Search This Blog

Saturday, 30 July 2011

Five reasons : Why Android is superior than iPhone

Five reasons : Why Android is superior than iPhone

Andoid vs iPhone
Takeaway: The top five reasons why Android platform is better than the iPhone.


  1. Application options. With the Android platform, all you have to do is tap the Menu button to get to the application options, even while the application is running. This is very much in line with how PC applications work. However, on the iPhone, you have to go through Settings to get to the application options. Sometimes this is circumvented when iPhone app designers add an Options button within an application — but this leads to inconsistency, because not all applications have options.
  2. Updates. For me, this one is the deal breaker for the iPhone. In order to get updates (especially firmware updates) the iPhone must be connected to iTunes. Android, on the other hand, offers two ways to get updates: OTA (Over The Air) or using a third-party tool that allows the upgrade to be installed via a PC. The third-party tool will depend upon the maker of the handset, but most of them work very well. The OTA updates also work almost flawlessly. The only bad experience I’ve had with OTA updates is with AT&T, because they only allow you to check for updates every 24 hours. This can cause some serious frustration when you KNOW there’s an update available, but your handset has yet to see it. But generally speaking, when your provider makes the update available, it will appear and be ready for installation.
  3. No iTunes. I have always been very vocal about this. I have a great dislike for iTunes, and there are a lot of reasons for this. It’s not intuitive, it’s a resource hog, and it’s forced upon you by Apple, when you want to fully manage your iPhone. With the Android platform, there is not one single application required to manage your device. In fact, a single Android device can be managed by multiple applications and in multiple platforms.
  4. Multitasking. That’s right, the Android platform does true multitasking. Sure, Apple claims the iPhone does, but I challenge you to actually manage multitasking on the iPhone platform. With Android, all you have to do is hold down the Home button to see a list of your running applications. From that list, you can switch between apps at any time. There are even third-party Android applications (such as Power Strip) that can be installed that make the task of multitasking even more powerful.
  5. Application installation. With the Android platform, you can install apps from the Android Market, from your PC by simply copying the file to the mobile, or even transferring via Bluetooth. In fact, you can install home-grown applications just as easy as “official” applications created by Android developers. For developers, this is a real boon, because you don’t have to rely solely on an emulator to make sure your application works properly. Some people argue that this opens up Android for possible malware, but if done carefully, it won’t be an issue.
There are many reasons why I personally feel that Android is superior to the iPhone, but the above entries tend to float to the top for me. Yes, there are aspects of mobile life that the iPhone does quite well, but for anyone that prefers a sense of true freedom with their devices, Android is — far and away — the platform of choice.

Wednesday, 27 July 2011

The top 10 hackers of all time


The top 10 hackers of all time
Hackers
Takeaway: Black hat, white hat, or somewhere in between, hackers have had a huge impact on the evolution of information technology. See if you agree that these 10 hackers belong on this list.
Hacking is not a recent invention. In fact, it has been around since the 1930s, although not always associated with computers. Here’s a rundown of some of the most noteworthy hackers in history.

1: Kevin Mitnick

Kevin Mitnick, once considered the most-wanted cybercriminal in the United States, is often touted as the poster child of computer hacking. Kevin mastered an early form of social engineering (scamming operators) and computer hacking to gain access to and modify telephony switching systems. After a very public two-year chase, arrest ,and incarceration, the hacker community collectively rose in protest against what they viewed as a witch hunt.

2: Robert Tappan Morris

On November 2, 1988, Robert Morris released a worm that brought down one-tenth of the Internet. With the need for social acceptance that seems to infect many young hackers, Morris made the mistake of chatting about his worm for months before he actually released it on the Internet, so it didn’t take long for the police to track him down. Morris said it was just a stunt and added that he truly regretted wreaking $15 million worth of damage, the estimated amount of carnage caused by his worm.

3: Vladimir Levin

Seeming like the opening of a James Bond movie, Vladimir Levin was working on his laptop in 1994 from his St. Petersburg, Russia, apartment. He transferred $10 million from Citibank clients to his own accounts around the world. As with most Bond movies, Levin’s career as a hacker was short lived — with a capture, imprisonment, and recovery of all but $400,000 of the original $10 million.

4: Yan Romanowski

Yan Romanowski, also known as MafiaBoy, was arrested in February 2000 for launching a denial-of-service attack that brought down many of the Internet’s largest sites, including Amazon, eBay, and Yahoo. Yan’s lawyer claimed, “If [MafiaBoy] had used all his powers, he could have done unimaginable damage.” It is widely believed that Romanowski is no more than a script kiddie. His attacks, however successful, were implemented using computer scripts that clogged networks full of garbage data.

5: Kevin Poulsen

Kevin Poulsen, known as Dark Dante in the hacker community, specialized in hacking phone systems, particularly radio stations. This talent allowed only calls originating from his house to make it through to the station, assuring him of wins in listener radio contests. His iconic 1991 hack was a takeover of all of the telephone lines for the Los Angeles KIIS-FM radio station, guaranteeing that he would be the 102nd caller and win the prize of a Porsche 944 S2. The bold Poulsen was wanted by the FBI for federal computer hacking at the same time he was winning the Porsche and $20,000 in prize money at a separate station. Poulsen spent 51 months in a federal prison, the longest sentence of a cybercriminal at that time.

6: Steve Jobs and Steve Wozniak

The now-famous founders of Apple Computer spent part of their youth as hackers. They spent their pre-Apple days (circa 1971) building Blue Box devices (an early phreaking tool allowing users to make long distance calls without the financial charges) and selling them to fellow students at the University of California, Berkeley.

7: David Smith

Smith’s fame comes from being the author of the infamous email virus known as Melissa. According to Smith, the Melissa virus was never meant to cause harm, but its simple means of propagation (each infected computer sent out multiple infected emails) overloaded computer systems and servers around the world. Smith’s virus was unusual in that it was originally hidden in a file containing passwords to 80 well-known pornography Web sites. Even though more than 60,000 email viruses have been discovered, Smith is the only person to go to federal prison in the United States for sending one.

8: Jonathan James

James gained notoriety when he became the first juvenile, at age 16, to be sent to prison for hacking. James specialized in hacking high-profile government systems, such as NASA and the Department of Defense. He was reported to have stolen software worth more than $1.7 million.

9: George Hotz

While George Hotz may be a renowned jailbreak artist, he’s best known for being named as the primary reason for the April 2011 PlayStation breach. As one of the first hackers to jailbreak the Sony PlayStation 3, Hotz found himself in the middle of a very mean, public, and messy court battle with Sony — perhaps because of his public release of his jailbreaking methods. In stated retaliation, the hacker group Anonymous attacked Sony in what has been the most costly security break of all time. Hotz denied any responsibility for the attack and said, “Running homebrew and exploring security on your devices is cool; hacking into someone else’s server and stealing databases of user info is not cool.”

10: Gary McKinnon

In 2002, a decidedly odd message appeared on a U.S. Army computer: “Your security system is crap,” it read. “I am Solo. I will continue to disrupt at the highest levels.” It was later found to be the work of Gary McKinnon, a Scottish system administrator. Gary has been accused of mounting the largest ever hack of U.S. government computer networks — including Army, Air Force, Navy, and NASA systems. The court has recommended that McKinnon be extradited to the United States to face charges of illegally accessing 97 computers, causing $700,000 in damage. Adding even more interest to McKinnon’s actions is his insistence that much of his hacking was in search of information on UFOs, information he believed the U.S. government was hiding in its military computers.

Scroogle: Adding privacy to Google Search


Takeaway: Google Search is an amazing tool. Even so, to many, it has a dark side. Scroogle may be able to help.
Over the years, I’ve witnessed–from a safe distance–highly-charged debates about search behemoths like Google. The topic most often discussed is whether or not they retain too much Personally Identifiable Information (PII) for too long. Valuable lessons surfaced from those frank discussions, many important enough for me to write about.
Another place where I have gleaned similar information has been in the comment sections of the articles I just mentioned. One example is my introduction to Scroogle.
My first impression was: What an odd name. I didn’t think much more of it. Then a colleague gave his middle-finger explanation of the term. “Oh,” was all naive me could say, “You really think so?”

Scroogle, what is it?

Now I had to find out about Scroogle. First thing that caught my eye:
“Every day Scroogle crumbles 350,000 cookies and blocks a million ads.”
Next thing I noticed, Scroogle does not:
  • Pass cookies on.
  • Keep search-term records.
  • Retain access logs for more than 48 hours.
The website calls Scroogle a scraper. Being from Minnesota, I have this image of a scraper and it is not Scroogle.
Actually, after some study, referring to it as a scraper does make sense. The pertinent search results are “scraped” from Google’s response to the search query. And only that information, no cookies or additional requests, get back to the client’s web browser.
The following slide depicts the steps involved (courtesy of Scroogle):

Behind the scene

The process is simple. You enter your search request in the web browser, like normal. It is sent to Scroogle via a SSL connection — more on that later. Scroogle replaces all your identifying information with that of Scroogle. The search request is forwarded to Google. Google records the IP address and search information issued by Scroogle.
Google then replies with a cookie and the search results. Scroogle sanitizes the data, sending only the search results back to you. Below are the search results for ice scraper using Google:
Next are the results using Scroogle:

Scroogle, the plugin

The website calls Scroogle a browser plugin. Simple enough to implement, but I’d like to expand on the minimal help offered by the website:
  • Firefox: This link is to the Firefox add-on. All that is required is to click on the Add-on button.
  • Internet Explorer: Microsoft set up Internet Explorer to ask for the desired search engine. Details are at this link. All that is required is to enter http://www.scroogle.org/cgi-bin/nbbw.cgi?Gw=TEST where it asks.
  • Opera: Click on the following: Tools/Preferences/Search/Add. Pick a new keyword “example” and use http://www.scroogle.org/cgi-bin/nbbw.cgi?Gw=%s as the address.
  • Chrome: Click on Wrench/Options/Default Search Manage/Add. Then paste https://ssl.scroogle.org/cgi-bin/nbbwssl.cgi?Gw=%s where an URL is requested.
If you prefer not to alter the current configuration of your web browser, or are using a computer other than your own, Scroogle has a webpage similar to Google, where you can enter search terms.

Back to SSL

The Scroogle website points out why the creators decided to use SSL connections:
“For Scroogle, SSL is used to hide your search terms from anyone who might be monitoring traffic between your browser and Scroogle’s servers. This encryption happens when you send your search terms to Scroogle, and it also happens when Scroogle sends the results of your search back to you.”
The SSL webpage points out another advantage that I was not aware of:
“When the Scroogle results come back from an SSL search, and you click on any of the links shown on that secure page, there is another advantage. SSL does not allow the browser to record the address where that secure page came from and attaches it to any outgoing non-SSL links on that page. Normally all browsers do this and it’s called the “referrer” address.
Using SSL blanks out this referrer, so that any non-SSL site you click on from a Scroogle SSL page won’t know that you arrived at their site from Scroogle. The referrer will be blank, and your log entry at that site will look like any of the hundreds of bots that crawl the web all day and night with similar blank referrers.”
I did not know that until now.
That said, do not let the use of SSL connections lure you into a false sense of security. SSL may or may not be in play after you click on one of the returned search links. It depends on whether the web server advertised in the link is using SSL or not.

Both use SSL

Google also has the option to use SSL. And, Google makes the same claim on how encryption prevents third parties from intercepting transmissions between the user’s computer and Google Search web servers.
My immediate thought: It would be cool if the Scroogle servers talking to Google Search would use their SSL connection. I shot off an email to Scroogle and Daniel Brandt, Founder and President of Scroogle, offered this:
“No, the connection between my servers and Google does not use SSL.
There are two reasons for this:
  • The search terms for that hop are carried by the IP address of my server, and the only way they can be associated with the searcher’s IP address would be if someone hacked into my dedicated servers and read my logs. And they’d have to be quick about it, because I don’t keep any logs longer than 48 hours. I’m the only one with access to my servers.
  • I do not use DNS to do a lookup of www.google.com. Instead, I randomly select one of their static IP addresses for www.google.com (they have thousands). As you may know, https initiation requires a handshake that certifies that the domain name belongs to the IP address. Since I’m not using “www.google.com” at all, I cannot initiate an https session with Google.”
That makes sense to me. Thank you for clearing that up, Daniel.

Quality of SSL connection

I just happen to be researching a new Comodo website, SSL Analyzer. It is a free web-based scanning tool that checks the security of a web server providing SSL connections.
Included in the summary is information about the certificate and digital signature. Also included, is a list of security protocols and encryption suites supported by the web server.
SSL Analyzer uses the following designations to highlight problems:
  • Red: Problem that needs immediate attention.
  • Amber: Potential issue that needs evaluation.
With so much emphasis being placed on SSL connections, I thought, why not test them? Here are the results for Scroogle and the results for Google Search. You can see that both have issues. I am not sure I would consider them show-stoppers, but it is something to think about.

Bottom line

Now comes the hard part. After all is said and done, it ends up being a matter of trust. If using Google Search is important, but you are not sure about trusting Google, you may want to think about Scroogle.

Tuesday, 26 July 2011

HTML5: Attributes, semantic markup, redefined elements

HTML5: Attributes, semantic markup, redefined elements


The HTML5 specification, while not entirely finished, is scheduled to be near completion sometime around the year 2020 or 2022 timeframe; however, currently most browsers do allow for several attributes, semantic markup, and redefined elements and these are just some of the changes that can be incorporated into coding for web documents today.  This segment will show and demonstrate coding examples for empty attributes, attributes with values, semantic markup samples, conforming examples, and redefined elements.
Previous posts in this series include:

Attributes

Let’s get started with reviewing some of the ways attributes can be used to set various properties of an element. There are four different syntaxes that may be used for attributes and they are:
  1. Empty
  2. Unquoted
  3. Single-quoted
  4. Double-quoted
All four syntaxes may be used as explained in the HTML5 specification, and depending on what is needed for each specific attribute.
Empty: An empty attribute is one where the value has been omitted; in other words, this is shorthand for specifying the attribute with an empty value, which is commonly used for Boolean attributes. Examples of empty attributes:
<input name=address disabled>
<input name=address disabled="">
Unquoted: Quotes surrounding attribute values can also be omitted in most cases, and the value may contain any characters with the exception of spaces, single or double quotes, an equal sign, or a greater-than symbol. If these special characters are required then they need to be expressed with escaped character references, or they need to include the quotes or double-quoted attribute values. An example of an unquoted attribute:
<input name=address maxlength=300>
Single-quoted and Double-quoted: When quoting attributes, the value may contain the additional characters that cannot be used in unquoted attribute values, but for obvious reasons, these attributes cannot contain additional single or double quotation marks within the value. An example of a single-quoted and double-quoted attributes:
<input name='address' maxlength='300'>
<input name="address" maxlength="300">
Double-quotes are not required under the HTML5 specification except under the special conditions listed above, however as a general rule of thumb, they are recommended.

Semantic markup

According to the HTML5 specification, web authors must not use elements, attributes, or attribute values for purposes other than their intended semantic use when creating HTML documents. Being familiar with the content should come first, so that the markup used to describe it for the web is accurate. This may be the most pressing issue for the continued development of HTML and the specification’s current undertaking. Backward-compatibility is included in part of the solution, and while marching onward the solution is also working toward forward-compatible concerns as well.
The following is an example of conforming semantic markup:
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="utf-8">
<title>HTML5 Conforming Semantic Markup</title>
</head>
<body>
<hgroup>
<h1>HTML5 Conforming Semantic Markup</h1>
<h2>Coding examples</h2>
</hgroup>
<blockquote>
<p>This is an exciting time for web developers.</p>
</blockquote>
<p>This is a <a href="HTML5BaseTemplate.html">sample</a> template.</p>
</body>
</html>

Microdata

Semantic richness, while adding to the HTML lexis, is one area that the HTML5 specification is addressing. Semantic markup gives web authors the power to add microformat and RDFa type coding with the proposed and working microdata format using new attributes to nest semantics within existing web page content. This allows browsers to parse the information with logical associations, i.e., browsers recognizing a street address or phone number content as an actual physical location or telephone number listing. Microdata vocabularies can be custom designed or utilized from existing sources such as the Data-Vocabulary.org, and currently includes Event, Organization, Person, Product, Review, Review-aggregate, Breadcrumb, Offer, and Offer-aggregate.  Microdata global attributes include the following: itemscope, itemtype, itemid, itemprop, and itemref.

Presentational markup

Presentational markup is no longer allowed with the HTML5 specification, and the reasons for moving away from this include a history of poor accessibility, higher overall costs, and the resulting larger document sizes. However, there are two exceptions. The two presentational features that are still allowed in the HTML5 specification are:
1. The style attribute within a tag such as the paragraph example:
<p style="color:#99FFFF;"></p>
2. Style elements which allows web authors to embed stylesheets as in CSS within documents, as displayed in the paragraph style example:
<style>
p {
color:#99FFFF;
}
</style>

Redefined elements

The HTML5 specification has redefined several elements’ usage, including the following examples:
<b> - The b element should never be used for words of importance but can be used for lead sentences as in the conforming example:
<p><b class="lead">Semantic markup will help to optimize your web site
    and improve rank results in search engines.</b></p>
<p>Adding semantic markup to the planning stages of web design will
    ensure web sites are keeping up with the changing algorithms of browser
    ranking schemes. </p>
The b element should be used as a last resort when no other element is more appropriate. Other examples for use of the b element are key words in a document, product names in a review, or other spans of text whose typical typographic presentation is bold.
<strong> - No longer used for emphasis, but should be utilized for implying importance. Changing the importance of selected text with the strong element does not change the meaning of the sentence; it only increases the importance of the content. The example shows proper conforming use of the strong element:
<p><strong>Warning!</strong> This stream water is dangerous.
      <strong>Avoid drinking.</strong> Use your potable water for consumption.
      <strong>Do not drink any of the water</strong>,
      it is contaminated and <strong>will cause dysentery within two hours.</strong></strong>
      You have been warned.</p>
The relative level of importance of a piece of content is given by its number of ancestor strong elements; each strong element increases the importance of its contents.
i - The i element designates a span of text as an alternate voice or mood, or otherwise offset from the normal prose in a manner indicating a different quality of text, such as a taxonomic designation, a technical term, an idiomatic phrase from another language, a thought, or a ship name in Western texts. Examples of the i element in conforming use:
<p>The <i class="taxonomy">Taxodium distichum</i> or Bald Cypress is
a species of conifer native to the southeastern United States.</p>
<p>The term <i>semantic markup</i> is defined above.</p>
Web authors can use the class attribute within the i element to specify how the element is being used, and style sheets can also be utilized to format i elements, therefore it may be possible for content that is contained within an i element and may not actually be rendered as italicized content.
<br> - The br element is used to separate topics within a section that is actually part of the content such as in poems or for address listings as displayed in the conforming example:
<p class="address">John Q. Public<br>
123 Main Street<br>
Anywhere, AZ 12345</p>
small - Typically used in footers and sidebar or side comments for copyrights, legal jargon, privacy, disclosure, and disclaimer statements. Small print element is also sometimes used for attribution, or for satisfying licensing requirements. The small element does not reduce or take away from the importance or significance of the content. The element should not be used for extended spans of text or multiple paragraphs. Conforming code example is displayed below:
<p>More Examples Inc. today announced new product placement
for Test Samples Corp <small>(Full Disclosure: Test News is a subsidiary of
Test Samples Corp)</small>, leading to speculation about a new
product line rollout.</p>
<u> - The underline element is to be used for misspelled words and Chinese characters, in particular labeling Chinese text as a proper name. The current default rendering of the u element clashes with the conventional rendering of hyperlinks and web authors are encouraged to avoid using this element where it could be confused for a hyperlink.
Want to take a look at all the new specification’s elements of HTML? Or for an easier read, theHTML5 Doctor offers a quick reference guide of elements that are new or have been redefined in the HTML5 specification, and they can be found in searching through the HTML5 Element Index.
The next segment on HTML5 will review section elements including <article>, <aside>, <nav>, <section>, and the recommended usage for <hgroup> and <h1 - h6> headings.
Related Posts Plugin for WordPress, Blogger...