Connect with us

News

HTTP SECURITY CONSIDERATIONS – AN INTRODUCTION TO HTTP BASICS

Published

on

HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.

HTTP Security Considerations - An Introduction To HTTP Basics

HTTP is the protocol that powers the web and to penetrate via a web service it pays to have a good solid foundational understanding of HTTP, how it works and the common response codes – many of which can lead to some kind of vulnerability which is exploitable.

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, and hypermedia information systems.[1] HTTP is the foundation of data communication for the World Wide Web.

Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.

Development of HTTP was initiated by Tim Berners-Lee at CERN in 1989. Standards development of HTTP was coordinated by the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C), culminating in the publication of a series of Requests for Comments (RFCs). The first definition of HTTP/1.1, the version of HTTP in common use, occurred in RFC 2068 in 1997, although this was made obsolete by RFC 2616 in 1999 and then again by the RFC 7230 family of RFCs in 2014.

Source: Wikipedia

From a security perspective it’s important to understand:

– Requests
– Request methods
– Responses
– Response status codes

All of which are covered in the Security-focused HTTP article by Acunetix.

You can find the article with the full details here:

HTTP Security: A Security-focused Introduction to HTTP, Part 1

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Hardwares

BEST IPHONE 2018: WHICH IS THE BEST APPLE PHONE?

Published

on

Best iPhone 2018: Which Apple phone should you buy?

Now isn’t the best time to buy an iPhone. Apple has just launched its latest flagship phones with the iPhone XRiPhone XS  and iPhone XS Max so the market’s about to get a massive shake up.

The soon to appear iOS 12 will further change the iPhone landscape when it appears later this year. The focus for the company with regards to the update has been performance, aiming to make phones as far back as the iPhone 5S feel faster in operation.

It is making the keyboard faster to open, camera faster to shoot and general performance better. There are new features, too, which include an option for grouping notifications together, an updated Stocks app and a brand-new Books experience.

Arguably, the most important feature is Screen Time, which will enable you to gauge how much time you spend on your phone each day. This data will be broken down into screen-on time, the specific time you spend in each app and so on, allowing you to set limits for certain apps. These limits can even be applied to your family members. If you feel you use your phone too much, this could prove a great addition.

Finally, Apple has updated its Do Not Disturb mode. You can now set it so you won’t receive any notifications at night, and its far more granular with its settings.

The soon to appear iOS 12 will further change the iPhone landscape when it appears later this year. The focus for the company with regards to the update has been performance, aiming to make phones as far back as the iPhone 5S feel faster in operation.

It is making the keyboard faster to open, camera faster to shoot and general performance better. There are new features, too, which include an option for grouping notifications together, an updated Stocks app and a brand-new Books experience.

Arguably, the most important feature is Screen Time, which will enable you to gauge how much time you spend on your phone each day. This data will be broken down into screen-on time, the specific time you spend in each app and so on, allowing you to set limits for certain apps. These limits can even be applied to your family members. If you feel you use your phone too much, this could prove a great addition.

Finally, Apple has updated its Do Not Disturb mode. You can now set it so you won’t receive any notifications at night, and its far more granular with its settings.

Source: https://www.trustedreviews.com/best/best-iphone-3501342

Continue Reading

News

IN KILLING INBOX, GOOGLE TAKES ANOTHER SWIPE AT ITS MOST PASSIONATE USERS

Published

on

For all its skill and dominance in artificial intelligence, Google can be surprisingly lacking in the natural kind.

In move after move, Google snatches defeat from the jaws of victory. And all because the company’s culture is blind to the value of passionate users.

I’m quite certain that Google watches user numbers and applies analytics to everything it can measure. A radically analytical approach is powerful, but it can blind you to the factors that cannot be measured. Factors such as user passion.

My favorite example is Google+. After an initial surge of usage in the first couple of years, the social network gradually fizzled — smothered by a reputation for low engagement.

That reputation was largely false. But over time it became a self-fulfilling prophecy as Google took repeated action to hide and suppress engagement.

It killed Circle sharing, the best way to discover high-quality active users. It added Communities, which reduced attention aimed at users. Its dumb algorithms flagged (and thereby hid from public view) high-quality comments, while simultaneously failing to flag obvious spam. (Eventually, Google’s algorithms got much better, but only after most users had already abandoned the platform.)

This is a great plan — if your objective is to minimize user engagement.

DealPosts
sale 15931 primary imagePrep for Cisco, CompTIA, and More IT Certifications With This $39 Bundle
sale 16146 primary imageHere’s How You Can Train To Get Your MCSA and MCSE Certifications
sale 7548 primary imageYou Can Get 85 Hours Of Cybersecurity Certification Training For $69
Google+ was, and still is, the online playground for Google’s most loyal fans. Google could have brought a billion people into this playground, where Google fans could hold sway and persuade everybody else to share their enthusiasm for Android, Pixel phones, Pixelbooks, Google Search, Google Assistant, Google Home, Gmail, YouTube and all the rest.

Instead, it actively buried or suppressed user engagement until Google+ became a shell of its former self. It has robbed its own most passionate users of audience, demonstrating that it doesn’t understand the value of those users.

And now it’s doing something comparable with email.

Google giveth, and Google taketh away
Google this week announced the end of two email-related products.

The first is the experimental alternative to Gmail called Inbox. The other is a Chrome app for offline Gmail.

The Gmail Offline Chrome app, which Google introduced seven years ago and hasn’t updated for five years, will be removed from the Chrome Web Store on Dec. 3. It has been superseded in functionality by the web version of Gmail, which has supported superior offline capability for years. (You can turn on the offline feature by going into Gmail Settings, choosing the Offline tab and making sure the “enable offline mail” checkbox is checked.)

But nobody cares about the Gmail Offline Chrome app. Good riddance to it. Technically, it never even made it out of beta.

The termination of Google Inbox, on the other hand, is more problematic. Inbox will be killed in March, according to a Google blog post this week.

Inbox, which is officially and oddly branded Inbox by Gmail, was launched as an experimental app in 2014. And probably in a panic.

Back in 2013, Gmail was proudly text-based and largely devoid of significant interface design. The service was popular and growing, and it looked as if Google would rule the email roost indefinitely.

Then catastrophe struck.

In early 2013, a startup announced an app for iPhone called Mailbox. More than a million people signed up to try it before it even launched, based on the innovation and appeal of its user interface.

The key Mailbox innovation — common now but revelatory then — was the use of swiping left or right to move or snooze messages. Mailbox emphasized other interface elements as well, including the containment of elements into boxes or “cards.” The combination of Mailbox features facilitated the quick achievement of “zero inbox” — Mailbox made it easy to skim and process emails.

It’s possible that the interface of Mailbox, and the obvious appeal of it, shocked Google into rethinking its hyper-minimalist design and may have influenced the course of its design language, Material Design, which the company introduced in the summer of 2014.

Google announced Inbox — one of the first Material Design products — a few months later.

Google may have rushed Inbox to market to stave off the loss of users to swipe-centric, card-happy upstarts such as Mailbox and its subsequent imitators.

Alas, poor Mailbox never had a chance. Its fatal flaw was that it wasn’t an email service, but a front end to the email services owned by other companies.

The companies that did control email services, including Google, easily copied the most appealing user interface elements of Mailbox, making them ubiquitous and Mailbox, therefore, worthless.

Dropbox, having acquired Mailbox one month after its launch, killed it in December 2015.

Gmail itself gradually got a Material Design makeover, as well as many (but not all) of the features popular in Inbox, such as Smart Replies.

Gmail still lacks Inbox’s Reminders integration, mobile app inbox swiping to manage messages, message bundling, inbox pinning and what fans call a “cleaner” UI.

Importantly, the overall feel of Inbox and Gmail — and the muscle memory required to use each — are still very different.

Why killing Inbox is a mistake
Google probably has around 1.3 billion email users by now.

Most of them use only Gmail. A sizable minority uses only Inbox. And lots of people — including yours truly — switch back and forth between the two.

That switching is facilitated by a number of factors. One of these is that filters created in Gmail Settings function inside Inbox.

Many users prefer using Gmail in their desktop browser because they like the granular control over everything, but they prefer Inbox on mobile for the Mailbox-like ease of use.

Google’s thinking appears to be that:

One email system is better than two.
More people use Gmail than Inbox.
Gmail is close enough now to Inbox in interface and features,
And, therefore, it’s time to kill Inbox.

The problem with this thinking is that all users are being treated equally here. If Google were able to measure the passion of users, it would almost certainly realize that far more passionate users are using Inbox.

Which is not to say that passionate Google users don’t use Gmail. They do. Some power users love Gmail because it allows more user control.

Still, many users stick to Gmail because they really don’t care that much. They’re used to it and don’t feel like changing anything.

Inbox users are the users looking for the newest thing, the users who can more quickly adapt to a new way of doing things, the users who jump on all of Google’s newly launched innovations because they trust Google.

The most cynical summary of this history is that Google had Gmail and everybody was happy. Then Google created a more innovative alternative, and its best and most active and engaged users loved that alternative. Then it killed that alternative after its most loyal fans had dedicated countless precious hours mastering it.

This is a great plan — if your objective is to minimize confidence and loyalty among your most passionate users.

And that’s why killing Inbox is a mistake. It’s yet another slap in the face of the passionate minority.

What Google doesn’t understand is that not all users are the same. Passionate users are far more valuable to Google than indifferent users. They try new things. They buy stuff. They persuade the public in Google’s favor.

By mismanaging Google+, killing Reader and now killing Inbox, Google has been making passionate users less passionate.

If it keeps this up, its most passionate users are going to take their passion somewhere else.

Continue Reading

Mobile Phones

THE APPLE WATCH STOLE THE SHOW FROM THIS YEAR’S NEW IPHONES

Published

on

The most exciting announcement from Apple’s annual iPhone event on Tuesday was not a set of three new smartphones, but a smartwatch. The Apple Watch Series 4 — with its rounded corners, larger display, and built-in EKG scanner — became undoubtedly the most sought-after gadget in the aftermath of Apple’s fall hardware refresh. While many people have bemoaned having to choose between the iPhone XS and XR, or are simply forgoing a mobile upgrade entirely, the Series 4 stood out for how simple of a purchase it is for those who’ve been sitting on the sidelines of the wearable market.

For those like me who’ve had an older Apple Watch Series 0 or 1, it’s a no-brainer, and it was what I was most excited about when I decided to stay up on Thursday night to claim a midnight order. The disparity is best illustrated by the fact that, after less than half a day of orders, every single tier of iPhone XS available right now has a September 28th to October 5th shipping window. Nearly every model of the Apple Watch Series 4, on the other hand, won’t ship until October 12th to October 19th.

There’s a number of reasons why the Apple Watch is outshining the iPhone these days. The first and most obvious is that the iPhone has become boring, trapped by the diminishing returns Apple can wring out of the device year after year. It would seem, 11 years after the introduction of the first iPhone, that Apple’s marquee product has simply lost a majority of its luster. There are only so many upgrades and standout features you can add to a mobile product before its incremental changes are overshadowed by how much it costs.

Simply take a look back at the last four years of iPhones. In 2014, Apple introduced the Plus version of the iPhone when it released the iPhone 6, which helped cement the trend of ever-larger displays that Samsung and other Asian manufacturers had first promoted. In 2015, the phone was paired with the Apple Watch for the first time, giving diehard fans a better reason to incorporate more Apple hardware and software into their lives. The year after, the company removed the headphone jack and released the AirPods, kicking off a debate about how and when to force consumers and the industry toward a wireless vision for the future. Last year, we got the iPhone X. With its signature notch, bezel-less display, and FaceID, it became an industry trendsetter and facilitated a more interesting debate about smartphone design than we’ve enjoyed in years.

This year, which is admittedly an S upgrade year and so understandably less exciting, it doesn’t seem like there’s a lot of room for the iPhone to grow. That leads to the second most obvious reason why it’s become harder to care about the iPhone: price. As the iPhone has stagnated in terms of new features, Apple has increased the average cost of its flagship device by more than $300, from around $775 to $1,100.

The company figured out last year with the iPhone X that customers would be willing to pay not for meaningful new features, but for design and aesthetic improvements. So it began using higher-quality materials, like OLED displays and glass back plates, and increasing the available storage tiers. This year, you can get an iPhone XS Max with 512GB of storage for $1,449, making it the most expensive iPhone ever made, just like the X was before it.

working out supply chain and manufacturing kinks.) There is an argument to make that the XR is the more interesting, mass market-friendly, and potentially successful phone of the three, but we won’t know that until later this year.

As it stands today, Apple’s flagship phone is the least exciting device it’s put out in a long time, and it’s easy to see why it’s being outshined by the Apple Watch. What started as an underdog product arriving late to the wearable scene, the Apple Watch has since become not only the world’s best-selling wearable, but the world’s best-selling watch, period.

Apple has achieved that by consistently improving its hardware and software with each new annual iteration. Just like the early days of the iPhone, each new Apple Watch adds something exciting and legitimately impressive, from the water-resistance of the Series 2 to the cellular connectivity of the Series 3. Now, with the Series 4, Apple has added a built-in EKG scanner and the first hardware design overhaul the watch has had since its inception.

There will be a time when the Apple Watch, like the iPhone, becomes a stagnant product that simply becomes more exorbitant and expensive. Ironically, Apple’s very first Apple Watch contained a line of now-discontinued models as expensive as $17,000. So there’s quite a lot of room for the company to grow its smartwatch brand and expand it back into the luxury market. But until then, we can expect quite a few more years of novel innovations and design overhauls.

Perhaps Apple overcomes engineering and design hurdles to create a round-shaped Apple Watch. Maybe the company figures out how to extend the battery life by more than 24 hours. There’s myriad ways the Apple Watch can improve and reach a more mass-market audience. But one thing is for sure right now: with the Series 4 out in the wild, it’s probably a more invigorating time to be developing the next Apple Watch than the next iPhone, and customers seem to be responding visibly to that shift.

Continue Reading
Advertisement

Trending