May 2015 News & Tips

WordPress Users Should Update Plugins Now!

WordPress LogoEven the latest WordPress 4.2 is vulnerable, so users are warned. In particular the most recent bulletin notes that the XSS flaw is executed through comments and permits the attackers to execute arbitrary code, or, in effect, become the administrator.

A quick fix is to eliminate comments until a patch is released, and to avoid logging in as an administrator.

Multiple WordPress plugins may be vulnerable to the persistent cross-site scripting (XSS) flaw. A list of the known plugins is available here, but WordPress users have been urged to update all plugins now.

Cross-site Scripting allows an attacker to embed malicious content into a vulnerable page to gather data. The use of XSS can expose and compromise private information, manipulate or steal cookies, create requests that can be mistaken for those of a valid user, or execute malicious code on the end-user systems.

You can also read more at Net-security.org.

**Note that because WordPress has particular security issues, SiteVision offers an update service on an as requested basis ($60) or as a monthly maintenance feature ($60 monthly, 1st month free). Just contact us.

[divider_line]

SiteVision’s Daria Norris to Speak at National Development Conference

Daria, SiteVision’s Lead Technical Architect, has been invited to speak at this year’s dev.Objective() conference, May 12-15 in Bloomington, MN. The web-centric conference covers a wide variety of topics relating to software development and skills with content geared toward mid-to-advanced-level developers.

Daria NorrisNorris will deliver two sessions. The first, Feed Your Beans: From Anemic to Domain Driven Modeling, will cover four model patterns, their pros and cons, common anti-patterns, business logic in beans, and domain driven modeling. The second session, FW/1 3.0: Simplify Your Workload, will focus on Framework One (FW\1) and Inject One (DI\1) and how to simplify development workload while providing best practices.

The conference session list typically includes topics by speakers from companies such as Google, Adobe, Mozilla, Netflix, and IBM.

Kudos to Daria!

[divider_line]

VITAlogotypeVITA Renews Annual Service Contract With SiteVision & Adds Services

SiteVision will continue to serve as a provider for Hosting and Software as a Service (SaaS) for Virginia State Agencies, including all local government entities.

Vulnerability Scanning Added this year is a provision for Web Application Vulnerability Scanning. Application Vulnerability Scanning is a technique to identify and assess security risks before a possible or likely exploitation.

The process has become increasingly important as major intrusions escalate across all web stratifications.Virginia Agency and local government entities can contact SiteVision for consultation and pricing.

The Virginia Information Technologies Agency (VITA) administers the contract awards and renewals as part of Virginia’s electronic government services program (eGov).

[divider_line]

Google in the News

Google Introduces “FI”

fi_logo_2xGoogle calls it a new way to say “hello.” Reviewers call it anything from a takedown of the big wireless providers, to a fairly underwhelming offering. But what seems to be consistent is “fi’s” potential to be a game changer.

So what is it? Google has confirmed plans to launch its own wireless service, Project Fi, which automatically switches between Wi-Fi and Wireless to give you the best possible coverage. Partnering with Google are T-Mobile and Sprint.

Fi comes with one plan at one price, Google says. For $20 a month, subscribers get the talk, text, visual voicemail, Wi-Fi tethering and international coverage. It’s $10 per gigabyte of data after that for cellular data while in the U.S. and abroad. In a nice twist, the plan refunds any data you don’t use.

In some studies, close to 30% of carrier paid-for data goes unused, suggesting consumers are considerably over-paying for unneeded data coverage.

Described as a “project,” Fi is by invitation only for the initial offering, and works only on Nexus devices.

You can read more at Google, USA Today, TechRepublic and Mashable.

[divider_line]

SEO Alert: MobileGeddon Is Here

Google AlgorithmGoogle has updated its algorithm to evaluate websites it classifies as “mobile-friendly” better on mobile search engines.

You can run a mobile-friendly test here

You can read more here:

[divider_line]

Quick Takes

AppleWatchMy weekend with Apple Watch — and the verdict is . . .

Breach Outbreaks Fuel Encryption Adoption

New Windows 10 preview beefs up Mail app and more

Opening Windows Source Code Could Improve Security

Microsoft kicks off two-month Spartan bug bounty program

SiteVision News & Tips November 2014

Windows OS: A Long, Slow Slog To Perfection?

win10previewIt’s really hard to get excited about an OS that has failed consumers and business in so many ways. But maybe there’s hope. Windows 8.1 got a boost in adoption from 6.7 percent in September to nearly eleven percent in October. And, yes, soon there’s to be a leap – not to Windows 9 – but to Windows 10.

As should be expected, however, most consumers are holding on to their version of Windows until the dust settles or the cows come home (whatever happens first). Windows 7, for instance, still has a whopping 53 percent share, followed by XP at 17 percent – down from nearly 24 percent in September – when Microsoft cut off support for that version.

Shutting Down The XP, VISTA Win 7 Lifeline:

A look at the numbers might suggest that the Win 8.1 increased market share had more to do with a Microsoft power play. MS is virtually forcing XP, VISTA, and Win 7, 8 users to adopt Win 8.1 as they begin to cut off consumer retail sales and mainstream support for Pre-8.1 OS versions. With the earlier lifelines shutting down, there’s really little choice for desktop Window users, other than to hold on, or move to 8.1 (aka Windows 10).

So It’s On To Win 10:

The Win 10 Technical Preview (9841) tells us a bit about what the expected 2015 release will sport, with substantial tweaks and additions, no doubt. In fact there’s already an update build called 9860 promising some 7,000 changes and additions. While the Technical Preview is exactly what it says – it’s geared to technical users, both techies and regular users can view a Microsoft video that illustrates expected features and tweaks for Windows 10.

Since the Microsoft OS commands a whopping 91 percent (plus) desktop market share, it’s likely you, too, will soon be running Windows 10. Enterprise users, however, will probably continue to resist embracing an operating system with a pretty dismal record to date. You can read more at Microsoft (lifecycle), Forbes, CNET, TechRadar, and Computerworld

SiteVision Certified As SOC-1 SSAE 16 Type II Compliant.

Alt text hereWe’re proud to have achieved this certification! It follows a robust, independent third party audit that performed a rigorous assessment of SiteVision company controls that included administration, human resources, management, development, hosting, security policies, procedures and practices, as well as training and contracting. The compliance standards are those developed by AICPA (American Institute of Certified PUblic Accountants).

Regular customers, as well as those with sensitive security and document requirements, can outsource multiple needs knowing that SiteVision is compliant. You can read more here.

iphone6-smThe Best Smartphones Right Now

If you’re looking ahead to the holidays and to treating yourself or a significant other to a new Smartphone, there are a few that consistently rise to the top.

It probably comes as no surprise that the new iPhone 6 and 6 Plus are hands down winners with almost every reviewer we checked out. Others that were consistently found in the top tier were Samsung Galaxy 5, the new Moto X, The LG G3, the Sony Xperia Z3, and the HTC One M8. You can check them out at: CNET, TechRadar, ZDNET, Business Insider.

Just Introduced: The Nexus 6

N6-smThe hot, new Nexus 6, gets a good first take from reviewers who also note that this phone is a top tier offering with a price to match. Great specs, a 13-megapixel phone, “buttery smooth operation,” and the new Lollipop operating system make it an intriguing contender late in the year according to CNET’s first take. It is slated to be available off or on contract as preferred. Last we heard it was already backordered, or as Google prefers to call it available for “preorder”! Expected shipping mid-November?

Nexus9_smAnother Newbie From Google: The Nexus 9 Tablet.

Just out, the new Nexus 8.9” tablet gets a positive take over at TechRadar. Strong specs, the new Lollipop operating system, great speakers for a device of this type, a 2,048 x 1,536-pixel-resolution with a decent, but not cheap price point, make it a contender to be considered. Pricing starts at $399 for a 32GB model. Current Competitors include the Samsung Tab S (in 10.5” and 8.4”), the iPad Air 2, and Sony’s Z3.

Drupal Warns Users: Apply Latest Security Patch Now.

drupal logoFor users who have not deployed the latest patch released on October 15, Drupals says consider yourself compromised, and restore from a backup now!

“Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 – Drupal core – SQL injection,” the Drupal security team said.

“You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.”

This is a biggie for Drupal users. Intrusion is very hard to detect, and the compromise is massive. Drupal considers the patch highly critical.
Read More Here

SiteVision August News & Tips

IN THE NEWS

Online Hacking. You Are A Target.

Congratulations. You haven’t been hacked yet. The bad news? You probably will be. While online companies promise to keep your information private, recent history suggests it’s pretty much an empty promise.

Think Zappos – about 30 million accounts hacked. Living Social – 50 million. Oh, and by the way, a majority of breaches occur for financial accounts. And that’s just a tiny sampling. Scary, huh? As the saying goes there are only two types of online companies: those that have been hacked and those that are about to be.

maskme_home_logoThat means you have been or likely will be attacked – Really. Truly. No fooling. So what to do? One nifty program, MaskMe, is an easy to use browser add-on and mobile app designed to protect your email account, your phone number and your credit cards and your passwords. It acts as your personal, kung-fu bodyguard, so to speak. Cnet and others give it high marks. Abine,
the company who created MaskMe, is also the creator of “Don’t Track Me,” another useful program to prevent online retailers, thieves, social networks, etc from tracking you as you browse the internet.

The moral: while you may not care if your tweets get hacked, you really don’t want your bank account, your credit cards, or your personal identity in the hands of the evil-doers! So do yourself a favor, and do something now.

Oh, and by the way. At the very least, check out our previous article on basic Password Strategies.

[divider]

SiteVision’s Statewide Hosting Award – Customer How To Guide.

SiteVision awarded VITA Hosting Services ContractAs we’ve mentioned, SiteVision was honored to be awarded a VITA (Virginia Information Technology Agency) statewide contract for the Commonwealth’s electronic government (eGov) services. The contract is for advanced Hosting and related technologies. All Virginia public bodies, including state agencies, universities, school systems and localities, can use the eGov contracts.

In addition to traditional hosting technologies, SiteVision offers customized solutions such as GIS, Cloud, Data-Driven, SAAS and IAAS options.

Now, to help customers transition more easily, we’ve provided a useful “How To Get Started” guide that provides step-by-step assistance. You can find it by visiting SiteVision and download the PDF. In addition, you can contact SiteVision with any questions you might have, or ask us for guidance on how best to accomplish your hosting goals.

As always, we’re anxious to make your hosting experience the best it can be!

[divider]

Did Google’s “ChromeCast” & New Nexus 7 Get the Drop on Apple?

And did Google’s nifty little streaming gadget wow? Oh, yes! While Chromecastthere’s room for improvement, what’s not to like about a little $35 thumb-drive sized USB streaming device that plugs into your HDMI TV and uses almost any of your devices as a remote control. For example: open your Netflix or the You Tube app on any device and stream away. The app doesn’t steam. It’s sends a signal to the ChromeCast device. It’s amazingly simple and easy to set up according to reviews. And did we say this innovative little streaming device is about as inexpensive as you can get?  TechCrunch is among those who really like it.

Nexus7The new Nexus 7 was another show stopper. It sports the highest resolution to date of any tablet out there – a simply gorgeous screen. Apple, did you hear that? Cnet calls it “ . . . the best small tablet you can buy.” The basic specs? Android 4.3, a 1,920 x 1,200 IPS display, 2GB of RAM, a rear camera, a quad-core processor and wireless charging Pricing is quite impressive as well – $229 for a 16G with wifi; 269 for a 32G with wifi. No doubt there are a few discounts (or will be) beyond the published pricing from Google.

[divider]

Welcome New Hosting Customers!

dcr.virginia.gov — VA Dept of Conservation
mrc.virginia.gov — VA Marine Resources Commission
dof.virginia.gov — Virginia Department of Forestry
vbbe.virginia.gov — Virginia Board of Bar Examiners
dma.virginia.gov — VA Dept of Military Affairs
mvdb.virginia.gov — Motor Vehicle Dealer Board
dyslexiadash.com — Dyslexia Dash
buyvrabonds.com — Virginia Resource Authority
virginiaresources.org — Virginia Resource Authority

[divider]

A Reminder: Google Publishes Online Phishing and Malware Scams

Google has said it will begin to regularly publish Internet security data on malware and phishing scams that infect computers and steal consumer information.  The weekly reports will include the number of offending sites and their map locations.  The company said it finds about 10,000 such sites a day.  Google will also disclose government and law enforcement requests for user data. The data will be included in Google’s Transparency Report.  The data comes from Google’s Safe Browsing program, which the company uses to find and flag malicious sites across the Internet.

SiteVision News & Tips

 

IN THE NEWS

Win 8+ – Prettier, Friendlier, But Will You Fall In Love?

[image source_type=”attachment_id” source_value=”5130″ align=”left” size=”small” quality=”100″] The Microsoft Build Conference revealed that perhaps, just perhaps, Microsoft gets it. The traditional MS corporate narcissism – so apparent in the release of Windows 8 – was universally criticized. The new build of Windows 8, now dubbed Windows 8.1 features a plethora of changes to allay the growing and often strident criticism of the original release. According to some, it’s what Windows 8 should have been. But no matter the hue and cry, MS Windows still dominates worldwide desktop usage with more than an estimated 80% market share.

In a nutshell, Windows 8.1 will:

There’s a good bit more, and we’ve linked a Windows Preview. There is also a download, but be forewarned, it’s not for the novice or faint of heart. Definitely read the FAQ before you leap.
For more in depth reports of the new iteration see: ZDNet, Fox, PC World, Information Week

[divider]

Tablets Munching Away At Desktop Share

While Windows still dominates PC desktop market share, iOS is the mobile leader with a nearly 60% share. Android is next with about a 24% share. It’s interesting to note that Android has taken about a 20% market share away from iPad in the last year. In fact, by 2015, unit tablet sales are projected to come in at 337.8 million, eclipsing combined desktop and laptop sales of 292.2 million, according to Gartner. Internet Explorer is still, far and away the most popular browser, however. In general the PC market is expected to continue to decline as user behavior changes and as a growing and versatile choice of tablets, cell phones and other mobile options become available at increasingly attractive price points. You can read more here: Gartner, Wikipedia, ZDNetNet Market Share

[divider]

Google To IRS: Pay Up Or Else:

moneyIn an interesting twist, Google is suing the Internal Revenue Service over a prior AOL stock transaction claiming that the US government owes them a whopping $83.5 million. In the suit, Google argues that the IRS disallowed a Google deduction in error. . Forecasting an optimistic outcome, Niki Fenwick, a spokeswoman for Google, said in a phone interview, “We hope to have it resolved soon.” Bloomberg Business Week, CNET

[divider]

Are You A Wimp? Size Matters.

No WimpsAre you just a wimp – an insignificant piece of dark matter? According to Harvard Research, it depends in part on the size of your computing device. Really? Well, at least, maybe. A couple of researchers found experimentally that the larger your computing device the more power and confidence you exude. Hunching over a small device is diminishing, while a large screened device appeared to produce a more assertive and in control persona. If you are so inclined, you can read more here: Harvard Business School

[divider]

Google To Reveal Online Phishing and Malware Scams

Google has said it will begin to regularly publish Internet security data on malware and phishing scams that infect computers and steal consumer information. The weekly reports will include the number of offending sites and their map locations. The company said it finds about 10,000 such sites a day. Google will also disclose government and law enforcement requests for user data. The data will be included in Google’s Transparency Report. The data comes from Google’s Safe Browsing program, which the company uses to find and flag malicious sites across the Internet

SiteVision News & Tips: May 2013

PasswordsNew Rules for SiteVision Email!

To comply with Anti-Spam regulations and standards:

As of April 16, new passwords must: be at least 8 characters long and contain a capital letter, lower case letter, and number.

By now, you are surely aware of our new email account requirements, limits and password requirements.  It’s become a really critical issue for you and for all of us in the digital world.

In an internal review, we have discovered that most of your SiteVision email passwords could be easily hacked using a standard desktop computer.

Since nonsensical passwords can be difficult to remember, consider using a pass-phrase that reminds you of something, or is familiar.  Examples:  iLuv2shop,  d0n’tskipLunch, meetMyQu0ta, and so forth.

For the full scoop visit this article at our Help Desk and our tutorial on passwords

Helpful Email Tips

Use Unique Passwords for Your Important Accounts. Never use the same passwords for your important banking, stock, healthcare and personal information accounts. Hackers test stolen passwords and user-names from a particular site across many Internet sites, meaning your identity and banking and stock resources could be severely compromised with single use passwords. Give each of these account types a unique password!

Keep your password reminders in a Safe Place. Most of us couldn’t’t possibly remember all of our passwords to all of the sites we commonly use. So, if you decide to save your passwords, don’t leave notes with your passwords lying around in plain sight. If you save your passwords in a file, create a unique name for the file, so that people don’t know what’s inside. Avoid giving the file an obvious name, such as “my passwords.”

convertible_No More Parking Tickets?

Several clever new mobile apps not only help you park, but check your meter and find your car, too. ParkMe for Apple displays the closest parking and real time availability.  Another, HONK, for iPhone & iPad checks your meter, records where you parked your car and reminds you where to find it again.  Waze, for Apple and Android, is a social GPS app lets you get up to the minute traffic, detours and such from fellow travelers.  Take a look at this USA Today video here.  You can also visit the app sites:  ParkMe  Honk  Waze

Google-GlassDevs:  If  You Don’t Play Nice, Google Will Brick Your Google Glasses.

For those of you developers who rushed to purchase Google Glasses for development purposes and paid a hefty price, don’t get silly and try to sell, rent, loan or otherwise try to make a penny or two off of your prized possession.  Best to stick to the challenge at hand:  developing apps for the device. Cnet gives you the details

 Mycestro-the-next-generation-mouseAw, Our Beloved Mouse Is Probably Going, Going, Gone!

How long have we had that faithful little companion around?  Would you believe about 60 years?  And  now, it seems inevitable, perhaps, that mousey will bite the dust.  Here’s one example of a 3D finger-mounted device called Mycestro that’s in the works.

javaiconHoly Moly! Oracle Fixes 42 Holes in Java.

In an effort to calm the stormy seas, Oracle has released a patch that fixes not one, not two, but 42 Java vulnerabilities.  While some recommendations have included disabling Java entirely, many companies have legacy software that relies on Java and have pushed for safer implementation. You can read about it here.

 

 

December 2012 News & Tips: All You Want For The Holidays, Win 8 and more

[image source_type=”attachment_id” source_value=”4596″ align=”left” quality=”90″] IN THE NEWS

Tech Toys For The Holidays

Let’s get unreal.  How ‘bout this floating home?  Really?  The conceptual Trilobis 65 is both a sleek house and a sleek ride as featured in Doornob Design Ideas. It includes an underwater observatory so you can watch Jaws watching you, and worth a look, if only to dream about

On a more reasonable note, however, how about the new Nexus 4 Google Phone?  Oh, I forgot, as of this writing (11/27) it’s sold out.  Bummer.  But when and if it comes back to play, it’s unlocked, very smart and priced to sell at $299 for an 8Gig, GSM, HSPA+.  Operative word unlocked!  It’s fast, capable, and gets great reviews.

Update Google Nexus4!   It was literally just revealed that the Nexus 4 would be back in stock 11/27 at 12:00 PM PST. So depending on when you read this, you can pick one up.

Update 2!  This is getting fun (ridiculous). Goggle’s Nexus Cart broke almost immediately with unprecedented demand!  About 7:30 PM my cart finally went through.  If you happened to order one, hopefully yours did too. So now the wait.  For early orders it was 4 to 5 weeks.  Now I see it’s up to 8 or 9.

Other phones getting huge press are the Samsung Galaxy III and the Galaxy Note 2 and the ever present iPhone.  Unless you have a deep pocket, however, you’ll need to get them on contract, and you already know how that game plays.

There’s also the Sweet little Nexus 7 tablet, available now with 3G+ data.  Great price for a great 7” tablet.  For about $299 you can get a 32G with data.  The other iterations cost less and get strong reviews as well. There is also the new Kindle Fire at a great price, but somewhat  geared to the Amazon ecosystem.

And for you Apple fans, well, there’s the Apple ecosystem you know and love with the new Mini great, but feeling a little rushed and maybe a bit long in the tooth. A new mini is supposed to get the retina display.

According to some, the new 7” (give or take) tablet form factor may just be the sweet spot in tablets going forward.  We’re still waiting for flexible tablets which may not be all that far off (years, but not decades?)

Read More

Why SiteVision?

We’re your advocate. SiteVision has been providing web development and hosting services to government agencies and non-profit organizations for over 20 years. We understand how overwhelming it can be to seek out a reliable solution for you website, custom application, and hosting needs.

At SiteVision we are passionate about creating solutions for customers that make their life better. We excel at understanding your business process and developing an application that is easy to learn and operate. We will always be fair, knowledgeable, honest, and professional.