Euro ban for Samsung Galaxy phone

Now the question is, was this really necessary? Just a month ago, the following headline blazed across the BBC news website: Apple holding more cash than USA. Should Apple be so scared of Google?

I believe the answer to that question is yes. I have used both the iPhone 4 and Samsung Galaxy S and there is no doubt in my mind which of the two is the better phone. Take your research online and you will find that the iPhone only beats the Galaxy in one aspect, and that is the App market. The Galaxy range of phones (and other new models sporting the Android OS) defeat the iPhone in all other categories. There is a fantastic image I found posted on Google+.

iPhone VS Galaxy 2

I think this is a fantastic image which accurately portrays the difference between the iPhone and Galaxy 2. Of course, the iPhone fanatics out there will disagree with me and trying to persuade them otherwise is like attempting to draw water from the stone pictured above. Once a Mac user, always a Mac user. Bottom line, Google is going to take over the world (well, the technological world anyway). Accept it now and save yourselves from future pain and sadness ;P

Google+

I read recently that Google+ membership is made up largely of tech-savvy men in their 20′s. And what kind of content do they post? Techie stuff. As a woman, I represent a fairly small minority in that I understand much of their jargon – and an even smaller minority when I give a damn about any of it.

There’s a reason why nightclubs have “ladies’ nights” and “ladies free before 10am” policies. Indeed, its an immutable law of economics: if there were no women in any given bar or club, would men hang out there? I think not. Instead, sensible proprietors provide incentives to encourage women to spend time in their establishments. And, in general, men (with some exceptions) seem happy to pay extra so that clubs will tip the gender scales in their favour.

When Facebook first came out, I was introduced to it by a female friend. She, I and several of our other friends used it to send cutesie messages to each other, not unlike how we used to pass notes in class. This meant that those men who joined Facebook at the same time  could not only interact with us, but were also party to much of our less-than-witty banter. For a computer nerd, I imagine the interaction to be carrot enough to join; the banter is just a bonus.

Google doesn’t  seem to have caught on to this basic supply-demand behavioural economic argument. Social networks are not unlike bars insofar as they perform an almost exclusively social function. Not just as networking too or a place to share ideas, but a place where, like in the real world, sex defines the terms of social interaction.

So why is Google+ seemingly doomed to fail? Basic economics. There is no incentive for the crowd-pullers, women, to join the site. Consequently, the abovementioned men are likely to lose interest soon, if they haven’t already. There’s only so much social sharing of Stuxnet or string theory that a tech savvy twenty-something man can manage.

In essence, this tension is one that I think that most people can relate to. It’s not as simple as “Hmm, what should I be when I grow up?”, although if I could resolve it, it would likely generate an answer to that too. Rather, it is: “What do I think is important?” As I see it, there are three things that I could prioritise: intellect, belief or security.

As an intellectual-of-sorts, I can’t imagine doing something that I do not find interesting. Perhaps finding every menial task interesting is a little unrealistic, but I don’t think that it is too optimistic to hope that, on the whole, any given year should have its rewards – whether the satisfaction of having grappled with, and solved, a particularly complicated problem, or the daily satisfaction of “Shoo, I really had to think hard to write that story/piece of code/translation/contract.”

Perhaps less obvious and less clear (or just seldom prioritised) is an element of belief. I want to believe in what I do. For some, chanting the mantra of “the invisible hand will provide” is enough belief: it generates an adherence to market capitalism akin to divine devotion. For others, the devotion is equally divine, but more abstract – inspiration for priests, Mother Theresas and the like to do what they do. For me, the belief is that the world can be a better place. B thinks that, at its most simple, I’m wrong; that the world is too full of self-interested people and recipients of handouts for it to be any different than the way it is. While this debate is more appropriate for another time and place, but his opinion illustrates that, perhaps, my belief is a little naive.

Lastly, I think that goes without saying that, at a minimum, we all would like to be able to pay our bills; preferably without resorting to penny-counting. That is all that security is: train for, and take, a job that affords rent, food, drink and the odd luxury.

All this leads to a central query: how to resolve the tension. Few are likely to prioritise just one belief; rather they will try to find a balance. But there is always an opportunity cost – more money, less belief, less interesting OR less money, MUCH more interesting and no belief at all?

Some, whom I call ‘utility monsters’, derive a disproportionate amount of utility from one of the above and thus prioritise it – often to the complete exclusion of the others. For some, this is not due to a lack of opportunities to the contrary, but lack of inclination. Brazenly corrupt officials, for example, are probably utility monsters of the ‘risk averse’ variety. The priests, freedom fighters and Paul Erdos’s of the world are similarly akin to corrupt politicians, although enmeshed in different imperatives.

Unfortunately, the very poor and very uneducated epitomise the ‘anti-monster’. For many, the opportunity cost of making enough money to survive is so high that it consumes all other imperatives. For these people, the internal trade-off that I describe above is non-existent.

While I am grateful not to fall into the category of the ‘anti-monster’, I do wish that I had some deep calling in a particular direction. For me, like for so many others, I simply cannot decide how to rank these priorities.

And so, I live in limbo, and I study. And hope that one day I will know enough – or believe strongly enough – to make a decision.

Me!

There is something to be said for content that generates controversy. As a journalist and (almost) lawyer, as much as I wish that good news sold, it doesn’t. Despite the best efforts of SA Good Newsand similar endeavours, newspapers sell on the strength of “Roastafarian”* or “Teen kills brother during spat over dog”**.

Apparently my purpose here is,”to educate and entertain the masses… To get your voice out there. To facilitate change!” It certainly is not to generate traffic to Braden’s (aka “admin” or “Griffin Studio“) site. Fortunately for me (and him), there’s no such thing as bad publicity. Consequently, I have free reign to muse about, and grumble about, whatever I like.

And yes, I promised Braden that I wouldn’t use his blog as a soapbox for my latest feminist rant. It is not a promise that will be easy to keep. Nevertheless, I’ll try to confine myself to South African law and politics, probably in comparative perspective. I’ll also throw in the odd cutesy puppy or kitten so that I seem more like a Stepford wife than a man-eating, bra-burning bourgeoisie cow.

Hi, I’m Claire: unemployed journalist, law student, acerbic cow and the love of Braden’s life (are we taking bets on how long it takes him to ‘edit’ this post?).

xoxo

* Actual catch phrase from the ‘Daily Voice’ some years ago.
** Today’s headline in the ‘Cape Times‘, one of Cape Town’s more reputable newspapers.

Kohana Framework

Kohana is a relatively new PHP Framework. The popular CodeIgniter has been a common choice for developers worldwide and sports a very active community. It has grown substancially, and while this may produce various benefits, it no longer satisfies the development of light-weight yet powerful web-based systems. Some of the core CodeIgniter developers recognized this and, taking the already powerful CodeIgniter, stripped it of the fat leaving behind only the powerful core. Kohana was born.

The Features

Kohana boasts a wealth of powerful features. Just reading through the content on its homepage should be a good enough indicator of the power sitting behind this incredible framework. Listed below are just some of the main features as mentioned on the website.

• Extremely lightweight and therefore incredible fast
• Detailed built-in debugging and profiling tools
• OOP (Object Oriented Programming) development
• Strict syntax making for cleaner, more understandable code
• Quick and easy installation and configuration

So Why Use Kohana?

Kohana keeps things simple. At one stage, there was a lot of talk about a framework called ‘Symphony’. Although powerful, it required users to basically learn a whole new language. Some frameworks fall into that trap which results in a steep learning curve and can act as a deterrent for newbies. Kohana keeps strictly to PHP. Its organization of file structure is intuitive. Generally complex tasks are abstracted out into simple lines of code. To summarize, the benefits are tremendous, but ultimately, its up to you to take the time to check it out and become familiar with it.

In Closing

At the end of the day, a developers preference comes down to what the work is that needs to be done, as well as past experience and training. It is always a little daunting to step into unknown territory and learn a new framework. One can only emphasis the simplicity (yet power) of Kohana. There is an every-growing dedicated Kohana community always willing to help out. Do yourself a favour and consider making Kohana your choice for some serious development.

There have been some additions to Griffin Studios. We now offer in-house hosting instead of using a third party. This helps us to ensure that all hosting environments are configured to the clients specifications and quick correction of any problems which may arise from hosting.

The second addition, and the more interesting one, is that Griffin Studios now has a web software development department. The internet is fast becoming the transport of choice for many companies, with systems going fully web-based. Our new department is highly skilled in a fantastic framework called Kohana which is built off the popular Code Igniter. It is leaner, faster and simpler to use, ensuring that web software developed by Griffin Studios is up and running sooner.

Although Griffin Studios still sits on a South Africa domain name (.co.za), we have expanded to international clients. The beauty of web development is that it can be done from anywhere and we plan to utilize this feature to its maximum.

Griffin Studios is looking forward to a very bright future.

This post addresses some of the core aspects of SEO such as:

• robots.txt
• sitemap.xml
• dublin.rdf
• Social Networking
• Blogging
• Online Directories
• Google Adwords

robots.txt

An extremely useful little text file. Should you sign up to Google Webmaster (which is most definitely recommended), it asks you to please submit a robots.txt file. The purpose of this file is to tell the search engine spiders (what run through the internet collecting information about your website) which pages you would like the spider to cache and which to not. For instance, a websites administration CMS (Content Management System) should not appear in Google search results. For more information, visit Wikipedia.

sitemap.xml

You should notice in the above example of the robots.txt file a link to a “sitemap”. This xml document specifes all the web pages which are part of your website. It helps search engine spiders discover which pages your website has and where they can be found. This helps ensure that no part of your website is missed by the spider. For more information, visit Wikipedia.

dublin.rdf

This file is very similar to the sitemap.xml file mentioned above. A Resource Description Framework (RDF) file is a family of the W3C specification and its purpose is to assist the crawling of your website by search engine spiders. For more information, visit Wikipedia.

.htaccess

The .htaccess file allows a website owner to customize their website assisting search engines in caching the data as well as user experience of the website. File compression can be enabled using .htaccess to allow faster loading of web pages. For more information, visit Wikipedia.

The above mentioned files should all be placed in the root directory of your website folder. The robots.txt and sitemap.xml files can be linked to Google though Google Webmaster. The following information aims at improving a websites visibility by featuring itself in more places across the web.

Social Networking

Social Networking has changed the way we communicate with others across the world. Websites such as Facebook, Twitter, MySpace and a host of others dominate the social networking sector of the internet. Making use of the large user base of these websites can greatly improve ones visibility on the internet. Facebook allows users to create specialized web pages using HTML or FB (Facebook) code providing a fantastic free form of advertisement.

Blogging

Blogging is one of the best ways to increase your online exposure. The most popular platform for blogging is WordPress and there are a multitude of great plugins available to help enhance your blogs appearance and status on the Internet. For SEO purposes, a plugin one should not be without is called “All in One SEO” which assists in the detailing of keywords and descriptions of your posts ensuring search engine friendly data. The more you post, the greater your online exposure.

Online Directories

Online directories are a great way to increase a websites exposure. There are a host of free online directories which will list your business / website. A simple Google search will throw up pages and pages of directories. Most of them appreciate a reciprocal link on your website and will speed up the time taken to get listed, but they are not mandatory. Some online directories will have you listed in a matter of hours while others can take up to 6 months to acknowledge your listing. Its possible to spend many hours just registering your website on these online directories but every new link assists in boosting your online rating.

Google Adwords

All the methods to improve SEO mentioned so far have been free options. Of course there are some Online Directories that would like you to pay for their services but those can be avoided. If you do wish to spend money improving the visibility of your website, there is no better option than going with Google Adwords. The general idea behind Google Adwords is that you create an advert with a Title, Description and Link and apply specific keywords to that ad which related to your website. The more relevant your keywords are to the search term, the more likely your ad will be displayed in the “Sponsored Links” sections of the Google Search results.

Using Google Adwords is free until people start slicking on your advertising links. You can define how much you are willing to pay per click. The higher the cost behind each click, the more likely your ad is to be displayed. Getting the most out of Google Adwords is not something that can be learned overnight. It takes a lot of work to generate ads based on user searches and will require a lot of your time in doing research on how to attain the best visibility using it for the most keyword combinations. If you have the money to spend, why not give it a try and see what improvement you get. You can always pause your ads at a later stage preventing them from displaying and consequently not spending more money.

Conclusion

These are just some of the many options available when it comes to Search Engine Optimization. SEO is an increadibly important aspect of web design and should be taken very seriously. The higher a clients ranking, the greater the exposure online and therefore the greater the exposure of your web design company. Although setting up a blog and Social Networking sites can be tiresome, there benefits out-weight the trouble and it is highly recommended that one takes advantages of the opportunities available.

As for the other files mentioned above such as the robots.txt and sitemap.xml files, they should be standard with any website that is developed. I found it useful to create a sample project folder containing all the extra files and when a new web design project commences, all these files are just copied into the directory and updated before launch.

I hope  this post has helped identify some of the key areas and aspects associated with web design and SEO and will allow for more visible websites in the future.

Farewell my Friend

It is a sad day indeed. This morning during my usual BBC scrounge I came across an ultimately depressing article (Read It Here). The forever brilliant, stylish and hilarious PC game related magazine that I have been a subscriber of for the last 10 years is closing down. The arrival of a new issue in my post box was the highlight of the month every month. Now, on September 2nd of this year, I will be receiving my last ever copy of this awesome magazine.

The reason for this decision is due to lack of sales, with only 11 000 copies being sold world wide. This fact brings to light the sad truth that the internet is killing other forms of media. 10 years ago when most of the world was on dial-up, downloading a 1 Gb demo was nigh on impossible and we therefore waited with eager anticipation for the next release of our favorite gaming magazine to quench our adrenaline pumping needs. Now-a-days, high speed ADSL is common place with uncapped internet services the standard. It is only logical that this should happen. Cause and effect hey.

Still, it is a sad day. I thank ye PC Zone for keeping me company all these years. Your reviews and scores were always spot on, your criticisms just, and your humour never ending. I bid you a good farewell and I will miss you.

Website Security

Everyday, stories hit the news regarding websites which have been taken down by hackers. How does a person gain access to a website one might ask? What is the hackers aim in compromising a website? It is surprisingly easy to find vulnerable websites and is therefore extremely important for website developers to know of the common vulnerabilities and coding errors which create these vulnerabilities in order to prevent them. This post aims at equiping the general web developer with the knowledge of various hacking techniques and methodologies, as well as the mind of the hackers themselves.

Definition of a Hacker

The term “hacker” has changed over the years and therefore it is necessary to firstly define who a hacker is and is not.

Hacker

Hacker Hard at Work

A Hacker is a person who can identify vulnerabilities within a website or computer system and can exploit them to gain unauthorized access to said website or computer system. There are many varieties of hackers. Firstly, not all hackers are “evil”. The term “White Hat” refers to a person who hacks with the best intentions in mind. These may include identification of vulnberabilities in order to patch them ensuring the security of a website or computer system. Rogue white hats are not uncommon. They will penetrate a website/computer and email the administator informing them about their breach and how they accomplished it. Sadly, this tends to hurt the administrators “ego” and they respond with threats and sometimes legal action. This is detrimental to said administator because once they attack the white hat, they become a target for other hackers seeking retribution. The hacking community is very closely knitted and there is a lot of respect and support from fellow hackers. Network/Website administrators must realize that these white hats are only there to help and should act accordingly. Fix the security hole and thank the hacker. If it were not for them, they may have been attacked by a “Black Hat”.

A black hat hacker is someone who is out there to steal and destroy. They go after credit card details or website defacement. Website defacement is the removal of a website to be replaced with a page of bragging and ego boosting for the attacker. Website defacers are the least of ones problems however as more sophisticated black hats will secretly take control of a website in order to gain further access to a system or to turn the machine into a bot. A bot is a hacker controlled computer which [performs the hackers bidding. Be this in sending out large amount of spam, used as a tunnel through which to hack or combing them in a DoS attach (detailed below).

Cracker

A Cracker should not be confused with a hacker. Their main purpose it to bypass software security procedures such as anti-piracy methods. There is a wide range of anti-piracy methods (enough for 10 posts) yet no matter how complex the method, a cracker will endeavor to break it allowing people to use the applications free of charge.

Phisher

A Phisher is a person out to get personal information from people usually by means of fake emails or websites. The most common form of phishing email is one which apparently is sent from your bank asking you to update your back details. Never follow these links and complete the forms, no matter how legitimate they appear. No bank will ever send you and email requesting this.

Phreak

A Phreak is a person skilled in manipulating the telephone network. They are able to bypass call costs using a number of methods (again, a topic saved for another post). They are harmless to the general public and only of concern to the telecom companies which would be loosing the possible revenue from calls made by the phreak.

Website Vulnerabilities

That concludes our definition of various "hacker" labels. Lets get onto the meat of this topic: Website Vulnerabilities. Below I will detail some of the more common types of security flaws associated with websites. How to patch these vulnerabilities will not be covered here as the methods vary and  the solution relies on the programmer educating themselves further in the various forms.

SQLi (SQL Injection)

SQL Injection

SQL (Structured Query Language) is a database language used my multiple database software for creating, using and managing databases. Microsoft Access, MSSQL, MySQL, Posgress and more use the SQL language. SQL Injection is the process of injecting SQL code into a query in order for it to perform a request outside of those used on the website to allow attackers information regarding the website and its database. SQLi can be performed in many ways: using the address bar, form fields and even header manipulation. Prevention of SQLi relies on the programmer having query string filters in place to prevent execution of these injected commands, yet there are multiple means in which to bypass these filters and the programmer should be as comprehensive as possible.

XSS (Cross-Site Scripting)

XSS (Cross Site Scripting) allows users to inject JavaScript code into a website, either via the url or a form field to perform some function. Database information is secure however, a script can be inserted into the website which redirected other users to a different website. XSS is often combined with phishing in order to steal user’s login credentials or steal a users cookies (which are as good as taking their login credentials). Yet again, the best way to try and prevent this is to build JavaScript filters which remove any JavaScript code inserted into a form or url.

CSRF (Cross Site Request Forgery)

CSRF (Cross Site Request Forgery) attacks can allow an attacker to hijack a victim account, which may result in malicious requests being forged under that account. Proper CSRF exploitation can logout a user, transfer money, change a password, modify information, make posts, change user status; all of which is performed from within the victim account.

Not only is a CSRF attack relatively simple to achieve, but it can be very difficult to detect the attack itself. This is due to the fact that the attacks appear to be performed by a legitimate user.

LFI / RFI (Local/Remote File Inclusion)

LFI (Local File Inclusion) or RFI (Remote File Inclusion) allow an attacker to request files from the server to be displayed inside of a webpage. This vulnerability makes use of the PHP include command and is most prominent in website with the url:

http://www.website.com/index.php?file=filename

I could, for example, replace filename with index.php and get the page to display the source code (including the PHP code) within the webpage. Again, filters can be used to prevent files with certain file extensions from being opened but ofcourse, there are methods to bypass these filters.

DoS (Denial of Service)

A DoS (Denial of Service) attack is not one which you can prevent against. A hacker will flood a server with requests often with the use of bots (mentioned above). The constrant stream of requests slow down a server until it runs out of resources and crashes, taking the website and all others on that server offline. Large websites such as Yahoo and Google have been attacked by this. Some websites attempt to prevent this by limiting the number of requests sent by a computer, however, if 10 000 computers are all ending requests one after each other, the time limit does not help much.

Conclusion

These vulnerabilities are just some of the most common ways in which a website is compromised. There are many other lesser known or used forms and it is in the programmers best interest to research the various techniques in order to combat them. I hope this post has provided some insight into the various vulnerabilities which exists and provides web designers a starting point with which to further their knowledge on these vulnerabilities.

Death by Computer

The marathon running machine I call my laptop has recently decided it would rather walk than run. In laymans terms, it slows down to an almost unusable state. It gets so bad it cant even restart itself, complaining that it does not have enough resources. This prompted me to investigate in PC tuning solutions and from previous experience, I re-installed and completely tweaked my PC for best performance using Auslogics Speed Boost. Did it help? No. Did it make my Windows 7 look atrocious? Yes.

That was to be expected however so I am in no way rebuking Speed Boost. It’s actually an extremely useful application and I recommend you try it out. Anyway, thats not the end of my story because as of yet, what I’ve said has nothing to do with the topic. As my computer still decided to take a nap while it was awake, I realized this is not a matter of fragmented disks or overabundance of internet cookies and cache. I started investigating the applications I was using. Apparently FireFox 3.6 has a memory leak which can cause the exact same results that I was experiencing. I swapped to Google Chrome. Did it help? No. Final thought, it must be some sort of virus!

And this is where my topic begins. I have always been a fan of ESET Nod32, and it has done me well these last few years, however; it was not finding any problems, and its scanning times were slightly on the long side. This motivated me to find the perfect security solution. I wanted more than just Anti-Virus. Give me the whole package: anti-virus, spyware, maleware, firewall etc etc. Research followed soon after. Before I get into what I found, I must confess that this post is not so much about what “is the perfect all-in-one security solution”, but rather my request to hear from you regarding what you reckon is the best security suite.

Firstly, lets state the difference between an “Internet Security Suite” and a “Security Suite”: To be honest, there is not that much different at all. The security suites I investigated had perhaps 2 extra features which their internet related counterparts did not. Generally, those were “PC Tune-Up” and “File Encryption”. I have a Tune-Up utility (Speed Boost mentioned above) and I’m not fussed about File Encryption. So Internet Security Suite it was. These were the suites I investigated:

1. Norton Internet Security
2. BitDefender
3. ESET Internet Security
4. AVG Internet Security

Norton Internet Security

Norton 360

They all generally contain the same features, yet the reviews seem to shout “Norton!”. I have my reservations with Norton however as I still remember the days of being cursed with a Norton Anti-Virus that would use 80% of system resources when doing nothing. Boot times were slowed to a coffee break and there was the urban myth that Symantic would create virus just to be the first to have the definitions for them. Anyway, apparently things have changed. Out of all the products mentioned above, I am most interested in trying Norton Internet Security or better, trying the Norton 360 V4 Security Suite. Is it as good as they say?

BitDefender Internet Security

BitDefender

Next up was BitDefender Internet Security. Although it seemed to have all the features, there seemed to be a problem with it updating itself. It would run in a loop, downloading the updates and at 99%, restart the update. From a little Googling, it appears that this is a common problem experienced by many. BitDefender has subsequently slid down to “least favorable” on my list. Should this problem be resolved, I will glady give it another go as it seems to be rather promising. Has anyone else experienced this problem? If so, did you manage to solve it? I’m sure your input could help others in the same predicament.

ESET Internet Security

ESET Nod32

Since I have been an ESET Nod32 user for quite some time, the ESET Internet Security Suite seemed the most enticing, but from general research, apparently they only hold 3% of the market with their product. Does this mean its not as good as the others? Or are they spending all their money paying their programmers to create the best Security Suite around, with none left over for advertising? Difficult question to answer. What do you think?

AVG Internet Security

AVG

Finally, AVG. When I think AVG, I think free ant-virus. If something is free, people believe it to lack quality. With website design, the same problem exists. Clients would rather pay 5 times more for a website because they believe the exorbitant amount indicates a better website will be produced. Lies! None the less, I decided to give them a try. I currently have the AVG Total Security 9 package installed with the 30 day trail it comes with. I must confess, I am rather pleasantly surprised. Its fast, doesnt hinder boot times, has all the features needed which seem to work without hitch and is user friendly in terms of use and configuration. Is it doing a stellar job however?

This is where I would now like to hear from you, my readers. Perhaps you have a product not listed above that you swear by. Let me know. I am most interested in finding the “perfect” solution”. Conversly, if there are suites out there you think people should stay away from, give us the heads up. I look forward to your replies.

Out.