SSL vulnerability called BEAST
Does it affect your secure webserver?
You should know, if you accept credit cards or handle social security numbers on your website.
See these two articles for more expert information:
Testing:
This company will test your https connection. Here's a example report.
https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fmillfalls.com&hideResults=on
From Lux-Sci: Real-world vulnerability? What is affected by BEAST?
This problem can affect people browsing secure web sites, allowing eavesdroppers to gain full access to your accounts on those web sites under certain conditions. It does not affect
- Other secured services such as email (IMAP, POP or SMTP) that use SSL or TLS for security.
- Use of SSL-secured web site connections for posting data (i.e. posting data from secure web forms)
It does affect:
- Accounts you may have with secure web sites that you login to, like PayPal, LuxSci, Gmail, Bank of America, Facebook, etc.
Solution:
It is not yet feasible to use a browser or webhost that supports TLS 1.2. For now, here is LuxSci's advice:
The Take Away Message
People should always be concerned and aware of security as the landscape changes constantly. We think that beyond the need to upgrade and to implement software fixes, consider the following:
- We should actually use SSL and TLS whenever possible. Insecure sites puts our browser and computer at risk, as we have no control over what malicious third party may inject into our browsing session. SSL and TLS actually protect us from that threat.
- When going to secured web sites, it is best to start in a new browsing session or one that has only visited other secure (https://) sites.
- Make your home page a secure site and your other secure sites easily-accessed via bookmarks
- Use a separate web browsers for normal insecure browsing and for access to your secure sites.
- Keep your software, web browsers, operating system, anti-virus, and other components up to date.
Mac OS X How to Zip a File with Password Protection
zip -e archivename.zip filetoprotect.txt
Accept Credit Cards on the Go
Square Inc.
EBay offers PayPal Here
Intuit offers GoPayment
Eventbrite offers At The Door Card Reader
A credit card swiper that plugs into an iPad’s charging slot and can be used to sell tickets and merchandise at event sites.
Is your Mac infected with Flashback?
Earlier variants of this new malware against Macs target Safari and Firefox. Recent variants only target Safari.
How to locate an infection by the Flashback trojan?
Type or copy/paste this command into MacOSX Terminal:
defaults read /Applications/%browser%.app/Contents/Info LSEnvironment
From the excellent post: https://www.f-secure.com/weblog/archives/00002336.html
Mac OS X: Removing information about completed print jobs
In Mac OS X v10.5 and later, it's impossible to remove (clear) information about completed print jobs without this tip.
Products Affected: Mac OS Printing/Fax (any version), Mac OS X 10.5, Mac OS X 10.6, OS X Lion
If you would like to clear the list of completed print jobs for any print queues (which will also clear any pending or active print jobs), Apple says to: Delete the printer, then add it again.
Wow, that's a bit of a hassle. Instead, you can Clear the entire print queue in OS X with a Terminal command. Launch Terminal and type:
cancel -a -
Preventing future print jobs from appearing in the completed jobs list (advanced)
If you would like to prevent all future print jobs from being included in the list of completed jobs, open Terminal and execute this command:
cupsctl PreserveJobHistory=No
You can later restore the default behavior of retaining a list of completed print jobs by resetting the printing system, or by opening Terminal and entering the command:
cupsctl PreserveJobHistory=Yes
Too bad Apple didn't make the Delete button actually work in the Printer Manager!
D’Oh, Says Global Registrar Network Solutions
It wasn't D'oh that I said when I was stymied in my attempt to update a nameserver record.
CSS 3 – Box Shadow properties
The box-shadow property in CSS3 allows a comma-separated list of shadow attribute values.
These specify, in order, the horizontal offset, vertical offset, optional blur distance and optional spread distance of the shadow);
Then, an optional color value and an optional ‘inset‘ keyword.
Inset lets you create an inner shadow, rather than the default outer shadow.
Examples:
box-shadow: 5px 5px; box-shadow: 5px 5px 15px #888; box-shadow: inset 2px 2px 2px 2px black; box-shadow: 5px 5px #666, -12px -12px #f4f4f4, 0px 0px 15px 15px #cc6600;
These are supported in newer browsers.
Mac Users: Configuring new Mail Accounts in Thunderbird 3
Creating a new Account for which you want to use the Global Inbox
When you create a new POP mail account in Thunderbird, the Account Wizard may ask if you want to use the Global Inbox for that account. If it does that (and you want a global inbox), check that feature. If it doesn't ask (recent versions don't) then you need to select "Global Inbox (Local Folders account)" in Preferences -> Advanced -> Config Editor .
Try to do that before Thunderbird checks for new mail to avoid complications.
If you often create new accounts, you can set the default in the Account Wizard by setting the preference :
mail.accountwizard.deferstorage
to
true
(to check the box by default), or false (to clear the box by default).
In a new Thunderbird profile this preference does not exist initially, so you must create it as a new Boolean preference.
On the Mac, right-click in the editing window, and choose "New..."
Changing the Global Inbox setting for an existing account
To change the Global Inbox setting for an existing account, you need to follow three simple steps.
Change the destination Inbox
Go to "Tools -> Account Settings -> Server Settings" and click on the "Advanced" button. A dialog box will then pop open.
To set the account to use the Global Inbox, select "Global Inbox (Local Folders Account)" and click "OK".
- Important: if the account already has messages in the Inbox or other folders, you should copy or move these messages into Local Folders before setting the account to use the Global Inbox. If you don't copy or move the messages into Local Folders and you set the account to use the Global Inbox, the account will no longer be displayed in the folders pane and you will not be able to access those messages unless you go back and undo the Global Inbox setting.
To set the account to not use the Global Inbox, select either "Inbox for this server's account" or "Inbox for different account" and click "OK".
Check settings for other folders and filters
After you have changed the account's setting for which Inbox to use, see if any of the following need to be changed:
-
- Go to "Tools -> Account Settings -> Copies & Folders", and look at the destination folders for Sent, Drafts, and Templates. Make sure that the messages for each will be stored in your preferred folder locations.
- If you are using junk-mail filtering for the account, go to "Tools -> Account Settings -> Junk Settings" and verify that the folder selected for Junk messages is the one you want to use.
- If you have set up any filters, go to "Tools -> Message Filters" and make sure that they will work properly with your new Inbox configuration. Especially important if you are changing an account so that it will start using the Global Inbox: if you have set up any filters that sort messages into any of the folders for the account, you should disable/delete those filters or change the destination folders.
Exit and restart Thunderbird
Important: exit Thunderbird and restart before downloading mail into any account whose Inbox/Global Inbox setting you've changed. If you do not exit and restart, messages might continue to download into their "old" locations (e.g., into the individual account Inbox rather than the Global Inbox).
Human Costs of an iPad
From a NYTimes article titled "In China, Human Costs Are Built Into an iPad"
“You can either manufacture in comfortable, worker-friendly factories, or you can reinvent the product every year, and make it better and faster and cheaper, which requires factories that seem harsh by American standards,” said a current Apple executive.
“And right now, customers care more about a new iPhone than working conditions in China.”
Important exposé.
Photograph by Ryan Pyle for The New York Times
Aluminum dust from polishing iPads caused the blast at Foxconn's plant in Chengdu.
What is Search Engine Optimization
Don't know what search engine optimization is? Know someone who needs easy to understand overview of SEO? That's what this video provides, in three minutes. It's part of the many resources provided by Search Engine Land's "What Is SEO" page http://searchengineland.com/guide/what-is-seo.
Translate
Categories
- Advertising (14)
- Business (14)
- Computers (Mac) (22)
- Computers (Windows) (5)
- Consumer Rights (2)
- Design (10)
- Ecommerce (4)
- Latest news (19)
- Legal (4)
- Mobile (16)
- Music (2)
- Partnerships (2)
- Programming (17)
- Publishing (5)
- Search engine optimization (9)
- Security (13)
- Social Media (19)
- Technology (28)
- Video (3)
- Web Hosting (6)
- Website topics (21)
Recent Posts
- SSL vulnerability called BEAST
- Mac OS X How to Zip a File with Password Protection
- Accept Credit Cards on the Go
- Is your Mac infected with Flashback?
- Mac OS X: Removing information about completed print jobs
About PDG & Associates
Twitter Feed
- RT @catswhocode Sending SMS with PHP and TextMagic: An A to Z guide | http://t.co/AnmvElqa https://twitter.com/#!/pdgurney
- Physical exercise creates a greater capacity to learn; it's up to each individual to use that capacity wisely http://t.co/gQBH2ebD https://twitter.com/#!/pdgurney
- Support the EFF "https everywhere" campaign - secure browsing to prevent ISP ad injection http://t.co/ssZqVG5Q https://twitter.com/#!/pdgurney
- Wow... compelling overview of Americaâs bankrupt financial morality http://t.co/yTA5MzHl https://twitter.com/#!/pdgurney
- network hardware glitch resolved @wiredtree - thanks for solving quickly. Plus the many incidents of personal help outweigh any hiccups! https://twitter.com/#!/pdgurney
Archives
- April 2012 (4)
- March 2012 (2)
- February 2012 (2)
- January 2012 (4)
- December 2011 (1)
- November 2011 (1)
- October 2011 (1)
- September 2011 (9)
- August 2011 (3)
- July 2011 (4)
- June 2011 (1)
- May 2011 (9)
- April 2011 (5)
- March 2011 (9)
- February 2011 (3)
- January 2011 (1)
- December 2010 (3)
- November 2010 (1)
- October 2010 (2)
- August 2010 (1)
- July 2010 (2)
- June 2010 (3)
- May 2010 (4)
- April 2010 (2)
- March 2010 (2)
- February 2010 (5)
- January 2010 (6)