Google is Blocking Ad Blockers in Chrome: Paid Web Browsers the Future

4GHadmin | 11 June 2019
Reading Time: 3 minutes

Many people lament the fact that the Internet can’t be an unimpeded digital information source and not have commercial interests to the extent it does. It would be nice if it was a fountain of knowledge that exists for everyone’s own information gathering exclusively, but living in the world we do when there’s a buck to be made somewhere the opportunity will be taken. It’s especially frustrating for people who aren’t big consumers and have never clicked on a link or purchased very little online.

Google has recently moved to limit Chrome’s ad-blocking capabilities, and no doubt many of you using an ad-blocker will have already noticed this. Google also announced that this feature will not apply for Google’s paid G Suite Enterprise subscribers. Here at 4GoodHosting, we’re a Canadian web hosting provider who keeps our thumbs on the pulse of the digital world and the prospect of ad-free internet browsing only via paid web browsers would be a pretty big deal for nearly all of us who source information online.

According to a recent study, as many as 40% of people browsing the web from laptops use an ad blocker. That’s a big group of people that aren’t viewing Google’s ads. So why’s this happening, and what’s the underlying current here?

Beyond Blocked Blockers

It’s been reported in the news how Chrome users – and developers of Chrome-friendly, ad-blocker extensions – are none too pleased with Google’s proposed changes to the Chrome Extensions platform. We have to go back to when Google announced Manifest V3, which constituted a set of proposed changes to Google Chrome’s Extensions platform.

In it, specific changes to Chrome’s webRequest API were proposed with an eye to limiting the blocking version of it and this potentially would remove blocking options from most events and creating them as observational only. Content blockers would now use a different API instead, known as a ‘declarativeNetRequest.’ The Manifest concluded that this new API is “more performant and offers better privacy guarantees to users.”

The reality is though that Google’s Manifest V3 changes will prevent Chrome’s ad-blocker extensions from using the webRequest API as it normally, but it will also force them to use a new API (declarativeNetRequest). One that isn’t compatible with how existing popular adblocker extensions function and making them ineffective.

It’s fairly clear to see that Google is being receptive to the concerns of paying advertisers in ensuring the delivery of their ads to site visitors, and they’re not going to be supportive of ad blockers from now own.

A recent industry publishing had a statement from a spokesperson at Google regarding these changes in Chrome – “Chrome supports the use and development of ad blockers. We’re actively working with the developer community to get feedback and iterate on the design of a privacy-preserving content filtering system that limits the amount of sensitive browser data shared with third parties.”

They then added further, “for managed environments like businesses, we offer administration features at no charge.”

For now, Google is still intending to block ad blockers in Chrome, while people who are subscribed to their G Suite Enterprise-level of services will enjoy ad-free viewing.

Pay to Play Soon?

In the past it was that Chrome could be an ad-free browsing experience at no additional cost. Now it seems you’ll have to subscribe to premium G Suite services, and the highest, most expensive version of it. How much? It’s $25 per user, per month, and that’s no small change for any type of online monthly service.

It’s not difficult to figure out what’s Google’s interest in doing this. They can increase the amount of revenue generated from users viewing ads if non-Enterprise subscribing users, based in large part because most people won’t pay for G Suite and more of them will see ads they’ll click through.

Keep in mind that Google’s competitors like Microsoft Edge and Firefox are still fine with supporting ad blockers, so it’s fair to assume they’ll be people who’ll abandon Chrome for another browser. Even if they think Chrome is superior, as there are many people who simply can’t stand ads and particularly if they’re researching for work or academic purposes and time is of the issue.

Google’s G Suite’s low and mid-tier subscribers will still be seeing ads too, it’s only the 25-a-month subscribers who’ll be enjoying ad-free browsing. G Suite Basic is $6 dollars per user per month and G Suite Business is $12 per user month.

Any of you planning to jump ship if your ad blocker is rendered useless?

0

Choosing the Right IoT Platform

4GHadmin | 27 May 2019
Reading Time: 5 minutes

No doubt the Internet of Things needs no introduction here given how the latest big wrinkle in the application of World Wide Web-based technology has become so integrally involved in both our private and working lives. As it stands currently, working with IoT applies to some businesses more than others, but it’s fair to say that any of them that put a premium on customer accessibility and control will need to be adhering to IoT realities.

Here at 4GoodHosting, we’re a good Canadian web hosting provider like any other in that we prefer to keep our thumbs on the pulse of certain trends in the greater industry more so than others. IoT is definitely one of them, and it continues to be interesting to watch how it reaches further into our digital world every day. Consumers are going to expect more and more ‘smartness’ from their ‘things’ going forward, and businesses of course need to be receptive to that.

This makes choosing the right IoT platform a complex endeavor. The landscape can be confusing for IoT hobbyists, experienced developers, and senior executives alike. Today we’ll give you a quick overview of the IoT platform landscape and how you should evaluate IoT platforms based on your needs.

Defining an IoT Platform

Quite simply, an IoT platform is an integrated service offering what’s needed to bring physical objects online. Supporting millions of simultaneous device connections is the challenge, and your platform needs to allow you to configure your devices for optimized communication between machines. The consensus among developers is that it’s really quite difficult to build a well-functioning IoT product.

IoT Platform Types

End-to-end IoT Platforms

End-to-end IoT platforms provide hardware, software, connectivity, security, and device management tools to handle the massive numbers of concurrent device connections. They also provide all managed integrations needed, which can include OTA firmware updates, device management, cloud connection, cellular modem and more, all of which connect and monitor a fleet of devices online.

Connectivity Management Platforms

These platforms offer low-power and low-cost connectivity management solutions via Wi-Fi and cellular technologies. Connectivity hardware, cellular networks, and data routing features are all part of connectivity management platforms in IoT.

IoT Cloud Platforms

Cloud platforms are very beneficial, serving to get rid of the complexity of building your own complex network stack and offering backend and other services to monitor and track millions of device connections that are occurring simultaneously.

Data Platform

As you’d imagine, every type of IoT platform deals with data in some way. IoT data platforms serve the function of combining many of the tools you need to manage / visualize data analytics and them route them as needed.

IoT Platform Verticals

Placing these IoT platforms into categories is really being too simple with them. The breadth of functionality for each makes it so that they don’t fit into a single category. The most logical way of looking at them is what they offer for different interests and related users:

Hobbyists / Prototyping Solutions / Utilities / Live Search (A.I.) Applications / Development Kits / DIY solutions / Consumer Electronics / Home automation / Wearables / Industrial IoT (IIoT) Solutions / Smart factory warehousing applications / Predictive and remote maintenance / Industrial security systems / Asset tracking and smart logistics/ Transportation monitoring / Energy optimization / Connected logistics / Agriculture Industry / Healthcare Industry / Energy Industry / Smart Cities

What to Look for When Examining Platforms

It’s definitely helpful to know what you should be looking for, based on your intended solution:

  1. Connectivity

How effectively is the vendor’s network coverage fitting your business’ current and future initiatives?

  1. Method of Connectivity

What type of connectivity is needed? Will a Wi-Fi or cellular solution be best for your IoT product? Assess these needs and then determine how the vendor can address them.

  1. Market Longevity

Looking at how long the IoT platform been in business is helpful. The space itself is relatively new, but building has occurred quickly and a lot can and will change in a very short period of time. Aim to find an IoT platform that has been offering services for 4+ years at a minimum.

  1. Type of Service

How does the IoT platform describe and sell themselves? Some will be purely connectivity platforms, some will be end-to-end solutions that offer hardware and software to go along with connectivity. How one will suit you best comes about after assessing your business needs. How will they change over time?

  1. Geographic Coverage

Is an embedded sim with global support provided? Is this IoT platform one that covers the regions your business needs? Looking over all aspects of your global reach needs should be part of the consideration as well.

  1. Data Plan

Is a fair data plan included with the platform? The ability to pause or suspend your data services at any time and the ability to control how much data that is used should be on your checklist.

  1. Security / Privacy

Look into the platform and specifically how they’ve dealt with security and privacy issues and reviewed their security content as needed to date. Evaluate how their platform combats security issues frees you from having to do that yourself.

  1. Managed Integrations / API Access

How does the vendor integrate every complexity required for the IoT connectivity you’re after – cellular modems, carrier / sim cards, device diagnostics, firmware updates, cloud connections, security, application layer, RTOS. The best ones will consolidate all into a simple package that works out to very little of it ending up on your plate.

  1. Data Access

How easy does it look to be to take the data acquired through the IoT platform and then integrate it with your enterprise back ends and current cloud service? How will this data then be used? Does the service match those needs?

  1. IoT Ecosystem

The relationships between the services the IoT platform offers should be clearly understood. This will help you learn how their services can be of assistance in helping you build your product

  1. IoT Roadmap

The expansion of IoT platforms is going to continue ahead at full steam. Does this IoT platform’s roadmap match your organization’s needs, and will expansions into connectivity, data, and hardware be helpful for you?

  1. OTA Firmware Updates

How does the vendor allow you to send updates and fix bugs on your devices remotely? It is a simple process, or a complex one. Obviously, simpler is far preferable.

Good Ones

  • Particle — Particle is an enterprise IoT platform that’s ideal for building an IoT product, from Device to Cloud.
  • Salesforce IoT — Maximizes your business efforts with IoT cloud services.
  • Microsoft IoT Azure — Very popular, and enhances operational productivity and profitability by means of a preconfigured connected factory solution.
  • Artik Cloud — The ARTIK IoT platform is ideal for IoT open data exchange
  • Google Cloud’s IoT Platform — integrated services that get high marks from end users and allow you to easily and securely connect, manage, and internalize IoT data
  • IBM Watson IoT — IBM’s new Watson Internet of Things (IoT) is a cognitive system that picks up on AI and then practicalizes it for use within IoT functionality.
  • Xively Platform — an enterprise IoT platform to help accelerate your connected product or service.

These are just a few of many that seem well-received by developers.

0

Protecting a VPN From Data Leaks

4GHadmin | 01 April 2019
Reading Time: 5 minutes

One thing that certainly hasn’t changed from previous years as we move towards the quarter pole for 2019 is that hackers are keeping IT security teams on their toes as much as ever. That shouldn’t come as much of a surprise given the cat and mouse game that’s been going on in cyberspace between the two sides for a long time now. Cyber threats are as sophisticated as ever now, and for everyday individuals they biggest concern is always that the privacy of sensitive data will be compromised.

One of the most common responses to enhanced and more enabled threats is to go with a Virtual Private Network and all the enhanced security features that come with them. Here at 4GoodHosting, we’ve been promoting them for our customers very actively in likely what same way every other Canadian web hosting provider has. There’s merit to the suggestion, as VPN connections protect online privacy by creating a secure tunnel between the client – who is typically uses a personal computing device to connect to the internet – and the Internet.

Nowadays, however, VPN networks aren’t as automatic as they were when it comes to trusting in secure connections and understanding that there won’t be data leaks. The good news is that even people with the most average levels of digital understanding can be proactive in protecting their VPN from data leaks. Let’s look at how that’d done here today.

Workings of VPN

A reliable VPN connection disguises the user’s geographical location by giving it a different IP address. There is also architecture in place to encrypt data transmitted during sessions and provide a form of anonymous browsing. As it is with almost all internet tools, however, VPN connections can also face certain vulnerabilities that weaken their reliability. Data leaks are a concern amongst information security researchers who focus on VPN technology, and it’s these issues that are most commonly front and centre among them:

  1. WebRTC Leaks

Web Real-Time Communication (WebRTC) is an evolution of the VOIP (Voice over Internet Protocol) for online communications. VoIP is the technology behind popular mobile apps such as Skype and WhatsAppp, and it’s been the leading force behind making legacy PBX telephone systems at many businesses entirely obsolete now.

WebRTC is also extremely valuable with the way that it allows companies to hire the best personnel. Applicants can be directed to a website for online job interviews with no need for Skype or anything similar installed.

Everything would be perfect, except for the fact that the IP addresses of users can be leaked, and even through a VPN connection.

  1. DNS Hijacking

It’s fair to say that hijacking domain name system (DNS) servers is one of the most tried-and-true hacking strategies, and interestingly a large portion of that has been made possible by well-intentioned efforts to enact internet censorship. The biggest DNS hijacking operation on the planet is conducted by Chinese telecom regulators through the Great Firewall, put in place with the aim of restricting access to certain websites and internet services.

DNS hijacking encompasses a series of attacks on DNS servers, but arguably the most common one involves taking over a router, server or even an internet connection with the aim of redirecting traffic. By doing so hackers are able to impersonate websites; your intention was to check CBC News, but instead you’ll be directed to a page that may resemble it but actual uses code to steal passwords, compromise your identity, or leave you with malware on your device.

Often times WebRTC and DNS hijacking are working in conjunction with each other: a malware attack known as DNS changer that can be injected into a system by means of JavaScript execution followed by a WebRTC call that you’re unaware of. Done successfully, it can gain your IP address.

Other lesser-known vulnerabilities associated with VPN networks are Public IP address, torrents, and geolocation

How to Test for Leaks

It might be best to cut right to chase here sort of – The easiest way to determine if you’ve got a leak is to visit IPLeak.net, and do it with your VPN turned off. This site is a very nice resource. Once you’ve visited, then leave seat and turn your VPN back on before repeating the test.

Then, you compare results.

The torrents and geolocation tests available are fairly worthwhile themselves, but probably not as much of a factor indicator as the DNS. Navigating the internet is done by your device communicating with DNS servers that translate web URLs into numeric IP addresses. In the bulk of those instances, you’ll have defaulted through your ISP servers, and unfortunately these servers tend to be very leaky on their own to begin with.

Leakage through your local servers can serve up your physical location to those with bad intentions, even with a VPN set up and utilized. VPN services route their customers through servers separate from their ISP in an effort to counter these actions.

Once you determine your data is leaking, what is there you can do to stop it? Read on.

Preventing Leaks and Choosing the Right VPN

A good suggestion is to disable WebRTC in your browser, and doing so even before installing a VPN solution. Some developers have set this to be a default configuration, while most better ones will have this is an enabled option.

Search ‘WebRTC’ in the help file of your browser and you may be able to find instructions on how to modify the flags or .config file. Do so with caution, however, and don’t take actions until you’re 100% certain they’re the correct ones or you may risk creating quite a mess for yourself.

Other good preventative measures include:

  • Going with the servers suggested when configuring your VPN – typically not those of your Internet service provider (ISP) but ones maintained by the VPN provider. Not all of them have them, though
  • Aiming to have a VPN that has upgraded protocols making it compatible with the new IPv6 address naming system. Without one, you’ll have a much greater risk of leaks. If you’re about to move to a VPN, this should be one of your primary determinations
  • Making sure your VPN uses the newest version of the OpenVPN protocol, and especially if you’re on a Windows 10 OS device (it has a very problematic default setting where the fastest DNS servers is chosen automatically. OpenVPN prevents this)

Overall, the security of tunneled connections is going to be compromised big time by a leaky VPN. If the security of your data is a priority for you, then you should be evaluating VPN products, reading their guides and learning about best ways to secure your system against accidental leaks.

Keep in mind as well this isn’t a ‘set it and forget it’ scenario either. You need to check for leakage from time to time to ensure nothing has changed with your system. Last but not least, make sure the VPN you use has a kill-switch feature that will cut off your connection immediately if a data leak is detected.

0

5G Networks: What to Expect

4GHadmin | 12 March 2019
Reading Time: 5 minutes

We don’t know about you, but for those of us here it doesn’t seem like it was that long ago that 3G Internet speeds were being revelled in as the latest and greatest. Things obviously change fast, as 3G has been in the rear view mirror for a long time now, and the reality is that the newest latest and greatest – 4G – is about to join it there.

Here at 4GoodHosting, the fact we’re a leading Canadian web host makes us as keen to learn more about what the new 5G networks have in store for us as anyone else who’s in the digital space day in and out. It appears that we’re in for quite a treat, although there are some who suggest tempering expectations. That’s to be expected anytime wholesale changes to infrastructure key to big-picture operations are forthcoming.

Nonetheless, we’re supposed to be immersed in the 5G world before the end of next year. Mobile 5G is expected to start making appearances in cities around North America this year, with much more extensive rollouts expected in 2020 so a discussion of what we can all expect from 5G is definitely in order. Let’s do it.

What is 5G, and How’s It Going to Work?

To cut right to it, 5G is the next generation of mobile broadband that will augment 4G LTE connections for now before eventually replacing them. 5G is promising to deliver exponentially faster download and upload speeds along with drastically reduced latency – the time it takes devices to communicate with each other across wireless networks. Right, that alone is worthy of some serious fanfare, but fortunately there’s even more to this.

But before getting into additional benefits expected to be seen with 5G networks, let’s have a look at what makes them different from 4G ones and how exactly these new super networks are predicted to function.

Spectrum-Specific Band Function

It’s important to start with an understanding of the fact that unlike LTE, 5G is going to operate on three different spectrum brands. The lowest one will be the sub-1GHz spectrum bands like GSMA / ITU. They are what’s known as low-band spectrums, and they’re the ones used for LTE by most carriers in North America. This spectrum is quite literally running out of steam, so it’s ready to be replaced. It does provide great area coverage and signal penetration but peak data speeds never exceed 100Mbps and often you’re not even anywhere close to that even.

Mid-band spectrums provides faster coverage and lower latency but the long-standing complaint related to them is that they fail to penetrate buildings and peak speeds top out at around 1GB

High-band spectrums (aka mmWave) are what most people think of when they think of 5G, and high-band spectrums can offer peak speeds up to 10 Gbps along with impressively low latency most of the time. The major drawback here though? It has low coverage area and building penetration is poor.

It appears that most carriers are going to start out by piggybacking 5G on top of their 4G LTE networks to start, and then nationwide 5G-exclusive networks will be built. Providers are very aware that small cells are going to required so that these suped-up 4G LTE networks don’t have their 5G appeal diminished with poor penetration rates and intermittently average download speeds.

In this regard, we all stand to benefit from the industry being cautious about not rolling out 5G on its own and then having growing pains with these networks.

Right, some people may not be familiar with small cells. They’re low-power base stations that cover small geographic areas that allow carriers using mmWave for 5G to offer better overall coverage area. Beamforming will be used to improve 5G service on the mid-band by sending a single focused signal to each and every user in the cell, while systems using it monitor each user to make sure they have a consistent signal.

Latency promises to be nearly if not entirely non-existent between the small cells and beamforming within 5-G enabled 4G LTE networks.

Examples of How 5G SHOULD Make Things Better

  1. Improved broadband

The reality today is that carriers are running out of LTE capacity in many major metropolitan areas. In some spots, users are already experiencing noticeable slowdowns during busy times of day. 5G will add huge amounts of spectrum in bands that have not been dedicated for commercial broadband traffic.

  1. Autonomous vehicles

Uber may have a devil of a time getting footed in Vancouver, but you can likely expect to see autonomous vehicles made possible with ubiquitous 5G deployment. The belief is that it will make it possible for your vehicle to communicate with other vehicles on the road, provide information to other vehicles regarding road conditions, and share performance information with both drivers and automakers.

This applications has a TON of promise, and it’s definitely one to keep an eye on.

  1. Public Infrastructure & Safety

It’s also predicated that 5G will allow cities and other municipalities to operate with greater efficiency. All sorts of civic maintenance process will be made more efficient by means of 5G networks.

  1. Remote Device Control

The remarkably low levels of latency expected with 5G make it so that remote control of heavy machinery may become possible. This means fewer actual people in hazardous environments, and it will also allow technicians with specialized skills to control machinery from any location around the globe.

  1. Health Care

5G and its super low latency may also be huge for health care applications. Since URLLC reduces 5G latency even further than what you’ll see with enhanced mobile broadband, we may see big improvements in telemedicine, remote recovery and physical therapy via AR, precision surgery, and even remote surgery in the very near future once 5G becomes the norm.

One of the most beneficial potential advances that may come with 5G as it concerns healthcare is that hospitals may be able to create massive sensor networks to monitor patients, allow physicians to prescribe smart pills to track compliance, and let insurers monitor subscribers to determine appropriate treatments and processes.

  1. IoT

Last but certainly not least is the way 5G will benefit the Internet of Things. As it is now, sensors that can communicate with each other tend to require a lot of resources and really drain LTE data capacity.

With 5G and it’s fast speeds and low latencies, the IoT will be powered by communications among sensors and smart devices. These devices will require fewer resources than ones that are currently in use, and there’s huge efficiencies to be had with connecting to a single base station.

It’s interesting to think that one day 5G will probably be as long-gone and forgotten as 3G is now, despite the fanfare we all gave it many years ago. You can’t stop progress in the digital world, and it’s fair to say that 99% of us wouldn’t want to even if we could.

 

0

The Surprising Ways We Can Learn About Cybersecurity from Public Wi-Fi

4GHadmin | 03 December 2018
Reading Time: 6 minutes

A discussion of cybersecurity isn’t exactly a popular topic of conversation for most people, but those same people would likely gush at length if asked about how fond of public wi-fi connections they are! That’s a reflection of our modern world it would seem; we’re all about digital connectivity, but the potential for that connectivity to go sour on us is less of a focus of our attention. That is until it actually does go sour on you, of course, at which point you’ll be wondering why more couldn’t have been done to keep your personal information secure.

Here at 4GoodHosting, cybersecurity is a big priority for us the same way it should be for any of the best Canadian web hosting providers. We wouldn’t have it any other way, and we do work to keep abreast of all the developments in the world of cybersecurity, and in particular these days as it pertains to cloud computing. We recently read a very interesting article about how our preferences for the ways we (meaning the collective whole of society) use public wi-fi can highlight some of the natures and needs related to web security, and we thought it would be helpful to share it and expand on it for you with our blog this week.

Public Wi-Fi and Its Perils

Free, public Wi-Fi is a real blessing for us when mobile data is unavailable, or scarce as if often the case! Few people really know how to articulate exactly what the risks of using public wi-fi are and how we can protect ourselves.

Let’s start with this; when you join a public hotspot without protection and begin to access the internet, the packets of data moving from your device to the router are public and thus open to interception by anyone. Yes, SSL/TLS technology exists but all that’s required for cybercriminal to snoop on your connection is some relatively simple Linux software that he or she can find online without much fuss.

Let’s take a look at some of the attacks that you may be subjected to due to using a public wi-fi network on your mobile device:

Data monitoring

W-fi adapters are usually set to ‘managed’ mode. It then acts as a standalone client connecting to a single router for Internet access. The interface the ignore all data packets with the exception of those that are explicitly addressed to it. However, some adapters can be configured into other modes. ‘Monitor’ mode means an adapter all wireless traffic will be captured in a certain channel, no matter who is the source or intended recipient. In monitor mode the adapter is also able to capture data packets without being connected to a router. It has the ability to sniff and snoop on every piece of data it likes provided it can get its hands on it.

It should be noted that not all commercial wi-fi adapters are capable of this. It’s cheaper for manufacturers to produce models that handle ‘managed’ mode exclusively. Still, should someone get their hands on one and pair it with some simple Linux software, they’ll then able to see which URLs you are loading plus the data you’re providing to any website not using HTTPS – names, addresses, financial accounts etc. That’s obviously going to be a problem for you

Fake Hotspots

Snaring unencrypted data packets out of the air is definitely a risk of public wi-fi, but it’s certainly not the only one. When connecting to an unprotected router, you are then giving your trust to the supplier of that connection. Usually this trust is fine, your local Tim Horton’s probably takes no interest in your private data. However, being careless when connecting to public routers means that cybercriminals can easily set up a fake network designed to lure you in.

Once this illegitimate hotspot has been created, all of the data flowing through it can then be captured, analysed, and manipulated. One of the most common choices here is to redirect your traffic to an imitation of a popular website. This clone site will serve one purpose; to capture your personal information and card details in the same way a phishing scam would.

ARP Spoofing

The reality unfortunately is that cybercriminals don’t even need a fake hotspot to mess with your traffic.
Wi-Fi and Ethernet networks – all of them – have a unique MAC address. This is an identifying code used to ensure data packets make their way to the correct destination. Routers and all other devices discover this information Address Resolution Protocol (ARP).

Take this example; your smartphone sends out a request inquiring which device on the network is associated with a certain IP address. The requested device then provides its MAC address, ensuring the data packets are physically directed to the location determined to be the correct one. The problem is this ARP can be impersonated, or ‘faked’. Your smartphone might send a request for the address of the public wi-fi router, and a different device will answer you with a false address.

Providing the signal of the false device is stronger than the legitimate one, your smartphone will be fooled. Again, this can be done with simple Linux software.

Once the spoofing has taken place, all of your data will be sent to the false router, which can subsequently manipulate the traffic however it likes.

MitM – ‘Man-in-the-Middle’ Attacks

A man-in-the-middle attack (MITM) is a reference to any malicious action where the attacker secretly relays communication between two parties, or alters it for whatever malevolent reason. On an unprotected connection, a cybercriminal can modify key parts of the network traffic, redirect this traffic elsewhere, or fill an existing packet with whatever content they wish.

Examples of this could be displaying a fake login form or website, changing links, text, pictures, or more. Unfortunately, this isn’t difficult to do; an attacker within reception range of an unencrypted wi-fi point is able to insert themselves all too easily much of the time.

Best Practices for Securing your Public Wi-Fi Connection

The ongoing frequency of these attacks definitely serves to highlight the importance of basic cybersecurity best practices. Following these ones to counteract most public wi-fi threats effectively

  1. Have Firewalls in Place

An effective firewall will monitor and block any suspicious traffic flowing between your device and a router. Yes, you should always have a firewall in place and your virus definitions updated as a means of protecting your device from threats you have yet to come across.

While it’s true that properly configured firewalls can effectively block some attacks, they’re not a 100% reliable defender, and you’re definitely not exempt from danger just because of them. They primarily help protect against malicious traffic, not malicious programs, and one of the most frequent instances where they don’t protect you is when you are unaware of the fact you’re running malware. Firewalls should always be paired with other protective measures, and antivirus software being the best of them.

  1. Software updates

Software and system updates are also biggies, and should be installed as soon as you can do so. Staying up to date with the latest security patches is a very proven way to have yourself defended against existing and easily-exploited system vulnerabilities.

  1. Use a VPN

No matter if you’re a regular user of public Wi-Fi or not, A VPN is an essential security tool that you can put to work for you. VPNs serve you here by generating an encrypted tunnel that all of your traffic travels through, ensuring your data is secure regardless of the nature of the network you’re on. If you have reason to be concerned about your security online, a VPN is arguably the best safeguard against the risks posed by open networks.

That said, Free VPNs are not recommended, because many of them have been known to monitor and sell users’ data to third parties. You should choose a service provider with a strong reputation and a strict no-logging policy

  1. Use common sense

You shouldn’t fret too much over hopping onto a public Wi-Fi without a VPN, as the majority of attacks can be avoided by adhering to a few tested-and-true safe computing practices. First, avoid making purchases or visiting sensitive websites like your online banking portal. In addition, it’s best to stay away from any website that doesn’t use HTTPS. The popular browser extender HTTPS everywhere can help you here. Make use of it!

The majority of modern browsers also now have in-built security features that are able to identify threats and notify you if they encounter a malicious website. Heed these warnings.

Go ahead an make good use of public Wi-Fi and all the email checking, web browsing, social media socializing goodness they offer, but just be sure that you’re not putting yourself at risk while doing so.

0

Cloudflare is changing the game

4GHadmin | 09 October 2018
Reading Time: 2 minutes

In a world where Google, Amazon and Facebook dominate the tech space, Cloudflare has stolen away the headlines for the betterment of the internet with its recent announcement. The company announced on its 8th birthday that they would be launching a domain registry, and it is unlike any we have seen before.

Cloudflare, to the shock of many in the industry, has decided not to charge anything above the federally mandated cost to register a domain with the government. That is right; this multi-billion dollar company has chosen to not make a single penny off of your domain registration. In a world where the average Canadian spends between $10-$15 per domain, this is remarkable.

Cloudflare is not a small company and is about the same scale as Google at the moment. It has a core set of business that sees itself as a content distribution platform and secure infrastructure vendor for millions of client across the globe. It also has recently announced it is on a path to an IPO and has raised hundreds of millions of dollars in preparation for this. So why do this?

Cloudflare is a unique company in the tech and capital market as they are doing two different things than any other major brand. First, the company does not see the internet as a property that you can corner, and instead looks to promote a free, equal and open internet, much like the values from Internet 1.0. Secondly, the company is doing things for the good of the internet, and although this might ultimately fail once the company scales, it is still a refreshing view from a larger company in the tech space.

This does leave one important question for consumers, what does this mean for the cost and registration of their domain? Well, it is a little up in the air. The Cloudflare system is still being tested and should be live within the month, but it looks to be set up similar to every other registry system. If you are up for renewal, it might be time to take a look around and see if you can benefit from using this new system. As well, for those who are operating hosting or other third party services, your overall cost to your company to get a website should start to drop for your packages if you choose Cloudflare as your registry option.

However, this does still leave some questions. Will the other registry companies like GoDaddy also drop their prices, or will they continue the same old costing options going forward? As well, if you are looking for other nations or domain names, will Cloudflare offer those? Finally, will Cloudflare provide an easy to use swapping option? These are all tough questions, and we will need to wait and see how Cloudflare’s announcement has changed the industry in only a few short weeks.

What are your thoughts? Is this just a bump in the road for the major registry options on the web, or the start of more competitive space for those looking to register domains?

0

The Dangers of Abandoned Domain Names

4GHadmin | 11 September 2018
Reading Time: 3 minutes

Many people will have a domain name they once owned that eventually lost its value and was discarded. Most of those folks won’t have given much thought to it after declining to renew it with their web hosting provider, and 9 times out of 10 it’s true that nothing more will come of it. However, cyber security experts are now letting people know that an abandoned domain name can allow cybercriminals to gain access to email addresses of the company or individual that previously owned it.

Here at 4GoodHosting, we’re not unlike any other Canadian web hosting provider in the way we claim domain names for clients across hundreds of different industries. Many of whom will have that same domain name for themselves to this day, but some will have abandoned one or more because they found something better or simply because the domain name wasn’t required anymore for whatever reason.

Here’s what happens when a domain name expires. It goes into a reserved state for a certain time, during which time the the recent owner has the ability to reclaim it. If and when that time expires, it becomes available for re-registration for whomever at no additional costs, identity or ownership verification. Now while it is true that SEO professionals and spam trap operators are good at keeping track of abandoned domain names for various purposes, many of them will not know they are a potential security risk. So let’s discuss this here today.

Insider Access Information

Look no further for a pressing concern than the fact that the new owner of the domain name can take control of the email addresses of the former owner. The email services can then be configured to receive any number of email correspondences that are sensitive in nature. These accounts can then be used to reset passwords to online services requiring sensitive info like personal details, financial details, client-legal privileged information, and a lot more.

Recently this has been more in the new because of research performed on domain names abandoned by law-firms in Australia that were cast off as a result of different mergers and acquisitions between companies. These law firms had stored and processed massive amounts of confidential data, and when the domain names were abandoned they still left breadcrumbs that could possibly lead the new owners of those domains to sensitive information.

The possibility of this being VERY problematic should be easy to understand. Email is an essential service in every business, and is a company lost control of their email lists it could be devastating, especially considering sensitive information and documents are often exchanged over emails between clients, colleagues, vendors and service providers due to the simple convenience of doing so.

The study Down Under found that an average of nearly a thousand ‘.au’ domain names (country code TLD for Australia) become expired every day, and we can assume that number is considerably larger here in North America. Further, the list of expiring domain names is typically published in a simple CSV file format and accessible to whoever would like to see it, giving access to anyone who wants to see the domain names that have expired.

Communications storied in the cloud are especially at risk. IIf all the messages aren’t deleted from these cloud platforms, they may remain accessible for the new owner of the domain and then you now have the potential for a leak of sensitive info.

Of further concern is the fact that if that email address has been used to sign up for an account on social media platforms like Facebook, Twitter, or LinkedIn, etc. then the domain’s new owner can reset the passwords and gain access to those accounts.

To avoid this scenario, Companies should ensure that the domain name remains valid for an indefinite period even if it has been abandoned. All the notifications that may contain confidential information should be unsubscribed from the emails.

In addition, disconnecting or closing the accounts that are created using business emails is recommended. Enable two-factor authentication for all the online services that allows it as well, and be sure to do this as soon as possible and leave it in place indefinitely. This is good advice not only for businesses or venture that make use of multiple domains and have moved on from plenty in the past, but it’s good advice for anyone in today’s day and age of cyber threats.

0

Site Isolation from Google Promises to Repel More Malware Attacks

4GHadmin | 16 July 2018
Against malware
Reading Time: 2 minutes

Against malware

Security in the digital business world is really a challenge these days, and the world wide web is becoming as full of nefarious characters at the town of Machine, the ‘End of the Line’ as it were in the cool monochrome Western Dead Man with Johnny Depp from the ‘90s. A few months back we had detailed the big bad Spectre virus that had come onto the scene and posed major threats as regarded the insecurity of data for any type of website handling sensitive personal information.

It continues to be a ‘thing’, and in response to it Google recently enabled a new security feature in Chrome that secures users from malicious attacks like Spectre. It’s called Site Isolation, and is a new feature available with Chrome 67 on Windows, Mac, Linux, and Chrome OS. Here at 4GoodHosting, we’re a Canadian web hosting provider that puts an emphasis on this for obvious reasons, always seeking to be as on top of our clients’ web hosting needs as effectively as possible.

Google’s experimentation with Site Isolation has been going on since Chrome 63, and they’ve patched a lot of issues before enabling it by default for all Chrome users on desktop.

Chrome’s multi-process architecture allows different tabs to employ different renderer processes. Site Isolation functions by limiting each renderer process to documents from a single site. Chrome then relies on the operating system, and mitigates attacks between processes and any site.

Google has stated that in Chrome 67, Site Isolation has been enabled for 99% of users on Windows, Mac, Linux, and Chrome OS, according to a recent post on their company blog, stating further that ‘even if a Spectre attack were to occur in a malicious web page, data from other websites would generally not be loaded into the same process, and so there would be much less data available to the attacker. This significantly reduces the threat posed by Spectre.’

Additional known issues in Chrome for Android have been identified and are being worked on. Site Isolation for Chrome for Android should be ready with Chrome 68.

Need for Speed

Quick mention as well to Speed Update for Google Search on mobile. With this new feature the speed of pages will be a ranking factor for mobile searches. Of course, page speed has already been factoring into search engine rankings for some time now, but it was primarily based on desktop searches.

All of this is based on unsurprising finding showing people want to find answer to their searches as fast as possible, and page loading speed is an issue. Keeping that in mind, Google’s new feature for mobile users will only affect the pages that are painfully slow, and that has to be considered a good thing. Average pages should remain unaffected by and large.

We’re always happy to discuss in more detail how our web hosting service comes with the best in security and protective measures for your website when it’s hosted with us, and we also offer very competitively priced SSL certificates for Canadian websites that go a long way in securing your site reliably. Talk to us on the phone or email our support team.

0