Hacked! Or Not?

April 9, 2015

“I was hacked!”

As people continue to spend more of their time online doing more of their day to day work, I hear people talk about hacking more than ever. But that raises the question: what is “hacking”? And do people use the term correctly?

Depending on who you ask, hacking can have a couple of definitions. Some attacks can be considered hacking without a doubt, while others… not so much. In this post we’ll give an overview of some of the cases when people or businesses might say they were “hacked”.

Security vulnerabilities

The classic form of hacking often has to do with security problems in software or operating systems. By exploiting these flaws cybercriminals can access data that isn’t intended to be public. This is why it’s important to keep your software up to date! These kinds of attacks are often called “cracking” by the technology community to distinguish them from other forms of hacking.

Viruses, worms, and Trojan horses

Instead of formatting your computer or displaying messages on your screen, today’s malicious software often sits invisibly in the background, using your computer to carry out attacks. A computer might be used to send out spam, cause a denial of service attack (see below), or other crime. Good anti-virus and computer security software helps defend your computer against these kinds of attacks.

Phishing

Phishing happens when a criminal tries to trick you into sending your personal information – whether it’s a login to a site, your credit card information, or something else – to a criminal. This can happen if you click on a link in a forged email, on a bad website, or sometimes even on social media. Always be sure to check the validity of a site before you enter your login or other personal information on it, and never send your personal information to anyone unless you know they’re authorized to request it. We’ve covered phishing a number of times before on the blog.

Unauthorized access

Sometimes “hacks” don’t have anything to do with login information or security problems with software; they happen because a person who isn’t supposed to have access to an account finds a way in. This can happen if you leave a device open on a table without a password or if you use a public computer (for example, at a library) and forget to log out of a site like Facebook or your bank. It’s important to make sure employees who are no longer employed from a company don’t have access to the company’s social media or other administrative accounts, too.

Denial of service

A denial of service attack (and its big brother, the distributed denial of service attack, or DDoS) happens when a criminal overloads a site with requests to view pages. This bogs down the server and essentially creates a traffic jam, preventing other people from accessing the site. Typically in these cases no user data is at risk. Read more about DDoS attacks on our blog post, “Why a Site Doesn’t Load“.

Saying something stupid

Of course, saying an account was hacked can be a convenient excuse as a cover for saying something stupid. “I would never say something like that,” someone may say. “It must have been an old employee with the password, or someone hacked our site!” In these cases being cautious with what you say before you post is your best bet.

Building and creating

The unfortunate part about the word “hacking” is that it is so often associated with criminal acts. In fact hacking is a much broader field than just trying to steal personal information; it’s a desire to make something work in an unconventional way. If you’d like to learn more about the benefits of positive hacking, including the expanding field of civic hacking, listen to Catherine Bracy’s great TED Talk, “Why good hackers make good citizens“.

When you hear about a site or person being hacked, it’s important to remember that not all “hacking” is the same. It’s important to ask if your user data or other personal information was compromised. And do your part by making sure your software is updated, your passwords are strong, and you’re being cautious about the email and messages you receive!

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Protecting the Content on Your Site

February 19, 2015

Protecting your contentA couple of weeks ago I noticed that a local news organization had used a photo I’d taken of downtown Bangor to go along with a story. You might think that would be flattering, but as a photographer I’m sad to say that it’s not the first time it had happened – and happened even without the courtesy of giving proper credit.

In the world of the shareable web, how can you protect the content on your site from being used by others? Luckily there are a few options available.

read more

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Using Tech and Staying Human

December 12, 2014

Person typing on computer keyboardAdding new technology to your business – whether it’s an app, a site, or a new tool – can make it a lot more convenient for your customers to learn about your business, shop, or buy. But some businesses hesitate, either because the technology replaces a process that’s been in place for years (and “worked”) or because they’re afraid technology will make their business less human.

Small and medium-sized businesses especially rely on great customer support and great interaction to find and keep their customers. Fortunately sites, apps, and personal touches aren’t an either/or question; they can complement each other very well. read more

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Two-Step and Apple Pay: the Future of Online Security

October 16, 2014

Apple PayWith the launch of Apple Pay, Apple’s new contactless payment method on the iPhone 6 and 6 Plus, I’ve heard a lot of people asking: what’s wrong with the payment process we have now? It doesn’t take that much time to pull out a credit card.

The real issue Apple Pay solves is security, not convenience. And it’s one member of a new generation of technologies to keep your personal information safe.

read more

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Custom keyboard shortcuts in iOS

September 26, 2014

One of the little-known features in Apple’s mobile operating system for iPhone and iPad is the ability to create your own custom keyboard shortcuts. Shortcuts let you create a short sequence of characters that will save you from typing blocks of text that are frequently used or difficult to enter.

One of my favorite shortcuts is for our email address at Sephone (support@sephone.com). It comes in handy when you’re logging into services, filling out forms, or giving your email address when you join a protected Wi-Fi network.

To create this shortcut, go into the Settings app and click on the General item, click Keyboard, and click Shortcuts. You’ll see a list of shortcuts already in the system. (Apple gives you a couple to start.) Click the + button in the upper right to create your own. (Take care not to type a sequence you’d normally use while typing.)

Entering a new keyboard shortcut in iOS

When you type your shortcut, you’ll see that the first suggestion will be your expanded text – and it will automatically replace it for you when you tap the suggestion or hit the space key.

Using a keyboard shortcut in iOS

One final shortcut tip: some people like to use a prefix like “sc” to make sure they don’t enter a shortcut by mistake when they type. Try “scemail” for your email, “scaddr” for your address, or “sclink” for a link to your website. What else do you think would be a good shortcut?

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

There’s a New Watch in Town – But Nothing’s Changed

September 9, 2014

It finally happened. For those of us who keep an eye on new tech, the Apple Watch has been a long time coming (rumors have been around for almost two years). Geeks – and what seems like the entire world now – are ogling over new styles, specs, and news for Apple’s watch.

But for us, nothing’s changed.

Yes, we’re excited that we’ll soon be able to develop apps for companies that can use the new tech, just like we develop apps for phones and tablets now. And yes, we’re excited to see what other people do to push the new technology forward.

But we don’t look at pieces of technology first when we’re developing solutions for a company. We talk about the goals and desired outcomes of a project with every client, and we build what we agree will work best to reach them.

Mobile solutions are a great pre-watch example. We’ve had a number of companies come to us asking to have an app in the iOS App Store and Google Play. Yes, we can develop those apps – but they’re not always the best solution for a company. Maybe a mobile website works better based on their audience, goals, and budget. We want to build something that will be successful, not just trendy. (Wondering about the differences between a native app and a mobile-friendly website? We have you covered.)

You bet we’ll be developing apps for the Apple Watch soon. But ask yourself: what’s right for your needs? That’s what we’ve been helping companies decide for over a decade.

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

The 2014 American Folk Festival App

August 19, 2014

2014 AFF app home screenWe love the end of August here at Sephone. For a weekend each year, the Bangor waterfront transforms into a musical space full of cultures and sounds from across America and the world – and we’re fortunate to bring information about it to Festival-goers through the official website at americanfolkfestival.com and through the Festival’s mobile app.

The app is a great indicator of how the world’s turned to mobile more and more each year. Last year, we saw a 75% increase in the number of people downloading the app compared to 2012 – and the numbers are still growing. We love having an app, too, because it allows people to have the information they need quickly and easily.

In addition to favorite features from years past (including the ability to build your own schedule, push notifications to alert you of upcoming performances, information on who’s currently performing and who’s scheduled to perform, and up-to-the-minute schedule changes), we’ve added a new vendors section with information about all the amazing food and craft vendors throughout the Festival. And if you want to support the Festival but don’t want to miss any of the music and don’t see a member of the Bucket Brigade nearby, you can now donate online, right from the app.

Make sure you have the latest version of the app before you head to the waterfront! Go into the App Store app on  your iOS device and click on the Updates tab, or go into the My Apps area of the Play Store on Android. Updating only takes a couple of minutes!

Don’t forget to share photos from the Festival from the app, and tweet to your heart’s content about what you see using the #AFFBangor hashtag! See you on the waterfront.

By the way, we made a two-minute video talking about the site, the app, and how the Festival has changed over the years. We hope you like it!

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

App Permissions: What Can and Can’t Apps Do?

August 6, 2014

One of the aspects of mobile apps that make them great is that they have the ability to use some of your phone’s native features like its camera and its contact list. Our American Folk Festival app, for instance, allows users to take photos that can be submitted to the Festival for use in a Facebook album. If you have a gaming app, you may want the app to access your contacts to see if anyone else you know is willing to take part in a head-to-head matchup.

Lock on a doorRecently there’s been some controversy surrounding Facebook’s push of its Messenger app for chatting with friends. Some users have noticed that it asks to do a lot – record audio, take photos, and more – and some posts go so far as to say that it might record ambient audio or take random photos without your permission.

This is a good time to take a look at app permissions. Each app has its own set of actions it wants to take with your phone, like the examples above. App developers use these permissions to allow their app to access parts of your phone’s operating system (for example, iOS or Android). And despite what you may read, you have control over what your phone’s apps can access.

iOS

iOS 7 lays out a few categories for feature access, including photos, microphone, and geolocation. When an app first requests access to one of these areas, you’ll see a prompt asking whether you’d like to allow access. If you do, you can turn access off later (or see a list of apps that use that permission) by going into the Settings app, tapping Privacy, and then looking at the permission you’d like to control. If you don’t want the Messenger app to access your microphone, for instance, go into the Microphone area and toggle the line for the Messenger app.

Android

When you first install an Android app, you’ll see a list of permissions it requests. It’s important to note that if you have auto-updating turned on, updates to the app may add related permissions without asking you first, but you’ll still be prompted about any major permission changes before the update occurs. At this time there doesn’t seem to be a convenient way to control apps on a per-permission basis like there is in iOS, though this feature is hidden in some of the latest versions of Android and may be made public at some point.

It’s also worth noting that once you allow access to a permission for an app, whether it’s on install in Android or after a prompt in iOS, the app can use it in some cases without your knowledge – so there is some level of trust needed. As with all software, be careful of its source!

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.