By Americaneagle.com Chief Technology Officer, Ryan McElrath
There are many common threats against websites today. According to the National Cyber Security Alliance (NCSA) and McAfee, close to one in five Americans report being victimized by a crime that was committed over the Internet. Whether it is a social media website such as Facebook or Twitter, an e-commerce website or a company website, every online platform is vulnerable to security attacks. It’s incumbent upon you to be aware of these types of attacks and make sure you and your hosting company are prepared to handle them.
While online threats are always evolving, there are a few in particular that are currently popular among hackers:
1. There are Web application attacks where hackers exploit vulnerabilities within the website code or Web server security. Common techniques for this include SQL Injection and Cross-site Scripting. A hacker may use an attack like this to extract sensitive information (like credit card data) or post malware, which is then downloaded by unknowing end users of the site.
2. There are distributed denial of service (DDoS) attacks where hackers attempt to take a website offline by overwhelming it with traffic rather than trying to gain access to sensitive data. Botnets of potentially thousands (and thousands) of infected computers spread out around the world are typically used to launch these types of attacks that can last for multiple hours or even days. Outages caused by DDoS attacks can result in heavy financial loss, as well as significant damage to a company’s reputation.
3. There are also social engineering attacks where hackers trick humans into giving them privileged information over the phone or via email, which is then used to log into unauthorized systems. Phishing is an example of this – this is when a hacker sends an email that appears to be legitimate and tricks the email recipient into typing his or her login/password into a website that resembles the real site. The hacker then uses that login/password to gain access to the real website.
Within the last several years, Sony, LinkedIn, Zappos, Yahoo, the South Carolina Department of Revenue and several major universities have all been victims of security breaches that exposed the personal data of millions of people. Meanwhile, large-scale DDoS attacks have knocked a number of high-profile websites offline, including Bank of America, JP Morgan Chase, MasterCard, NASDAQ, the FBI and the CIA.
With each of these types of security attacks, companies need to be aware that no matter how large or small they are, hackers are constantly looking for weaknesses within websites.
Below are a few simple tips on how to reduce the risk of the most common threats that will pay tenfold in the long run:
1. Using a Web application firewall (WAF) is a very effective way to help defend your website against application attacks that attempt to extract sensitive data from your site. A Web application firewall sits in front of your website and filters all requests, blocking requests that match the pattern of common attacks such as SQL Injection and Cross-site Scripting. Imperva’s Cloud WAF is an affordable software-as-a-service (SaaS) product for small to mid-enterprise businesses that offers the highest levels of website security without requiring a large equipment investment.
2. A common misconception about distributed denial of service (DDoS) attacks is the idea that your Web hosting provider will be able to stop any attack against your website with the firewalls within their data center. The reality is that these attacks continue to increase with intensity and regularly overrun even the most powerful of firewalls, causing outages for your website. The best defense against these types of attacks is to have protection through a DDoS mitigation provider that can filter requests through their scrubbing centers before the attack reaches your site’s infrastructure. These scrubbing centers allow legitimate traffic to continue through to your website while stopping the attack traffic that is attempting to knock your website offline.
3. Organizations can better protect themselves against social engineering attacks by training employees on security issues and going over specific methods that hackers may use to trick them into giving up personal information. For example, some common techniques used by hackers include acting like an internal employee or pretending that they’re conducting a survey as a way to justify the types of questions they’re asking. It’s important for employees to know that if they’re suspicious of a call or email, to ask their manager before releasing the information.
Organizations should create an incident response procedure to be used in the event that your website’s security is breached. As part of the procedure, your organization should notify the necessary authorities regarding the attack. This includes your local FBI office as well as the major credit card associations if card data is exposed during the attack.
About the Author: Ryan McElrath is the chief technology officer of Americaneagle.com, which is a Web design and hosting company based in Park Ridge, Illinois. Some of their 5,000-plus clients include Hobby Lobby, New York Giants, NASCAR, Stuart Weitzman, Garrett Popcorn, Chicago Bears, Abbott Laboratories and the U.S. Army.
Sony's PlayStation Vita has got me intrigued.
As much of the gaming world has moved toward smartphones and tablets, I've wondered if consumers (or myself as a gamer) would take to new handheld consoles the way they did with the Vita's predecessor, the PlayStation Portable.
But after spending a few minutes with the Vita in my hands at the 2012 Consumer Electronics Show in Las Vegas last week, my interest has piqued.
If you've played video games on the PlayStation Portable, which affectionately became known to most as the PSP, then the Vita will look very familiar at first glance. Joysticks and buttons are placed to the left or right of a nice, wide display and the graphics produced by the system are detailed and sharp.
But unlike the PSP, there are many features of the Vita that better equip Sony's handheld formula for competition in a smartphone-riddled future. On the front of the Vita is a 5-inch OLED touchscreen and a similarly sized touch panel can be found on the back of the device.
I played a bit of Uncharted: Golden Abyss, one of the titles that will launch with the Vita during its U.S. release on Feb. 22, and the game used traditional controls and the touchscreen. And switching between the different control options was intuitive and easy.
The Vita can also be used as a controller for Sony's PlayStation 3 home console, which could bring touch controls to even more games if developers embrace this feature. Though I didn't get to spend a long time with Uncharted or the Vita, the potential for some really creative game-play options was obvious.
The Vita will also run a number of smartphone-like apps, including apps for the photo-sharing site Flickr and video-streaming service Netflix, local-discovery app FourSquare and social networks Facebook and Twitter.
There are also two cameras on the Vita, one on the front and one on the back, and in the few test shots I snapped on the CES showroom floor, I have to say I was a bit disappointed. Photos didn't seem to be high quality and colors were washed out and not sharp. Sony wouldn't say what the resolution of the cameras would be for the U.S. release of the Vita, but the Japanese version (which went on sale on Dec. 17) featured VGA-quality cameras in front and back with a resolution of 640-by-480 pixels, which is about the same as an Apple iPad 2.
We'll be getting a review unit of the Vita in a few weeks, and I'll reserve final judgement for then, but after my hands-on time with the system, there's a lot to like and a few things that I'm not so excited about (aside from the camera). One of them is the pricing of Vita's new proprietary memory cards.
The Vita will sell for either $249 in a Wi-Fi-only version or $299 for a 3G/Wi-Fi model that runs on AT&T's network. AT&T is offering no-contract data plans for the Vita of $14.99 for 250 megabytes of data per month, or three gigabytes for $30. Games (on a new card format and not the UMDs found in the PSP) will sell for about $9.99 to $49.99, according to Sony. All of that seems to be pretty fair pricing in my opinion.
However, memory cards for the Vita — which you will definitely need if you want to store any apps, downloadable games, movies, music, photos or any other content on the Vita — are sold separately.
A four-gigabyte memory card will sell for $19.99. Not bad. An eight-gigabyte card will sell for $29.99 and a 16-gigabyte card will sell for $59.99. Getting a bit higher. And, a 32-gigabyte card will sell for a whopping $99.99.
It seems a bit painful to think you may end up spending an extra $100 after plunking down as much as $300 for a Vita, but this is the current reality, depending on how much stuff you'd like to store in the device. Ouch.
– Nathan Olivarez-Giles
Photo: The game Uncharted: Golden Abyss on the Sony PlayStation Vita. Credit: Armand Emamdjomeh / Los Angeles Times
When Google TV first launched a little more than a year ago, it had few hardware partners and failed to resonate with a wide consumer market. But the technology was back at the Consumer Electronics Show this year, with major tech companies promoting the software and saying its time had come.
"You've got to reorient customers to look at TVs as an actual smart device, as a device just like a tablet or a PC or a phone," said Matthew McRae, chief technology officer at Vizio, during an interview with The Times. "It takes a little bit of time, but I think that bridge has been crossed."
At CES in Las Vegas this week, Vizio was showcasing its 65-inch, 55-inch and 47-inch V.I.A. Plus HDTVs with Theater 3D; the VBR430 Blu-ray player; and the VAP430 stream player — all of which incorporate Google TV's 2.0 platform. V.I.A. stands for Vizio Internet Apps.
The V.I.A. Plus experience features an app-centric interface on every device, "making it easy for consumers to understand and navigate as they move between devices," the company said in a news release. Users can also access thousands of apps from the Android Market.
McRae said the company was encouraged by the advances in the second generation of Google TV, saying the earlier version of the software "missed on the simplicity front."
"When people sit down at a TV, it's got to be intuitive, it's got to be a few button clicks to whatever you're looking for," McRae said. "If you make it any more complex than that, they'll just give up…. So the user interface I think is actually more challenging to get right on a TV than it is on a tablet or PC."
The prospects for Google TV — which combines traditional television, the Internet, apps and search capabilities — are growing rapidly among developers, who are rolling out thousands of apps built specifically for televisions.
Vizio was especially excited to show off its new VAP430 stream player with Google TV, a media player that turns any HDTV into an enhanced V.I.A. Plus smart TV. Vizio's stream player, a small black box about the size of a wallet, features built-in HDMI ports that let users connect existing components like gaming consoles or set-top boxes for unified access to all media sources through the V.I.A. Plus touchpad remote. It also supports 3-D content and 3-D streaming.
Vizio officials said the stream player was expected to be released in the first half of the year, but declined to say how much the device would cost. Sales of stream players are poised to pass Blu-ray players in unit volume sales by 2013, Vizio said, making the devices the "perfect solution" for media multitaskers.
LG is also showing off sets with Google TV software that will launch in the U.S. in the first half of 2012 and later for the rest of the world. Among LG's Google TV offerings will be a 55-inch model, and each Google TV set from LG will include a "magic remote" with a built-in keyboard.
Google TV will run on LG's TVs alongside its Smart TV platform unveiled last year. Since last year's CES, LG said it had added more than 1,200 apps to its Smart TV offerings.
Sony too heavily hyped its Google TV products at CES and said it was expanding its line of devices that included the software.
The tech giant said it was rolling out two new set-top boxes powered by Google TV — one connected Blu-ray disc player and one Network Media Player. Enhanced features include access to the Android Market as well as a redesigned remote control for improved functionality, new linkage with the Sony Entertainment Network platform and a new mobile device interface that allows consumers to use smartphones and tablets as a content source.
"As a result more consumers will be able to enjoy multiple content sources from broadcast to streaming video and various apps through one easy-to-use seamless interface by connecting to any HDTV," Sony executive Kaz Hirai said during the company's CES news conference.
– Andrea Chang in Las Vegas
Upper photo: A Vizio HDTV shows off Google TV software, with live television and a panel of apps sharing space on the screen. Credit: Armand Emamdjomeh / Los Angeles Times
Lower photo: Vizio's VAP430 stream player with Google TV, a media player that turns any HDTV into an enhanced smart TV. Credit: Armand Emamdjomeh / Los Angeles Times
As always, the 2012 Consumer Electronics Show in Las Vegas has been filled with new TVs and home entertainment product announcements.
In fact, there have been so many announcements that it might be tough to keep up with them all if you're actually looking to CES to help you decide what your next TV set will be.
No worry, we're here to help sift through the noise. We'll have more on TVs and Google TV products coming, but here are some of the highlights from LG, Vizio and Sony thus far.
As we reported ahead of CES, LG had big-screen plans for this year's Vegas show with a new 55-inch OLED TV that is just 4 millimeters thick and an 84-inch LED-backlit LCD TV with 4K-display resolution.
For those who don't know, 4K resolution is what many in the TV industry believe will be the next bump up in high-definition standards for TVs and Web video. Current top-of-the-line HD TV sets available to consumers now are either 1080p or 720p — each number indicating the number of vertical pixel lines of resolution the HD sets can handle. The term 4K resolution identifies displays with about 4,000 horizontal lines of resolution. There isn't a ton of 4K video content out yet (most HD TV channels are 720p), but many filmmakers are moving toward shooting in 4K with newer digital cameras.
As promised, LG unveiled both the 55-inch and 84-inch sets at CES this year, each set falling into what LG is calling its Cinema 3D series of TVs, which will range in size between 55 and 84 inches and feature a super-thin bezel when they hit the market later this year. I saw both sets in person here at CES and they looked big, bright and clear.
Of course, how a TV looks on the showroom floor and how it looks in the living room can vary. But LG, as well as many other TV makers, seems to be producing thinner and lighter TVs with increasingly more detailed and accurate pictures displayed on screen.
Another announcement from LG this year was wider implementation of its Magic Remote, which was shown off at CES in 2011 too. As my colleague David Sarno noted in his reporting on CES, the Magic Remote acts much like the Wii remote used by Nintendo's Wii video game console.
With the motion-sensing Magic Remote in hand, a user can navigate on-screen TV menus, settings and even channel changes with a combination of gestures and button presses.
LG is also showing off Google TV sets that will launch in the U.S. in the first half of 2012 and later for the rest of the world. Among LG's Google TV offerings will be a 55-inch model, and each Google TV set from LG will come with a Magic Remote with a built-in keyboard.
Google TV will run on LG's TVs alongside its Smart TV platform unveiled last year. Since 2011's CES, LG said it has added more than 1,200 apps to its Smart TV offerings.
Just as it was last year, 3-D is a major theme at CES this year, and LG also said that about 50% of its 2012 TV line would be made up of 3-D TVs. But like Vizio, and unlike many other TV rivals, LG's 3-D TVs won't use active-shutter 3-D glasses. Instead, LG's and Vizio's 3-D TVs will work with passive 3-D glasses that are more like the glasses often found in movie theaters.
Irvine-based Vizio also showed off a newer, wider vision for home TVs. Dubbed Cinema Wide, Vizio is releasing a line of new TVs with a 21:9 aspect ratio. Nearly all TVs currently being sold have a 16:9 aspect ratio.
However, if you're watching TV on a Cinema Wide set, you're almost guaranteed to see black bars running to the left and right of the screen, since most TV shows and sporting events nowadays are broadcast in a 16:9 aspect ratio.
Vizio says it will release its Cinema Wide sets (which will also be 3-D TVs) in both 50-inch and 58-inch sizes in the first six months of the year, with a 71-inch size to follow later.
The bargain-priced TV maker is also releasing a lineup of Google TV products including TVs running the Google TV software, Google TV Blu-Ray player and a set-top box called the Stream Player that will enable Google TV to run on any HD TV.
In 2012, Sony's Bravia line of TVs will be divided into three series — BX for entry-level models, EX at the mid range and HX at the top.
The high-end HX line will be made up of LED-backlit LCDs with 3-D and built-in Wi-Fi for Skype and Sony apps. The even higher-end HX850 series will also feature screens made of Coring's Gorilla Glass, which is easy to clean and scratch resistant, as well as thin and light. The HX series will be available in 46-inch and 55-inch sizes, each with a 1080p resolution.
The EX line won't have Gorilla Glass or 3-D, but these TVs will have built-in Wi-Fi and Sony apps and will be available in 40-inch, 46-inch and 55-inch sizes, each with a 1080p resolution.
The entry-level BX line from Sony will be made up of some pretty basic TVs. The BX450 series,will offer 1080p resolution in 46-inch and 40-inch sizes while the BX330 series will consist of one 31.5-inch set with a resolution of 720p, the lowest resolution that can still be classified as high definition.
Top photo: LG's press conference at CES 2012 in Las Vegas on Jan. 9. Credit: LG
Second image from top: LG's Google TV Smart TV set. Credit: LG
Third image from top: Vizio's Cinema Wide TV. Credit: Vizio
Bottom image: Sony's HX850 TV at an angle. Credit: Sony
The lineup is mostly familiar, with LG, Samsung, Sony and Vizio producing Google TV products. Sony has released Google TV television sets and set-top boxes, and Samsung and Vizio both showed off prototype Google TV products at CES last year that never made it to market.
Absent from the Google TV hardware lineup this year is Logitech, which gave up on the Internet-connected TV software after its Google TV products failed to catch on with consumers, resulting in more returns than sales in the second quarter of 2011.
LG "will showcase a new line of TVs powered by Google TV running on their own L9 chipset at CES," Google said, also noting that Samsung and Sony will have new Google TV devices on the market this year. LG said in its own statement that some of its Google TV sets will be 3-D.
Vizio will hold "private demos at CES showcasing their new line of Google TV-powered products," Google said.
The Technology blog will be at CES next week looking at Google TV products and other new gadgets, games and technologies, so stay tuned.
– Nathan Olivarez-Giles
Photo: Sony's first-generation Internet-connected LCD television powered by Google's Android-based Google TV platform. Credit: Kiyoshi Ota / Bloomberg
Sony has cut $100 off the price of its first tablet, the Tablet S, in a move to entice consumers to its Android slate.
Those who buy a Tablet S also receive a free 180-day trial of Sony's Music Unlimited service, as well as five free rentals from Sony's Video Unlimited Service.
Through the end of January, the company is offering up five free downloadable "Classic PlayStation" games in its PlayStation Store app for new Tablet S owners as well.
The price drop, as listed in Sony's online store, pushes the Tablet S down to $399.99 with 16 gigabytes of built-in storage or $499.99 for 32 gigabytes of storage.
The dual-screen Sony Tablet P, which made its debut alongside the Tablet S as a prototype in April, still hasn't been released or given a launch date, although the tech giant promises it is on the way.
The Tablet S features a 9.4-inch touchscreen with 1280 x 800 resolution and a wedge-like shape that makes the slate feel something like a rolled magazine in the hand. A Wi-Fi Internet connection is needed for use.
The device also has a 5-megapixel camera in the rear and a 0.3-megapixel camera up front, 1-gigabyte of RAM and a dual-core Nvidia Tegra2 processor. The tablet runs on Google's Android Honeycomb operating system, but Sony has promised an update to the newer Android Ice Cream Sandwich.
Image: A Sony Tablet S running Sony's Video Unlimited service. Credit: Sony
Sony has announced that its tablets, the Tablet S and Tablet P, will receive upgrades to Google's Android 4.0 Ice Cream Sandwich operating system.
The tech giant, however, isn't yet saying when Ice Cream Sandwich will hit its tablets, of which only the Tablet S is on sale.
The Tablet S, which features a tapered shape resembling a rolled-back magazine and a 9.4-inch touch screen, went on sale in September at a price of $500.
Meanwhile, the Tablet P — a clamshell device with two 5.5-inch touchscreens and a hinge running through the middle of the displays that allows it to close on itself, screen to screen — was announced in April but has yet to hit stores or even get a solid release date.
Both devices currently run Android 3.0 Honeycomb, but that will soon change, Sony said in a forum posting on its website, as first reported by PCMag.com.
"We're happy to confirm that an update to Android 4.0 will be available for Sony Tablet," Sony said in a statement posted to its company forums. "Details including timing will be announced in due course, so please stay tuned."
Sony also said in the forum posting that it recently released a software development kit for the dual-screen Tablet P to help aid developers looking to create apps specifically for that device.
The company has previously stated that Ice Cream Sandwich, the first version of Android designed for use on both phones and tablets, will be heading to 11 Sony Ericsson smartphones next year as well.
Image: Sony's Tablet S, left, and Tablet P. Credit: Sony
Samsung Electronics Co. is buying Sony Corp.'s half of an LCD-display-making joint venture between the two companies for about $935 million.
The move will make S-LCD Corp., founded in 2004, a wholly owned subsidy of Samsung and help Sony withdraw from a venture that has given it eight years of losses.
After the deal's expected closed in January, Sony will take an $846-million loss, the Japanese tech giant said in a statement.
But the exit from the LCD-manufacturing business won't mean that Sony is leaving the TV or computer-display business altogether.
S-LCD will provide LCD panels for Sony products via a "long-term supply agreement of LCD panels, as agreed by the two companies," Samsung said in a statement.
– Nathan Olivarez-Giles
Photo: A Sony television with a remote control. Credit: Sony Corp.
After a little more than a decade, Sony Ericsson is reportedly dropping the Ericsson, giving Sony a cellphone brand of its own.
The move to re-brand Sony Ericsson as just Sony follows the October announcement that Sony is buying Ericsson's half of the joint venture for about $1.5 billion. The mobile phone company was founded in 2001 and currently makes a wide range of smartphones, with some Google Android handsets among its offering.
Kristian Tear, a Sony Ericsson executive vice president, told the Times of India about the re-branding effort, stating that the switch should be completed by the middle of 2012.
"A lot of planning goes into getting the branding right but we will be done by middle of next year," Tear said. "It will also mean that the marketing and advertising investments will go up. We haven't been as fierce as we were a few years back but we will step it up, refocus and invest more in brand-building in select markets, and India is one of those markets."
The name change makes sense given Sony's pending sole ownership of the mobile phone maker.
As the Los Angeles Times has previously reported, Sony will also cross-license five essential patent families relating to wireless handset technology as a part of its takeover of Sony Ericsson.
– Nathan Olivarez-Giles
Photo: Sony Ericsson Xperia Play smartphone. Credit: Sony Ericsson