Making the web more secure

January 27, 2017

We talk a lot about security here in our blog, but we can’t stress it enough.  Online security is such a huge talking point now as more and more things that we use on a daily basis are connected to the internet.  For sometime now Google, and other browser providers, have been making a push to make the web a more secure place.  Well, here comes a big change to that effect.

Coming this month (January 2017), with the release of Google Chrome 56, any website that has a password field or collects credit card information, and is not protected with an Secure Socket Layer (SSL) already, will be flagged by Google as insecure. 

read more

avatar

Brady is the voice on the other end of the phone line when you call Sephone. He graduated from the New England School of Communications in 2009 and assists Sephone in building and maintaining our sites.

Why Choose Google?

October 23, 2014

Over the past few years we have been slowly making the transition to Google’s business class services, Google Apps for Work, here at Sephone.  We have become a Google Apps Authorized Reseller, and work with our clients to help provide them with Google’s full suite of cloud based services.  These services include things like Gmail, Google Calendar, Google Drive, and more.  As an authorized reseller we work with Google to provide you with these services. So what does that mean for you?  Well, you get better services backed by Google, and the same awesome customer service you have become accustom to from Sephone.

read more

avatar

Brady is the voice on the other end of the phone line when you call Sephone. He graduated from the New England School of Communications in 2009 and assists Sephone in building and maintaining our sites.

Our Go-To WordPress Plugins

March 18, 2016

Over the past couple of weeks we’ve seen a huge spike in the number of attempts to compromise WordPress across a number of sites that we host. WordPress is a great platform, but its popularity makes it a fairly constant target for attacks.

Have no fear: the plugin architecture in WordPress provides an easy way to add extra features to your site – including extra security. Here are a few plugins we’ve been adding to many of the sites we host:

  • Jetpack: Created by the same company that built WordPress, Jetpack contains some really great additions for your site: visitor stats, contact forms, carousels, and more. It also includes some security features like preventing people from trying to force their way into your site.
  • Imsanity: Web sites don’t need all 20 megapixels of those images you take with your nice digital camera. Imsanity easily resizes images to make sure you’re not using too much space on the server.
  • WP Super Cache: For sites with a lot of traffic, caching speeds up the amount of time it takes to load the page and also allows more people to view the site at once.

If you decide to install plugins on your site, be careful and make sure they’re safe and secure before you add them. Plugins can have holes of their own that can be used by people looking to gain access your site or post spam comments on your blog!

Of course, we don’t want you to have to worry about this kind of thing – you’re busy enough running your own business, and you probably don’t have time to stay informed about the latest techniques and exploits for compromising a website. That’s fine! When you host your site with us, we stay on top of patches, updates, and techniques to keep your site safe. After all, we want to make managing your site or app as easy as possible so you can focus on your business!

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

The Internet: 25 Years Later

August 29, 2016

For those that missed it last week, on the 23rd of August, Sir Tim Berners-Lee’s Internet was officially publicly accessible for 25 years. (Keep in mind that this is the birthday of the public Internet, not the technology that makes it possible). Certainly an event worth celebrating – so here are (in no particular orderSephone’s notable moments involving the Internet thus far!

The Dot-Com Bubble

The historic economic bubble, which took place from about 1997 to 2000, saw the quick rise of equity values in various stock markets. Related to the rising popularity and prevalence of the Internet, many business were born and died in this period (especially when the bubble burst). But some persevered, and are still well-known to this day – like Amazon! For more information on this event, check out this video series.

April Fools!

Every year, on April the 1st (better known as April Fools Day to some and Justin Russell’s birthday here @Sephone), the Internet becomes a vast expanse of jokes and pranks. The people behind the curtain do not lack a sense of humor, and each year is prone to relevant gags. Some are funny, but make no impact beyond the date and a good laugh – for instance, Google’s 2016 Mic Drop. Others, like the Tauntaun sleeping bag that was a joke item featured for the day on ThinkGeek, were met with such a response that the ‘joke’ had to become real.

Heartbleed

Sometimes, bad things happen on the Internet. One such bad thing was the discovery of Heartbleed, a bug in server security that allowed for those proficient enough to steal quite a bit of information. Login information, messages, and the like were easily accessible thanks to a vulnerability in OpenSSL. Luckily, this bad thing led to a good thing – the issue was patched in a new OpenSSL release. This, of course, meant a lot of extra work upgrading any exposed platforms, which helps to make it so memorable. Here it is, immortalized in a relevant XKCD comic.

The Death of Internet Explorer 6

A prominent issue that arises with web browsing, design and development in general is the usage of outdated web browsers. This is why cake is baked when a prominent dinosaur of the Internet is finally put to rest. Internet Explorer tends to be a magnet for negative press, and the legacy of old versions of the software still being utilized certainly continues. The issue with this continued use of old software is both one of security, and also ease of access. As the technology that powers the web is developed, the software used to access the web must also be updated. Sadly, Internet Explorer has long held a tendency to update with explicit version numbers. This tends to make the process of upgrading a browser seem unnecessary, even though it definitely is. Luckily, Microsoft stepped in to slay their own beast, ensuring that the less than 1% of remaining users of the platform would move on, and experience the web more safely, and with a greater range of visual possibilities.

GMail and the Age of Better Email

Email has not always been a simple process – nor has it always been as beautiful as modern email clients make it seem. It is because of this that we remember the start of GMail quite fondly. Google helped to make email an accessible tool for all, but not only this – they also standardized the email experience. The layout of settings, as well as the overall appearance of the email client, has a huge impact on how businesses and people use the tool.

Kelly had this story to relate about the early days of email, to further illustrate its growth:

[…] I remember the first time I sent an email (1990-ish) to my boss who was less than impressed by the whole idea – we had a whopping speed of 9600 bps!  I was embracing the idea since we had many customers that worked for the Government, NIH, CDC, etc.  They used email to communicate.  So I sent him an email that said something like = Don’t be an old fogey.  Walked across the building and sat in his office and waited, waited. About 10 minutes later – it arrived.  He said, “See Cotiaux, I told you this whole thing is a fad.”

Honorable Mentions

  • The Launch of Google
  • The First Google Doodle
  • The Launch of Facebook
  • When Ask got rid of Jeeves
  • Saying good-bye to table-based layouts
  • The proliferation of WordPress
  • Archive.org and the WayBack Machine
  • Mobile Internet taking shape

We look forward to another 25 years of growth, frustrations and inevitable usefulness from the Internet. Feel free to share your historic stories in the comments below!

avatar

Gary is a team member at Sephone, helping to design, build and maintain websites. He is also a web design student at the New England School of Communications of Husson University.

What are My Options for a Web Browser

January 23, 2013

Without a doubt one of the most used pieces of software is a web browser. On your desktop, on your smartphone and your tablet, you use a web browser all the time.

Example of a Browser

Example of a Browser

What is a web browser?

Lets start with the basics. A web browser is a piece of software that is meant to fetch information from the web (a.k.a. the world wide web). Most can do other things to, but that is the main purpose, interacting with the world wide web.

What are the common browsers?

The most common browsers are:

  • Chrome (from Google)
  • Firefox (from Mozilla)
  • Internet Explorer (from Microsoft)
  • Safari (from Apple)

Here is a brief overview of each browser.

Chrome
Google released the first version of Chrome in late 2008. It is the third most popular browser as far as user base, but many consider it the most popular when measured in time spent using it.

Most of Chrome is open source; the core rendering engine is WebKit, which is open source. Google has released most of the source code of Chrome as open source under the name Chromium.

It’s available on Windows (XP SP2 and later), Linux, Mac OS X, Android, and iOS.

Chrome has many strengths as well, it’s fast, I would say, the fastest browser in this list. It’s very secure, protects its users well, it’s tied in with a blacklist service from Google, as well as “sandboxing” websites you are using. Chrome is great at supporting browser standards, which help people like us make websites.

Chrome also has a syncing feature, meaning you sign to a Google account in your browser, and then your history and bookmarks are synced on two or more machines. I use this feature often when switching from desktop to laptop.

Firefox
Firefox has its roots going way back. First released by name in 2004, its roots are deeper. Mosaic was the first real web browser going back to 1992. Shortly after that, many of the people that wrote Mosaic, would form their own company, called Netscape. Netscape was a totally new project, but was remarkable similar to Mosaic. Netscape would release an open source version of their browser called Mozilla. Mozilla would grow and grow, until it was so bloated many people were frustrated with it. Some Mozilla developers were upset with the bloat, they stripped out many features of Mozilla and called it Firefox. So Firefox, in a sense is the new Netscape. Not as far as the company is concerned, but as far as the product is concerned.

Now it’s available on Windows, Mac OS X, Linux, BSD, and Android. It also has the privilege of being available in more languages than any other browser. Additionally, it stands only in this list as a true open source project. It’s commonly considered the second most popular browser in the world as well.

Firefox has a “live bookmarking” feature, where you can see the latest content from blogs in your bookmark, pretty neat. Firefox also does pretty decent at supporting browser standards, does pretty decent security as well. Normally it’s middle of the road in speed of rendering pages.

Firefox has an incredibility store of add-ons for the browser, one of the most customizable, extendable pieces of software to come along.

Internet Explorer
Like Firefox, IE has roots in the Mosaic browser. The first version of IE, back in 1994, was built from software from a company called Spyglass. This company, Spyglass, licensed the Mosaic source code and built their browser from it. Shortly after launch, Microsoft would bring all IE development in house.

Generally considered the most popular browser in the world, certainly it is in English speaking countries, while Chrome and Firefox tend to be in non-English speaking counties.

IE has released versions for many operating systems over the years, modern day versions are only released for Windows.

Generally, IE does not do well at supporting web standards, although, the latest versions do better than they ever have, still though, it does not do nearly as well as the others. IE has had some major security issues in the past, but generally speaking, modern versions are much better. It’s integration into the Windows desktop is stellar, a very fluid interface with the OS.

Generally speaking, it’s the slowest browser mentioned in this post, although for some reason it’s wicked fast with flash, like on youtube.

Safari
Safari was first released in 2003. At the time, Mac OS X browser options were poor, and Safari was a breath of fresh air for Mac users. Safari is WebKit based, like Chrome. And also, like Chrome, is part open source. It’s available for Mac OS X and iOS. In the past, Windows versions have been available.

Safari does not have a huge market share overall, it does have a strong hold on Mac OS X, but it’s nearly unstoppable on the mobile front. Some estimates exceed 60% of mobile web access is done with Safari.

Some of its features include, a feed reader to see updates on your favorite sites and an awesome address field. It searches through your history, bookmarks, does web searches, very neat feature.

What one do we recommend?

Well, as long as you are on the current version of any of these browsers, you should be all set. All of the browsers in this post are used by Sephone team members, and recent versions of these browsers are supported by Sephone products and services.

If you were to closely scrutinize Sephone team members browser habits, I think you would find, Chrome and Firefox used more than the rest.

avatar

Alan has been creating websites since CompuServe was huge. Today he still is developing websites using technologies such as CSS3, HTML5, jQuery and CakePHP.

SSLs for everyone

December 22, 2015

We have been talking internally at Sephone a lot lately about SSLs.  For a basic run down of what an SSL is and what it is used for, check out this post that Alan wrote a while back.  So what have we been discussing with regards to SSLs?  Well, as things often do, they are changing, and large players in the online world are trying to make things more secure for everyone.  We at Sephone want to help in this trend, and keep all of our customer’s, and their customer’s information safe and secure when using the websites that we build.  read more

avatar

Brady is the voice on the other end of the phone line when you call Sephone. He graduated from the New England School of Communications in 2009 and assists Sephone in building and maintaining our sites.

Why Have Password Rules?

April 22, 2013

Starting this week we’ll be upgrading our customers who use datAvenger Pro 5 to our latest version, dA Pro 5.3. One of the more visible new features of this update is an even higher level of security for user account information. While this is a good thing for everyone, it might seem like more of an annoyance than a benefit at face value for our users, and I wanted to take a little time and explain why we’re making the change.

The Sephone Password Policy

We’re beginning to enforce our Sephone Password Policy for user accounts in datAvenger Pro, and we’ll expand these requirements to our other products in the future. Alan covered some of the basics of password security in a post from last year, and our official Sephone policy is very similar to what he suggests in that post. We’ll be enforcing the following requirements for passwords:

  • At least 8 characters long
  • At least one lower-case letter
  • At least one upper-case letter
  • At least one number

Of course, you can make your password as long as you like, and you can use special characters like %, #, and * to make your password even more secure. Every user password needs to adhere to at least the rules we’ve listed, though.

Because we already encrypt passwords for user accounts, we’re not able to check to make sure the password you already have meets these rules. When you log into one of our services that includes these new password requirements, you may be prompted to re-enter your password to make sure it’s acceptable.

The reasons behind the change

We know that remembering strong passwords can be tough. You may be asking, “Why can’t I just use the name of my dog?”

You’ve probably heard news about accounts on major online sites being hacked lately. Malicious hackers can use programs that check for commonly-used passwords or passwords that are simply English words (something known as a dictionary attack). Once they’ve been able to log into an account, they can deface a site, or if they’re feeling particularly nasty, they can try to gain access to the server or the contents of the database.

These new, more stringent password rules make it tougher for anyone to crack a password and gain access to your administration area. Combined with some upgrades behind the scenes that make your account even more secure, we’re doing everything we can to make sure your site is safe.

If you’re really struggling to create a new password, try this: think of a sentence or quote that you’ll remember, and use the first letter of each word as your password. If you wanted to use one of my favorite quotes from computer scientist Alan Kay, for instance – “The best way to predict the future is to invent it” – your password could be Tbw2ptfi2ii. (Use a different quote that you’d remember, of course!)

avatar

Justin is a web and mobile developer at Sephone. He's interested in user-driven design, social media, and web services. He also enjoys learning and exploring new ways for businesses and people to use the web.

Browser Updates

January 14, 2013

Recently there has been news about browser security, notably Java and IE updates.

Java

The U.S. government (Department of Homeland Security) issued a warning late last week asking users to temporarily disable Java on their machines. There was a large flaw discovered in a recent version.

Follow this link to disable Java on your machine and keep it safe from this vulnerability. Once a fix is supplied by Oracle, you should update your Java install, and then you can re-enable Java.

Internet Explorer

The zero-day flaw in IE6, 7, and 8 has surfaced again. Make sure that you install the latest version of Internet Explorer that your operating system supports. If version 8 is the latest version of IE you can install, make sure you apply the Windows Update Microsoft is releasing today and then reboot.

avatar

Alan has been creating websites since CompuServe was huge. Today he still is developing websites using technologies such as CSS3, HTML5, jQuery and CakePHP.