Why Passwords are Important

May 29, 2015

Passwords are one of the fundamental elements of online security. They can be frustrating to remember and often problematic for users. However, some form of the password is needed for the foreseeable future. We have written about passwords before, but this post will attempt to highlight the dangers of poor password management.

Why You Need a Solid Password

login attempts If you look at the image that is alongside this paragraph, you will see a log file from one of our sites. What is happening here is somebody is trying to randomly guess the password to a wordpress site. Of course Sephone has a rate limiter so the offender has to wait several seconds between attempts and eventually this IP was blocked by our automated firewall.

This will give you an idea of what is called a “brute force” attack. Always assume that there is somebody somewhere trying dozens of times a minute to guess your password and login as you.

Why You Need to Store it Properly

Another thing that happens often is, the password itself is compromised. Normally, this is through malware on your machine. If you save a password somehow, such as having your browser remember the password, or the password is stored in a cookie file, it’s possible that malware can get that password and then an outside attacker can use it.

This is why is crucial that you keep your machine up to date and don’t install unneeded software. You should take other precautions such as anti-virus and firewalls when appropriate.

Recently a clients’ machine was infected with malware and their email password was compromised. The attacker attempted to send hundreds of messages a minute, spamming people and trying to distribute their malware.

Hacked?

These are the two ways that most “hacks” happen.  A poor password was guessed or password was stolen via malware.  If you are a WordPress user too, there is a big bullseye on your back. WordPress is famous playground for “hacks.”  It is important to make sure your developer (or you), is taking the necessary steps to keep the site up to date.

avatar

Alan has been creating websites since CompuServe was huge. Today he still is developing websites using technologies such as CSS3, HTML5, jQuery and CakePHP.

Summertime Means Travel Time

May 22, 2015

Statistics show that people travel more in the summer than they do in the winter. Stands to reason, here in the northeast we had one incredible (in Maine we say “wicked”) winter. Plans often change along with the weather and in many cases just the “threat” of weather!

Efficiency
One thing that does not change is how many hours in a day that we have – 24. We all have 24 hours and we all try to make the most of them. Planning travel whether it be vacation, business or family time, we have to pack it all in. Here’s a refresher on a few “GO TO” apps that may help in making the best of your time on the road and around in Maine this summer.

Gas BuddyGasBuddy_logo_header Is there anything  more frustrating than filling up your car and going 4 miles down the road and the gas price is .10 cheaper a gallon? Over tank full of gas it may only matter about a dollar but every dollar counts- especially when it means I don’t have to go out of my way to save it! You can find the best price for gas where you are right now, where you are going or anywhere along the way. The app is user populated, but I have found it very accurate. It is also good to provide feedback yourself to keep it valid and useful for others to use it.

My Maine

myMaineVisiting our Pine Tree State? The Maine Tourism Association has a very information rich website and app with Places to Stay, Eat and Do. This is a free app that can help you find your way around the state and makes sure you don’t miss anything. If you prefer a LARGER view mainetourism.com is a great way to plan your trip.

 

Entertainment
Looking for some fun? The Waterfront Concert app is at youwaterfront-concerts-logor fingertips with schedules, tour information as well as on the spot info through iBeacon technology. Looking to upgrade? Want a deal? Buy tickets for another show? This app can help you navigate the Darling’s Waterfront Pavilion in Bangor as well as the Maine State Pier in Portland, Maine for any event.

The weekend before Labor Day is our version of the Olympic cultural and music event of the year, The American Folk Festival is held on the Bangor Waterfront.

The desktopAmerican Folk Festival also has a free app and this year it will use iBeacons that can notify and help you navigate a weekend long event that literally covers the entire Bangor Waterfront. iBeacons will help you get the most of such an action packed event-music, cultural and children’s events, food and craft vendors this app does your homework for you!

Your Phone is With YOU
Use it for more than texting the kids in the back seat. All of the apps mentioned in this post are tablet and ipad friendly too. They help in efficiency on road trips.  So from all of us at Sephone, travel safely and have a great summer!

avatar

Kelly's been known as the Marketing Maven since before the term was hip. (That means she's old.) As a natural Community Builder, she loves to get people together, bring resources to the table and solve problems!

iBeacons: the Possibilities!

May 14, 2015

We get really excited when new technologies do new things and interact in new ways. Our latest obsession is something about half of the size of a deck of cards: iBeacons.

iBeacons are small devices that can communicate with mobile apps. When a person who’s installed your app comes within the range of an iBeacon, they can receive a notification tailored to their location or can perform another action.

waterfront-ibeaconWe just added iBeacon support to our iOS and Android app for Waterfront Concerts. With an easy management tool, the WFC team can set notifications to send to anyone with the app who enters the concert venue. They can also schedule notifications so people at a concert can automatically stay up to date.

iBeacons are great way to effectively target marketing to your customers. Because you can specify a location for the notifications, you can deliver information specifically to people who are in a specific place.

Of course, building iBeacon support into the concert app has made us think about all of the other possibilities available with these little devices:

  • While a customer is in a store, they could see information about the items closest to them or locate themselves on a store map.
  • Museum-goers could pull up information on their phone about the piece of art in front of them.
  • Conservation organizations could give easy access to a trail map when a hiker passed a trailhead.
  • Community groups could create a scavenger hunt and reveal clues when someone visits a certain location.

There really is something for everyone with iBeacons. We’re really excited to see other ways we’re able to incorporate them into our apps in the future!

avatar

Justin is one of the developers at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

What Takes the Most Time in Your Business?

May 1, 2015

Between visits with clients, information gathering, and mobile app testing, we’ve always been a business on the go. Outside of our weekly staff meeting, it’s rare to find us all in one place.

We knew early on that working on the road and remotely could be a challenge. It takes a lot of time to hand-write and follow up on phone messages, keep people up to date, and make sure everyone’s on the same page. We realized that it would actually be cost-effective for us to develop our own tool to manage phone calls no matter who took them or where the recipient was, and Calligraphy was born. Years and almost 6,000 calls later, Calligraphy also helps us work seamlessly between our Maine and New York offices.

read more

avatar

Justin is one of the developers at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Water and Technology

April 24, 2015

The annual rite of officially saying “Spring has Sprung!” in central Maine is here.  Several hundred people will convene at the small town of Kenduskeag with the goal of staying dry (or at least upright) as they descend on a 16.5 mile journey to Bangor through the trepidatious waters of the Kenduskeag Stream armed with only a paddle and smile. And this year, it will be particularly satisfying to conquer waters that were formerly snow, ice and frost.

The Race

As a company headquartered in Bangor, the Kenduskeag Stream Canoe Race is at very least watched by lots of Sephone team members. I participate in the race and have written about what that is like. My most highly esteemed coworker Justin has also written about the race from the spectators perspective. He normally photographs the race and puts the photos on this FB page Justin Russell Photography. And here is a good google map if you want to learn more about the path of the race.

Water and Devices

Broken boat that sunk to the bottom.One of the things that often comes up in talks about the race is electronics. With the prevalence of social media, maybe people want to capture their experience to share with friends. We all know though, water and electronics don’t mix well. I think most everybody has at one time or another lost something to the washing machine. Here are the options as I see them for getting wet:

Several companies make waterproof containers for your phone. Some of the popular ones include the Preserver by Otterbox and LifeProof. These cases, when properly installed, do allow your phone to get wet or even submersed. Additionally, they provide your phone with a bit of buoyancy to prevent them from sinking to the bottom of a lake or pond.

Should you lose your phone while out and about, for android’s anyway, you can google “find my phone” and it will tell you where it is, even do some gps lookups, and can get you within feet of your phone. I have experienced anywhere from 80 feet accuracy to 6 feet with this service finding my phone.

Other than waterproofing your phone, the other option is forgoing the phone and using a waterproof device. The king of this arena is GoPro.  Their products have been dropped from airplanes by sky divers into pig pens and left at the bottom of the ocean for several days, as well endured grizzles attacks (warning, last link has PG-13 audio). And although GoPro’s are awesome, many companies offer rugged products such as Garmin, Canon, Nikon and Fugi. Just make sure that you are getting their waterproof product line.

So the next time you are in, on or near water, make sure that your phone is in a waterproof case or you have waterproof electronics.

avatar

Alan has been creating websites since CompuServe was huge. Today he still is developing websites using technologies such as CSS3, HTML5, jQuery and CakePHP.

Backup Service Phishing Scam

April 17, 2015

Recently we have had several clients call to ask about a bill they received from a backup service called WebsiteBackup.  This is not something that Sephone has sent to you.  This “bill” is a phishing scam to try and get you to pay for services through another company, and we do not recommend paying it.  Sephone does daily and weekly backups of all of our servers (where the most recent backup overrides the previous), so we always have a copy of your site if something happens.

One of the clients that received this bill was kind enough to provide a copy of it for this post.  You can see the example below.  Their information has been removed, but all of the instances we have been made aware of seem to be similar.

website-backup-page1  website-backup-page2

In addition to the backup services that we provide, in most cases you can also find a snapshot of your website on the Wayback Machine.  While this is not a 100% reliable resource for website backups, it does help in some cases if you need something in a pinch.

If you’d like to discuss options for additional backup services from Sephone, please give us a call or send us an email.

 

avatar

Brady is the voice on the other end of the phone line when you call Sephone. He graduated from the New England School of Communications in 2009 and assists Sephone in building and maintaining our sites.

Hacked! Or Not?

April 9, 2015

“I was hacked!”

As people continue to spend more of their time online doing more of their day to day work, I hear people talk about hacking more than ever. But that raises the question: what is “hacking”? And do people use the term correctly?

Depending on who you ask, hacking can have a couple of definitions. Some attacks can be considered hacking without a doubt, while others… not so much. In this post we’ll give an overview of some of the cases when people or businesses might say they were “hacked”.

Security vulnerabilities

The classic form of hacking often has to do with security problems in software or operating systems. By exploiting these flaws cybercriminals can access data that isn’t intended to be public. This is why it’s important to keep your software up to date! These kinds of attacks are often called “cracking” by the technology community to distinguish them from other forms of hacking.

Viruses, worms, and Trojan horses

Instead of formatting your computer or displaying messages on your screen, today’s malicious software often sits invisibly in the background, using your computer to carry out attacks. A computer might be used to send out spam, cause a denial of service attack (see below), or other crime. Good anti-virus and computer security software helps defend your computer against these kinds of attacks.

Phishing

Phishing happens when a criminal tries to trick you into sending your personal information – whether it’s a login to a site, your credit card information, or something else – to a criminal. This can happen if you click on a link in a forged email, on a bad website, or sometimes even on social media. Always be sure to check the validity of a site before you enter your login or other personal information on it, and never send your personal information to anyone unless you know they’re authorized to request it. We’ve covered phishing a number of times before on the blog.

Unauthorized access

Sometimes “hacks” don’t have anything to do with login information or security problems with software; they happen because a person who isn’t supposed to have access to an account finds a way in. This can happen if you leave a device open on a table without a password or if you use a public computer (for example, at a library) and forget to log out of a site like Facebook or your bank. It’s important to make sure employees who are no longer employed from a company don’t have access to the company’s social media or other administrative accounts, too.

Denial of service

A denial of service attack (and its big brother, the distributed denial of service attack, or DDoS) happens when a criminal overloads a site with requests to view pages. This bogs down the server and essentially creates a traffic jam, preventing other people from accessing the site. Typically in these cases no user data is at risk. Read more about DDoS attacks on our blog post, “Why a Site Doesn’t Load“.

Saying something stupid

Of course, saying an account was hacked can be a convenient excuse as a cover for saying something stupid. “I would never say something like that,” someone may say. “It must have been an old employee with the password, or someone hacked our site!” In these cases being cautious with what you say before you post is your best bet.

Building and creating

The unfortunate part about the word “hacking” is that it is so often associated with criminal acts. In fact hacking is a much broader field than just trying to steal personal information; it’s a desire to make something work in an unconventional way. If you’d like to learn more about the benefits of positive hacking, including the expanding field of civic hacking, listen to Catherine Bracy’s great TED Talk, “Why good hackers make good citizens“.

When you hear about a site or person being hacked, it’s important to remember that not all “hacking” is the same. It’s important to ask if your user data or other personal information was compromised. And do your part by making sure your software is updated, your passwords are strong, and you’re being cautious about the email and messages you receive!

avatar

Justin is one of the developers at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Google’s Changes to Mobile Searches

March 31, 2015

In the past few months Google has announced that mobile optimization will be a ranking factor on searches from mobile devices. Makes sense since most stats say around half of searches hail from mobile devices. It also makes sense that your website works properly on mobile devices to help make sure you are found in mobile searches.

How can I tell if my website is mobile friendly?

It’s easy. Go to the tool provided by google and put in your site. The test will either display a green message stating you are good or a red message saying your not mobile friendly. See below for an example.
Sephone.com is mobile friendly.

A Deadline

Google announced last month on it’s webmaster blog that this new change will be rolling out April 21. This was not totally unexpected. Starting around January, Google started aggressively pursuing webmasters to move to be mobile friendly. Even before January, they had been dropping hints.

We have been also trying hard to get our customers to think about mobile. Below are three posts from this blog, all over two years olds, admonishing our customer base to focus on mobile.

Mobile is Important

We very earnestly sincerely implore all of our customers to review their mobile sites and/or make plans to implement a mobile friendly site at this time. Don’t hesitate to contact us with any questions. We are here to help.

Mailer Sources

  1. http://www.comscore.com/Insights/Blog/Major-Mobile-Milestones-in-May-Apps-Now-Drive-Half-of-All-Time-Spent-on-Digital
  2. http://googlewebmastercentral.blogspot.com/2015/02/finding-more-mobile-friendly-search.html
avatar

Alan has been creating websites since CompuServe was huge. Today he still is developing websites using technologies such as CSS3, HTML5, jQuery and CakePHP.