hosting provider has. There’s merit to the suggestion, as VPN connections protect online privacy by creating a secure tunnel between the client - who is typically uses a personal computing device to connect to the internet - and the Internet. Nowadays, however, VPN networks aren’t as automatic as they were when it comes to trusting in secure connections and understanding that there won’t be data leaks. The good news is that even people with the most average levels of digital understanding can be proactive in protecting their VPN from data leaks. Let’s look at how that’d done here today. Workings of VPN A reliable VPN connection disguises the user’s geographical location by giving it a different IP address. There is also architecture in place to encrypt data transmitted during sessions and provide a form of anonymous browsing. As it is with almost all internet tools, however, VPN connections can also face certain vulnerabilities that weaken their reliability. Data leaks are a concern amongst information security researchers who focus on VPN technology, and it’s these issues that are most commonly front and centre among them: WebRTC Leaks Web Real-Time Communication (WebRTC) is an evolution of the VOIP (Voice over Internet Protocol) for online communications. VoIP is the technology behind popular mobile apps such as Skype and WhatsAppp, and it’s been the leading...