iPad Drawings

Check out more of these drawings made with “Paper” app on the iPad.

Posted in Amusement, Drawing

WP 3.3.2 Closes swfObject Loophole

For those of you playing along at home, you no longer need to plug the vulnerability manually. Woo hoo! And if you never bothered to patch that hole, upgrade now, darn it! (Learn more here.)

Posted in Technical Geekery, Tutorial

Thumbnail Guide to SSL and TLS Certifications

SSL Certifications

SSL (and TLS) keep web connections reasonably safe from eavesdropping and in-transit hacking.

WHAT IT IS

SSL (secure socket layer) and TLS (transport layer security) certifications keep web connections reasonably safe with a system of secret handshakes, lock boxes containing keys to other lock boxes and passwords. Think “prohibition era speak easy” and you’ve got a good idea of what’s going on. The certificates are random strings of numbers that cannot, statistically speaking, be hacked. Of course, the Russian mafia has deep pockets.

WHAT IT DOES

The good news is that with an SSL or TLS certificate user data such as credit card numbers are protected during transmission. (TLS is more secure and almost no host supports it at this time. Eventually we will all need to upgrade to TLS.)

The bad news is that once that information goes into your online databases, it is not immune from being hacked. Once someone is inside the speakeasy, they could, theoretically, jump the bar and start swiping bottles. General business liability insurance most likely DOES NOT cover liability that results from either data transmission interception or hacking.

Image Credit: DotEasy.com

WHICH VENDOR

SSL and TSL are generic security measures. They are an interchangeable commodity. People have their vendor preferences, but the only real difference is price. The mechanics of all SSL and TSL certificates are the same.

Some companies sell their certificates for $2700 + tax + $500 name fee. A knowledgeable webmaster can generate their own, equally secure, certificates in house for free. Some companies offer $250,000 in issuance insurance. This is a red herring. This insurance DOES NOT protect from liability issues resulting from transmission hacking, it only allows us to get back up with the same certificate if a web server blows up or otherwise goes off line.

In the personal opinion of Ofazomi, the vendor choice is irrelevant and I advise going with the free or low cost SSL certificate provided with just about any hosting account. The critical issue here is to have an additional rider drawn up and added to your company business liability insurance policy specifically covering security breaches related to an online store.

NAMES! NAMES! I WANT NAMES!

GeoTrust and VeriSign/Symantec are both well respected SSL Certificate vendors.

Posted in Education

Design Blog Round Up

In no particular order, from the lone, late night effort to the commercial mainstay:

Posted in Amusement, Education, Fiddling & Time Wasters, Stuff To Do, Technical Geekery, Tutorial, Vocation & Profession

Thumbnail Guide to eCommerce Hosting

You Want To Sell Stuff?

It is assumed here that you are not Amazon.com. This is basic information for a small business that has outgrown eBay or Etsy or wants an alternate sales path free of commission. Web stores are databases tied to credit card machines. Think of FileMakerPro attached to an ATM.

TECHNICAL REQUIREMENTS FOR HOST SELECTION

You will remember from the Thumbnail Guide to the World Wide Interwebs that the internet is a giant city of trailer parks in the sky and your host is the specific trailer park where your website lives. You will also remember from the Thumbnail Guide to Hosting there are some things to look for in a host.

Web stores require you to think about a few things in order to build a store properly. The trailer park owner has to be zoned for a retail establishment and speak databas-ese. (SQL Support) Your trailer needs doors and those doors need locks. (SSL Certs) The trailer shouldn’t double as your personal residence and you definitely can’t have roommates. (Dedicated IP) It’s good to be on a main road. (C-Class IP) It’s good to have more than one driveway in case one gets blocked. (Cloud Hosting) It’s good to have plenty of parking. (Bandwidth) It’s good to have the park owner that keeps up the flower beds, shovels the sidewalks and helps out. (Current Software and Patches, Fantastico, Softaculous or similar scripts library, 24/7 Tech Support.

What about safety? What are all these SSL Certificates all about? (Click to find out!)

 

Posted in Education, Web