Thursday, 1 January 2015

Looking For The Best Android Tutorials – Choose Any One From The List

Indubitably,  Android tops the chart for the most popular mobile platforms. It exhibits over 85% of the total market share, thus you can imagine that how much popular this mobile OS is. The majority of Smartphone users is enjoying using Android.

The rapidly accentuating Android user base and the groovy features of the platform encourages the novice as well as expert developers to choose the Android development as their career. With the rising demand of this niftiest platform, a great craze for learning the Android development can also be observed.

This is why, there are numerous proficient sources available on the Internet itself that facilitate convenient and efficient learning. But since, too many options can also confuse you (especially when you are a beginner and lots of tutorials and study material is available out there), here I have compiled a list of some of the best Android tutorials for the newbies who are interested in learning and understanding the platform.

There are many sources to get you developed app and best is to avail Android App Developer for Hire. However, if you are willing to get into this profession, the let's have a glimpse into the best of the Android tutorials for newbies available on the Internet.

1. Building Your First App:
This genuine tutorial is offered by Google who maintains the Android platform. It provides an insight into creating a very simple Android application. You can go through the complete information with ease as everything is available on the same page. The tutorial is ideal for the developers who have some prior developing knowledge and wants to learn Android development.

2. Android Programming for Beginners Part1:

The tutorial indeed offers the brilliant guidelines for creating a basic Android app that runs a simple 30 seconds countdown and represents a number on the screen.

3. Android Development – Tutorial:
From this tutorial, you can efficiently learn the Android development as it offers an insight into the platform in a comprehended fashion. It precisely explains everything via theoretical as well as practical explanation.

4. An Android Book:
What I believe is that a book often provides a complete insight into the topic. It epitomizes everything in a well-organized and logical fashion. Therefore, a book-type tutorial is often a better option. You can choose a business level book like this one, and learn all, a simple to an advanced level Android development efficiently.

5. Learning to Parse XML Data in Your Android App:

Since, internal data is not always sufficient, you might require external data and XML facilitates a great way to handle all the external data in the most effective and efficient fashion. This resourceful tutorial will comprehend the best way to parse the XML data in an Android application.

6. Localizing Android Apps:
Android is a popular platform that exhibits a whopping number of fans across the globe, who understands and uses different languages. Thus, in order to meet the huge audience base of the platform, localization is must. And this is why, the most of the Android developers want to embrace localization in their application. You can refer this tutorial, as it offers and inside out about the topic and explains every single thing in an optimized fashion. Use this and learn the best way to localize your Android application.

7. Android 101 for iOS Developers:

Android being an open-source and popular mobile platform, whose captivating features can even attract the developers from other platforms including iOS developers. So, if an iOS developer who has prior knowledge of mobile app development, want to enter the Android domain, he can refer to a special tutorial like this one. In the Android 101 for iOS Developers tutorial, you will get a helpful difference between the development environments possessed by both the platforms (iOS App Development and Android App Development). This will make your transformation seamless and convenient.

Following an elaborated and comprehended tutorial can lend you a precise image of the topic. Whether you are an amateur developer or an advanced app developer, but have expertise in a different platform, there are tutorials and study materials available out there for almost everyone. You may search on the Internet or use the aforementioned tutorials that I have shortlisted while considering their usefulness. Follow the appropriate tutorial and reap the benefits of this rapidly flourishing platform. Step on the Android paddle and follow the pro tips and expert's advice, you will definitely be able to deliver a superlative and lucrative product.

Author Bio:

Victoria Brinsley is a Android developer for Appsted Ltd – a leading Android Application Development Company. You can get in touch with her to avail Android App Developer for Hire, in case you are looking forward for the same.

Tuesday, 23 December 2014

Decoding the Secret Code for Joomla Security

Though Joomla is a well organized and secured content management system, still you need efforts to make it completely secured. Here are some methods that will be beneficial for the security purpose of Joomla. Now, let us decode all the secret methods:

Backup Of Website: As Joomla is dynamic content management software, it needs to store various data and thus needs a backup store for this. Now, when does the website needs a backup?

  • When you are installing new extension of Joomla 
  • When you are upgrading the current Joomla version 
  • When you have a regular backup strategy monthly, weekly or daily

Hosting and Servers: The hosting and servers are very crucial items that need to be selected with efficiency. Some open ports or shared hosting may lead to various server errors. So, ensure that you are using a secured host. Then you need to run PHP 5.2 by hosting your site on the server. The PHP scripts help to filter the user accounts specifically and thus resulting in efficient security.

Use Of htaccess file: You need to rename the htaccess file from htaccess.txt to .htaccess and then place the file in your root folder. You may edit or rewrite the files as required. This particular activity will surely protect the security of Joomla.

Permissions and Specific User Accounts: The default username ‘admin’ should be changed to something else so that the hackers find difficulty in revealing the details of the accounts. There is a default rule where you need to change all your files to 644 and folders to 755. There may be some exceptions to this rule, but these will definitely come up with exceptional security.

Incident Management and Backup: Backups are required in every stage so that you do not lose any important data from your site; and by ‘incident management’ I basically mean a proper planning before your site gets hacked. Thus a well planned system will surely help you to restore all your lost data very quickly.

Extension Management: You need to prepare a thorough checking system for all the third party extensions. You can go through the code review of the extension or run a test suite. Finally you need to update the codes as and when required.

Managing Version Numbers: The extension version numbers need to be removed if required. You can use the version names only by editing them with tools like Dreamweaver.

Unused Files: There may be various incidents when you have installed software but ended up by not using it at all. The unused files need to be identified soon and uninstalled as and when required. They seem to be very vulnerable during the Joomla process.

Protection by Password: The conventional method of protecting through the password always comes handy. Brute Force can be the common virus that generally attacks feeble passwords. Just create a unique password with upper and lowercase letters and numbers. You can change the password every 30 days to ensure its security. You also need to protect the administrative folder of Joomla through strong passwords. The administrators may need to sign in twice for entering into a single account, but this will protect the software very efficiently.

Try HTPASSWD: This activity will surely help in the authentication of the user which is the combination of the Unix and Linux based web servers. You can manually create the .HTPASSWD file and the .HTACCESS file.

Using the CPanel For Security : You have to operate the CPanel using some simple steps for the protection purpose. At first, just log in to the CPanel , then select the Password protect directories. After that just navigate through Home/Myaccount/public_html/administration folder. After that, you can choose the administrative folder and fill up the folder name with username and password.

Applying The Security Extensions : For using the security extension of the Joomla, you need to log into the administrator of Joomla. Then navigate through components/admin tool/password protect administrator. You will have to insert the username and password finally.

Updating Add-Ons : You are required to update the Joomla and its extensions. You just need to enter into the administration section and select ‘update’ from the “components” and your CMS will automatically be updated.

Updating Extensions : Just choose the extension from the extensions manager and then the update tab. The ‘purge cache’ and the ‘Find updates’ are to be selected and then finally the extensions that you need to update.

Changing Table Prefix : The default table prefix needs to be changed regularly as the hackers target the database tables to gain access to the usernames and passwords. If you are using Joomla 1.5, then the DB admin can be a beneficial component for you. But if you are using the Joomla 1.6 version, then it will be better if you run the security process during the installation itself.

SSL Certification : You can easily use the SSL mode for logging into Joomla. You just need to ensure that you are having SSL certification for your own domain. If you are using any shared version of the SSL certification then your purpose may not be successfully fulfilled.

FTP Layer Of Joomla : You may shut down the FTP layer of Joomla for the third party extensions to process the function in a proper manner. You need to check that the layer is not saving your login details and passwords. The SuExec can be applied by the servers instead of the FTP layer.

Register Globals : The register global is not necessary and can be turned off. This will help to disable few active PHP scripts. Thus, you can edit the php.ini file from your domain in the root directory.

URLs Must Be Search Engine Friendly : Not only to make your site rank better in the search engine results, but the search engine friendly URLs will surely protect your domain from the hackers.

You need to be always updated with latest security changes and likewise protect your domain. Just be on top from all your competitors if you keep up your guards efficiently.

Author Bio
 Sarah Wilson is a well known professional Joomla expert who is sharing some useful tips and tricks for protecting your Joomla from the modern hackers. You can visit our blog and know more information about the Joomla security.

Sunday, 21 December 2014

Good Practices In Database Security

Databases are often the targets of security attacks by cyber criminals. Databases that hold all the security related information, passwords and financial details of users are what these attackers are looking to profit off. That is why database security is an incredibly complex topic that can be covered in elaborate detail. Get in touch with your remote DBA now.

However here are a few of the best practices in database security that will help businesses.

   1. Keep the database and the web servers separate.

Usually when the entire web related software is been installed, the database is automatically made. For the sake of convenience the database is made on the same server where the software has been loaded which is the web server. However this opens the doors for a security breach because then hackers will only need a single point of entry. If they are able to make their way past the security for the web server then all the data stored will be at their mercy.

This is why the database should be stored separately on server that is further protected by a firewall and not with the web server. It is a more intricate but well needed procedure. To know more visit -

   2. File encryption

Just storing the database on a separate server is not enough to ward off persistent attacks. Encrypt all the files that are being stored. The stored files of the web software have the information that will enable it to connect to the databases. If you store the data in plain text files like a lot of people then they will provide the data that the hacker needs to get to the sensitive information.

It is not just the files that need to be encrypted. Encrypt the backup files too incase there is an internal attack.

   3. WAF

Use WAFs or web application firewalls. It isn’t true that the web server protection is completely separate or irrelevant to the database. A proper WAF will protect your website from cross site script vulnerabilities, vandalism and also potential SQL injection attacks. If SQL queries can be prevented from being injected by a criminal then the firewall will be successful in keeping all the sensitive information which is stored in a database away from unwanted attention and attacks.

   4. Current patches

This is one thing that a lot of web administrators like remote DBA fall short. Web sites which have a lot of third party apps, elements, widgets, plug-ins and other add-ones become easy targets to something that could have been patched on time.

   5. Less third party apps

Try and reduce the number of third party applications being used. While it is understandable to use user-interactive widgets and other content that makes websites attractive, any app that accesses the database is always a weak point which can be exploited. Unless it is required don’t use third party apps. Remember that these are made by programmers who then stop support after a while.

   6. No shared servers

If your database has highly sensitive information then don’t use a shared server if you can avoid it. It will be cheaper and easier. However remember that you are putting all your important data at the hands of someone else. In case you can’t avoid it, do a keen review of all their security protocol.

   7. Security controls

Put in security controls on your database. Check your controls and ensure that they have been enabled even though it is automatically enabled by most databases these days.

About the author

Trisha Ray is a database administrator for the past five years. She is also a remote DBA. Trisha loves cycling on the weekends.

Wednesday, 17 December 2014

Pocket Protection

Are you concerned about security on your mobile device? It's no secret that mobile users have been hacked in the past and had their personal information stolen. But is mobile security getting any better? Here are a few things you need to know about the current state of mobile security.

Apps Can Protect You Or Hurt You

Image via Flickr by William Hook
Many app developers understand the risks that occur by having a mobile device and using it to access different networks, files, and applications. That's why several trusted app developers have released security apps designed to warn you of dangers and to keep your data safe. For instance, the 360 Security - Antivirus&Boost app for Android is designed to protect your device from malware and viruses. Others like Find My iPhone will help you locate a lost or stolen device and even lock your phone so that thieves can't access your private data.

The downside to smartphone applications is that even though there are apps that can protect you, others can hurt you. For instance, you might think you're downloading a seemingly safe application when in reality there's a virus piggybacking on the download. Furthermore, top-rated apps may become prime targets for hackers, meaning that even the best apps aren't always completely safe.

There are various smartphones to choose from, with many falling out of the limelight due to the hype of Android’s Galaxy and Apple’s iPhone. Take, for example, the Sony Xperia Z3, with several of the same capabilities as the aforementioned smartphones. Its unique capabilities provide the same functionality at a more reasonable price. The unique techie-centered Sony Xperia Z3 from an affordable carrier like T-Mobile shouldn’t be overlooked.

The good news is that an increasing number of app developers are using encrypted data to keep your information further from the reach of hackers. For instance, the cloud storage service Spideroak encrypts data at every stage of the process, making it a bit safer than options, like Dropbox, that don't.

The good news is that an increasing number of app developers are using encrypted data to keep your information further from the reach of hackers. For instance, the cloud storage service Spideroak encrypts data at every stage of the process, making it a bit safer than options like Dropbox that don't.

It's In the Fine Print

Before you download an app, be sure you're checking what the app has permission to access on your device. An application may not be damaging in the way that it installs malware and viruses without your consent. In fact, you may simply be giving the app permission to access your files. If an app does compromise your privacy, it could be because you've allowed it access to do so, though.

The good news is that in app stores like Google Play, you'll see a list of what the app is asking permission to access. You'll want to read through the full list before accepting the terms, so that you're not surprised later by how the app gains access to and uses your information.

File Sharing Raises Concerns

Mobile devices and their complementary cloud-based storage apps raise many concerns, particularly for businesses. The security threat here is that people are concerned that sharing files could lead other users to forward sensitive information. The further this information is distributed, the more vulnerable it is.

According to 2013 research into the state of mobile security, the second top concern with BYOD aka Bring Your Own Device was that users would be able to forward company data onto cloud-based storage services. This grave concern fell behind only that of lost or stolen devices.

It's clear how this may raise concerns for businesses allowing individuals to bring their own devices to work. As an individual, however, this should also be a concern. That's because even if you delete sensitive data on your device, such as photos, contact information, etc., it still survives on cloud storage services and on devices of anyone to whom you've forwarded the file. Even if you're the only one with the file, that digital data is never gone. Today, it's still a huge worry for many people about where the copies of their files are and how susceptible the information is to being breached.

The Bottom Line

While there are still a lot of concerns surrounding mobile security and the protection of your device -- including even physically protecting your phone from damage and water -- there have been improvements. For instance, more applications are taking security measures to encrypt their data and create constant updates to stay out of reach from hackers. In addition, operating systems like Google's Android 5.0 Lollipop OS are becoming more secure.

How do you feel about your device and its security?

Wednesday, 7 May 2014

5 Common Hacks & Advice on How to Defend Against Them

You may think that hackers are excessively clever people who are coming up with improbable hacks around elaborate security systems, and some are, but most rely on a few old tricks that have been around for years.

I am going to look at 5 common hacks that are used so that you can become aware of them, as knowledge is the first line of defense. I will then give you some actionable advice on what you can do to defend against these common hacking techniques.

Common hacks 1: Bait and switch

There have been countless ‘bait and switch’ scams over the years. I’m talking “years” as in over the last century. Things haven’t changed much in the computer age as bait and switch style hacks are still used.
Commonly, they’ll buy legitimate advertising space on websites. The hacker will switch the link contained within the ad from the approved one to a malicious one, or they’ll code the legitimate website to take the user to a malicious site. Clever hackers will give away something free, like a website counter, and allow thousands of websites to use it - and then switch it out for something like a nice fat JavaScript redirect.
How to defend: Given the large variety of bait and switch hacks out there, it’s difficult to give advice on them. The first point is to make sure that you understand that anything you don’t control can be manipulated. If it isn’t your web counter, someone can exploit it. If you didn’t find the website yourself, the ad can direct you somewhere you don’t want to be. These can be defended against by simply going to trusted resources for your web counters, or doing your own search for the content within the ad.

Common hacks 2: Cookie theft

Cookie theft, also known as session hijacking, enables people to assume your online identity on popular websites. This allows them to log into your accounts, taking over your social media accounts, as well as making purchases in your name.
To make matters even worse, there’s even a program called Firesheep that allows people to do this with a few clicks while using another trick we’ll talk about next, the fake wireless access point. All it takes is a few clicks, and they’ll take over your identity.
How to Defend: Try to always use websites that have secure development techniques and the latest cryptography. A tool that can help you do this while using Google Chrome is called KB SSL Enforcer.
The KB SSL Enforcer plug-in forces your browser to go to the most secure version of websites. This will be the one that starts with HTTPS, with the ‘s’ being ‘secure’ and referring to TSL cryptography. It is not 100% protection, but it does make things more difficult. If hacking you is a challenge, hackers are more likely to move on to someone who hasn’t read this list!

Common hacks 3: Fake Wireless Access Points

Everyone loves free wifi, including hackers. How this hack works is a hacker will set themselves up in a public location, a coffee shop, restaurant, airport, or public library as examples. They’ll establish a fake wireless access point (WAP) of their own and name it something that makes it sound official: “McDonalds Free WiFi” or “Laguardia Free Connection.”
Those who are looking to make a quick connection, for free, will then establish a connection to these WAPs. There are two ways that a hacker can steal information. The first is that they can set it up so that you have to enter a username and password to connect. Most people use a common username and password for these quick “set it up and forget it” accounts. Hackers will then take that information and use it to try to log into your Twitter, Facebook, Amazon, iTunes and other popular accounts. This is one example of online identity theft.
The other way that a fake WAP will work is by the hackers just sifting through the information that is going through the connection and taking whatever isn’t protected or encrypted.
How to defend: First, ask the proprietors of the establishment what the correct name is for their WiFi. That’s the easy one. Next, be sure to always use a unique password and login for public WiFi. It may be a pain, but it’s your best form of online protection.
To protect against those who sift through and steal information that isn’t encrypted, use a personal VPN to encrypt all of your communication. You can read more about top VPN services over on the blog I work for.

Common hacks 4: False file names

This work by tricking people into clicking on files that look enticing, like BeyonceNipSlip.avi, but are actually files full of malicious code when opened.
One of the most famous examples of this right now is one known as the Unicode character switch. It fools computers into displaying a file that is actually BeyonceNipSlip.exe (an executable file that can tell your computer to do things) as the less harmful looking BeyonceNipSlip.avi (.avi being a video file).
You then open it thinking you’re going to see a video of a small slice of heaven (sorry, clearly Beyonce biased), and instead get a computer full of something bad.
How to defend: This is one of those instances where you have to do your homework. If someone is sending you a file, be sure that you know what the full name is with the extension. If you don’t know who is sending you the file...don’t open it! If you have a virus scanner which allows you to scan individual files before opening them, put it to work.

Common hacks 5: Wateringhole attacks

Watering hole attacks can be related to point 3, but with more focus and malice. Hackers will scope out a common place where employees of their target company hang out for drinks, dinner, or even online social platforms - a ‘watering hole.’
These employees are often more relaxed about their security, but since they’re with co-workers they’re still prone to discussing business matters. The hackers will then either install fake WAPs in the physical location that they gather to get company credentials, or they’ll install harmful JavaScript redirects into the online places that these people visit.
The hackers will then use the login details or compromised workstations to gain access to the inner workings of a company. Notable wateringhole attacks have happened to Apple, Microsoft, and Facebook.
How to defend: Making it known to your employees is the first step. They can not use their same credentials on their workstation and on these types of sites, or in these locations. Like it or not, in today’s digital world, your employees have to act as if they’re always at work.

About The Author:
Marcus is the resident security writer over on the Best VPN Providers blog. He writes about internet security issues, occasionally goes on rants about the government, but doesn't go too far off the rails...most days.