Computer Science Stuff

Google’s next big thing on the market, is Google Wave. Google Wave is a creative way for people communicate and work at the same time. The service utilizes existing google products, Gmail and Google Docs working as an extension them to create a great tool for communication using these products to organize documents collaboratively, plan events, play games or discuss recent news.

When communication you communicate in Google Wave, you create a new event called a wave.  SO what is a wave? Quoted from Google

A wave is equal parts conversation and document. People can communicate and work together with richly formatted text, photos, videos, maps, and more.

A wave is shared. Any participant can reply anywhere in the message, edit the content and add participants at any point in the process. Then playback lets anyone rewind the wave to see who said what and when.

A wave is live. With live transmission as you type, participants on a wave can have faster conversations, see edits and interact with extensions in real-time.

Does this sound familiar? (Go down to the next section for EXPLANATION) It can also even be viewed as a social networking site in a sense, but with Google products. So imagine Facebook with it’s applications but under Google’s name. It’s pretty straight forward here’s a video on Google Wave.

What I think about this

Now this seems funny to me that Google decided to launch this but it seems as though this is twitter but BETTER! The whole purpose of twitter is updates and allowing people to follow you which main component is communication. I guess if Facebook was trying to buy Twitter for 500 million dollars it would raise some eyebrows. And since Twitter refuse offers to allow people to acquire the company I guess Google came up with this saying, “So if you can’t buy twitter just create something like twitter, lol”.

I’m starting to see a trend with Google now. It seems as though Google’s business model isn’t about creating new technology but jumping onto something that is popular or widely use and making it better. And it seems as though the next trend is communication. So let’s see if people will decide to tweet or ride the wave.

Popularity: 11% [?]

Recently I have heard about how Twitter has been hacked using brute force techniques and even how Barack Obama page was hacked on Twitter. You would think a web application as popular as Twitter would have better security measures. There are different ways to hack websites but the most common way websites are hacked is by poor configurations and weaknesses found in the websites. Here are the ways to combat hackers.

1. Check the file permissions for files on your server

If you have files that allow anybody to modify them such as groups and users then you already have a major problem. You need to only allow users to view your content not write to it.

2. Check the privileges of user names accessing the database you are using.

Sometimes granting all privlieges for a username of a database can be dangerous. When designing your website that stores all of your information in a database it is best to split the privlieges between multiple usernames. This could cause the hacker some pain and time when trying to retrieve information from your database.

3. Make sure passwords are above 6 characaters with CAPS and Numbers and double hash them.

When passwords are short lengths and contain no caps and no numbers it makes it easier to do brute force attacks on the websites. So always make sure it is over 6 characters and add caps and numbers to your password. On the backend make sure you double hash passwords. When you double hash them use two different types of hashes. This is will throw hackers off some.

4. Always validate the visitors input.

When you have visitors enter in information that will be sent to the database make sure you protect against query attacks. There are certain combinations that visitors could use to reset passwords or drop your database. So every time they enter in values make sure you have a function to remove bad characters to protect your database.

5. Use computer generated pictures when allowing users to login or signup.

When hackers hack login information, they use a program and to loop through all the possible combinations for a password. If you use computer generated pictures for validation it will cause them even more discomfort for a hackers because they will need a program to read computer generated pictures which is close to none!

6. Use SSL.

SSL is a cryptographic system that uses two keys to encrypt data. SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely. To get a better understanding look below at the block quote from php.net.

SSL/SSH protects data travelling from the client to the server, SSL/SSH does not protect the persistent data stored in a database. SSL is an on-the-wire protocol.

Once an attacker gains access to your database directly (bypassing the webserver), the stored sensitive data may be exposed or misused, unless the information is protected by the database itself. Encrypting the data is a good way to mitigate this threat, but very few databases offer this type of data encryption.

You can buy SSL certificates from your web hosting company or from independent websites.

7. Keep your system up-to-date.

If you are using php 3 and php 5 is out then you need to UPGRADE!!! Usually when you update your system they include patches to solve security problems that the previous release did not have.

8. Customize your security and create no documentation for IT!!!

Most of the time on the internet everybody is using the code because they downloaded it from somewhere in which over a thousand users downloaded the same thing. Hackers will download it to so they can know how to hack it to. If you are real serious about security I suggest you create your own technique after researching other methods out there and create NO documentation for it. I agreed with open source but not when it comes to SECURITY! This will make it hard for hackers and they will move on to an easier website to wreck havoc.

Popularity: 23% [?]