Wednesday, December 29, 2010

Web Templates

Back in the stone ages of the mid-1990's, I developed Web pages by hand. Some of my students seem pretty impressed that I can still code a page by hand, and seem to want to do things that way as well. My advice at this point is to not do it that way. A good working knowledge of HTML can be useful in order to tweak a page, or if you are writing a script to generate a dynamic Web page. However, for static Web sites, it generally makes a lot more sense to just use a Web development tool such as Adobe Dreamweaver.

As someone who is not a graphic designer, I would have problems making attractive Web sites. If I were really planning on doing Web development, I would either find a graphic designer to work with, or plan on purchasing some sort of package. Many times, designers or design companies will sell templates to Web developers for this purchase. For example, a site like Project Seven sells some really nice designs that I would never be able to create for $60. The nice part is they are designed for use with Dreamweaver, and should cleanly plug right in to your interface.

I look back on some of my early Web work, and it was clumsy, but by purchasing the rights to something like that, I'd be able to make some really professional sites with very little effort.

Friday, December 24, 2010

NORAD Santa tracker

It always amazes me how people use technology.

As a child, I remember writing a letter to Santa. Now, you can email Santa.

Just to one-up that, NORAD (North American Aerospace Defense Command - a joint Canadian/American effort) has launched a Santa tracker, complete with Google map and computer graphic video. Pretty cool stuff! If I had a small child to show this to, I would certainly do so.

noradsanta.com

Hope everyone has a nice holiday break. Looking forward to doing some recharging myself.

Friday, December 17, 2010

Java up, Adobe down

...in terms of exploits, anyway. Looks like Java exploits are gaining favor with hackers again lately, according to this CNN article.

One of the problems with the Internet and specifically the World Wide Web is there are so many moving parts. Many novice users do not seem to realize the complexity of it all. Any application software (including Web browsers) present security risks, and when you add in the various plug-ins (such as Adobe Flash Player, Javascript, Microsoft Silverlight, etc.), you have a hacker's paradise. In the typical interaction, you have three points where security breaches can happen:
1) The browser
2) The plug-in
3) When the browser and plug-in interact

A perfect secure world would have no plug-ins at all, but that is not realistic. We are left as end users to hope the developers of the plug-ins secure their products.

Adobe has come under fire a bit for some of their exploits, but it seems as if they have done a good job (albeit, a reactive job) of plugging up some of their security holes. The report linked above shows that the number of Adobe exploits recorded has gone down, while Java exploits have gone up. Does that mean that Adobe has fixed their problems, or does it mean that Java problems are easier to exploit? That I can not tell you.

Saturday, December 11, 2010

There's an option for that

One thing many computer users don't seem to intuitively understand is the idea of customization for the programs and apps they are using.

My approach to using software is to try to use the software, and when I find something I don't like, to try to find some way to change it. For example, inside of Microsoft Internet Explorer, you can change the start page. Most computer savvy users know this, but one of my friends just called this morning saying he changed his somehow and couldn't figure out how to switch it back.

This applies to Web sites as well. For example, Facebook allows you to turn off certain notification emails, change privacy settings, and change many other options. Most free email providers allow you to set up "filters", which would basically let you screen your mail (for example, you could have all email from people at a certain college go in to a special folder so it does not fill up your Inbox, but does not get deleted). If you use a site such as Yahoo! Calendar, you can set it up so it will send email reminders for events to a certain email address or phone number by default, instead of having to set that up every time you create a new event. Even games like World of Warcraft are customizable. You can switch things on or off using some of the menus in a game.

Chances are, if you are annoyed by something, there is an option to change it. Don't like Excel starting every file with three worksheets? You can change that. Do you hate it when you open a bunch of windows, and things compress on your taskbar? That can be changed. Would you prefer your Word to always space in one inch when you hit tab instead of a half inch? That can be done. Does your Blackberry give you annoying little "message sent successfully" messages every time you send an email? That can be removed.

The key is knowing that things can probably be changed, and finding the answer on the Internet.

Friday, December 03, 2010

Bring out the Dancing Pigs!

"Given a choice between dancing pigs and security, users will pick dancing pigs every time."

Once someone explained that line to me, I loved it. Basically, Bruce Schneier (a US computer security consultant and cryptographer) explained, "If the computer prompts him with a warning screen like: "The applet DANCING PIGS could contain malicious code that might do permanent damage to your computer, steal your life's savings, and impair your ability to have children," he'll click OK without even reading it. Thirty seconds later he won't even remember that the warning screen even existed."

That basically seems to summarize computer security these days. Users often get taken in by phishing schemes, download viruses, give out personal information, and do other things that compromise security...for the promise of dancing pigs. Smart hackers do this and create attractive links that people will click on.

As you can see, there are tutorials taking potential phishers through the process of stealing information. Stopping sites posting information like that is like playing Whac-A-Mole.


Congrats, you shut down a phishing site! Put down the hammer, I don't think others will pop up!

I do not know that most Americans are adequately prepared to figure out what sites are legitimate and which ones are not (and to read warnings). Sadly, people seem to learn by making mistakes and losing their personal information or getting hacked.