Skip to main content
Technology
Exware > Blog Topics > Technology

Items tagged with Technology

The Pros and Cons of Different SSL Options

posted on Jul 18, 2018
HTTPS Web Page

SSL - What it Does

Website SSL provides a more secure way to interact with a website. With an SSL site, the URL starts with https instead of http - the "s" stands for "secure". SSL improves security in two ways: authentication and encryption.

  • Authentication ensures that the domain being displayed in your browser's address bar is indeed the website you are seeing. This prevents users being victimized by a variety of hacking techniques designed to trick them into entering private information to a website that is not what it appears to be. SSL is not a cure-all, as there are many ways hackers and con-artists can trick people, but it does prevent some of the more insidious methods, such as DNS highjacking and man-in-the-middle attacks.
  • Encryption prevents potential eavesdropping, which is especially important if you are accessing the internet over WIFI. Without encryption, your logins, passwords, and other sensitive information could be obtained by anyone able to intercept or listen in on your network traffic.

SSL - Why It's Become So Important

It's the need for encryption that has driven the adoption of SSL in recent years. Increasingly, browsers warn users whenever information is about to be entered on a website that is not using SSL. If you want users to trust your website and feel at ease, SSL has become a must-have.

Another huge motivator for encryption is the increased use of mobile computing. The ease and convenience of WIFI means it is also much easier for somebody nearby to listen in on your network traffic. The need for website SSL was made all the greater in October 2017 when it was discovered that WIFI's built-in security standard, WPA2, is highly vulnerable to attack, affording little protection against eavesdropping.

SSL - What are the Options?

SSL certificates are traditionally issued by a commercial certificate issuer, with prices ranging from tens to hundreds of dollars per year. In 2016, a new system for issuing free automated certs was created by Let's Encrypt, using a protocol called ACME. Commercial SSL certs are typically good for one or two years. Free ACME certs are good for at most 90 days but are renewed automatically.

So if there are expensive SSL certs, and cheaper certs, and very cheap certs, and even free certs, what's the difference?

The good news is that when it comes to encryption, there is no difference. All SSL certificates regardless of cost., support the same enterprise-level 2048-bit data encryption. And as we've seen, encryption is the main issue.

One way SSL certificates can differ is the level of website authentication they provide. The most basic level is domain validation (DV). This means that the domain on the cert matches the domain of the website, so if the browser address bar says https://www.somesite.com then you really are at www.somesite.com. All SSL certs provide this. For the vast majority of websites, this is all you really need.

Commercial SSL certificates can, at additional cost, provide organization validation (OV), and there's an even fancier version of this called extended validation (EV). While DV authenticates the domain, OV and EV also authenticates the legal business name of the organization, providing assurance that the people running the website really are who they claim to be.

With an OV cert, users can inspect the certificate in their browser and see the name of the organization, although most people won't know how to do that. With the even more expensive EV cert, the organization name appears in the browser's address bar in green, making it completely obvious. EV certs are what you normally see with banks and other financial institutions where trust is most important. Twitter currently uses an EV cert, but Facebook and Google don't bother, and just have OV certs. If your domain is widely recognized, then an EV cert doesn't add much.

There are a several other distinguishing features of SSL certificates:

Commercial SSL certificates provide liability protection, covering losses due to a flaw in the certificate. It's like insurance for the cert. For a basic GoDaddy cert, losses up to $100,000 are covered. Free certs do not have this at all, while more expensive certs typically cover higher amounts. It's debatable how useful this is.

Another consideration is reliability. SSL works because each browser - Chrome, Firefox, IE/Edge, Safari, etc - is programmed to trust the various certificate issuers. However if an issuer fails to exercise acceptable levels of security and diligence, they can have this trust revoked at the discretion of the browser makers. This could render invalid some or all of the SSL certificates that they've issued. While such occurences are rare, major websites typically use the more established and reputable issuers, which also tend to be more expensive.

Prestige and reputation can be a factor. Users who are very discriminating and technical may look at the issuer and level of a certificate, and use that to judge the trustworthiness and credibility of a website. A free or bargain-basement cert might be looked down upon.

For organizations wanting SSL on more than one domain, then a multi-domain SAN cert is an option. These support up to five different domains. Prices fluctuate, but if you have three or more domains, then a SAN cert is usually cheaper than three individual basic certs from a commercial issuer.

What is Machine Learning and how can it benefit Associations?

posted on Feb 14, 2018

Machine Learning

Machine learning is one of the biggest growth leaders in technology, giving computer systems greater ability to understand and interact with the world and with society. Machine learning has traditionally been used for things like identifying faces or other objects in photographs, automatic translation, transcribing handwriting, and data forecasting. But now it is being applied in an ever-greater range of applications and businesses.

Machine learning is a technology in which a computer system is fed large amounts of data to analyze, as well as the outcomes or goals it is expected to achieve from that data. It builds an internal model of how to process the data, usually random and meaningless at first, and then applies that model to the data repeatedly. It adjusts the model as it goes, and gradually improves its performance over time. Such systems can learn to disregard irrelevant information, and find patterns that more traditional methods can miss. In some cases, the systems can match or even exceed the abilities of a highly-trained human, or deal with volumes of information too great for a person to process.

Benefits of machine learning are increasingly finding their ways into our day-to-day lives. Our phones have better voice recognition and predictive text, services like Netflix, Amazon, and Google are giving us recommendations that better match our wants and needs, while the latest automobiles come with driving assist features to make our roads safer.

In the future, member associations will be able to use tools like these to better understand and meet their member's needs, plan and organize better events, improve marketing and member retention, reduce spam in their inbox, and benefit from better website security.

What’s this mean to Exware clients?

At Exware, our research team is actively investigating machine learning tools to find ways they can improve our AMS system and benefit our clients. Stay tuned for updates.

Tagged as: Technology

Can Canadian Associations now reap the benefits of cloud computing?

posted on Dec 5, 2017

With cloud computing becoming common-place, many Canadian Associations have not been able to take advantage of it due to The Personal Information Protection and Electronic Documents Act (PIPEDA) which is a Canadian federal law that applies to the collection, use, and disclosure of personal information in the course of commercial activities in all Canadian provinces. It requires that all personal data is stored and hosted in Canada.

This goes against the nature of cloud computing where the specifications and the location of your servers is immaterial. The benefits of the cloud computing approach is that you do not need to concern yourself with low-level IT details like server hardware and hosting facilities, and related issues like hardware maintenance and server migrations. But the very abstraction that makes cloud computing attractive also makes it problematic when you do need to state with some specificity where your data is located.

Cloud vendors are starting to allow some flexibility in their services. Starting a year ago, Amazon has allowed their cloud customers to confine their instances to their Canada (Central) Region, which means that stored data and cloud servers will be located in the Toronto-Montreal region, and will be geographically isolated from other Amazon facilities in the U.S. and abroad. Amazon claims to have two availability zones in Canada, meaning that even if one of their facilities suffers a serious problem, the other can pick up the slack and ensure continuity of service.

What does this mean for Exware clients?

Exware is researching cloud hosting options to determine the specific pros/cons for our clients before introducing new packages. For those not ready for cloud hosting, Exware will continue to offer its traditional physical server options.

Understanding the Pros and Cons of Cloud Hosting

Tagged as: Technology

Google Drives The Internet: Technology Changes that Impact all Website Owners

posted on Sep 22, 2016

SSL

Starting in January 2017, Google will be making aggressive changes in an effort to increase SSL adoption on the internet. 
 
What is SSL? 
SSL is a technology that encrypts communications to and from your website. When you use SSL, the beginning of your web address changes from http: to https: and many browsers show a green lock icon by the web address.
 
What is driving this change?
Several years ago, people surfed the internet from private access points such as their office or home landlines. However, with more mobile devices in use and the widespread usage of public WIFI, security is becoming increasingly more important. People are now shopping and surfing while riding transit, sitting in coffee shops or in hotels. Using public WIFI opens the door for unscrupulous hackers to monitor what you're doing and steal your information.
 
By putting your entire website behind SSL, it protects your visitors/members by:
  • preventing eavesdropping on your internet communications, increasing your privacy
  • blocking many types of hacks and security intrusions
  • verifying to the visitor that your website is really you, and not some "spoof" that was set up to trick people
Why is Google Pushing This Change?
Google wants everything on the web encrypted (protected by SSL) because it provides for a safer visitor experience while also allowing them to roll-out new features and functionality that requires this level of security. For example, wider usage and applications for location tracking, etc.
 
Can Google Force me to use SSL?
Not exactly but they can make it so your visitors/members demand that you use it. Google's Chrome browser will start to indicate sites that are not using SSL by adding the following in the address bar:
 
Google has said that they eventually intend for the padlock to turn red. Eventually, they may make the message even more noticeable. With Chrome having 53% market share according to the August 2016 projection of web tracker Net Market Share, one can expect that other browsers will follow suit.


ATTN: Exware Clients - contact us to find out how this affects you directly and the options available.

Is the Internet running out of IP Addresses?

posted on Mar 16, 2011

Internet

You may have heard about how the Internet is running out of IP addresses, and about the move to a new address space called IPv6. All computer systems on the Internet have an IP address, and the old addressing scheme, IPv4, only allows for around 4.3 billion possible addresses. Those are gradually getting used up, and with demand for IP addresses continuing to grow, the Internet is slowly moving to a new scheme called IPv6, which provides a virtually unlimited number of addresses.

The transition to IPv6 is proceeding slowly across all industry sectors, but the increasing scarcity of IPv4 is not an immediate concern to Exware clients. 

If you have questions or concerns, please contact us.

Tagged as: Technology