Search Engines for Security

September 9th, 2011 § 0

Recently there has been a large security vulnerability in TimThumb,  a WordPress plugin used throughout many many standard themes in the WordPress community. See more information about that here: http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/

Sadly to say, I am not updating content on my own website and have many other things to think about as I’m sure most Web Administrators do. I had read the articles and thought about the latest threat to WordPress installations. However, I never actually made the connection to check my own website! There is so much happening all the time, it is almost impossible to stay up to date on all the smaller projects which are not a primary focus.

Enter google. As always.

Dear site owner or webmaster of http://seanmeadows.com/, As of the last crawl of your website, you appear to be running WordPress 3.x.x. Google recommends that you update to the latest release. Older or unpatched software may be vulnerable to hacking or malware that can hurt your users. To download the latest release, visit the WordPress download page. If you have already updated to the latest version of WordPress, please disregard this message. If you have any additional questions about why you are receiving this message, Google has provided more background information in a blog post about this subject. Best wishes, Google Search Quality Team

Because Google is constantly rescanning websites they have a unique ability to watch these sites for security vulnerabilities and provide a service for the greater good of the web user. I was unable to spend the time and effort to scan my website, but google was already doing it for search results anyway. What probably started out as a Googlers’ 20% project has now become a great benefit for all who use the web and those who run it. It helps lift some of the burden of remembering the many different place web administrators must check, scan, update, and watch as each new threat comes about. This will be an invaluable tool as the speed of vulnerabilities continues to pick up on web applications.

It makes me wonder what else a service like this could be used for? Scanning for all common attack vectors such as XSS and SQL Injection? Links to dangerous or malicious sites on your webpage?

Many possibilities.

 

Always Connected

February 3rd, 2011 § 0

Jumping in to my Comm180 class, we as active students and part-time employees, were asked to block out all telecommunication for our lives for a full forty-eight hours. Two days without any kind of technology. Internet, television, radio, cell phones, credit cards. A student’s life in our current society. » Read the rest of this entry «

A bit of communication

January 23rd, 2011 § 0

This spring semester here at Penn State I am taking an exploratory course in Electronic Media and Telecommunications – Comm 180. The course is designed to explore electronic forms of communication and media in society through the past to today.

To extend the reach of the class, I will be continuing thoughts on topics from class or research ideas related on here. Find all the posts about the comm 180 experience in the category Comm 180 built weekly as the semester continues.

Back to Film

July 21st, 2010 § 5

This summer I have made it a goal to get back to film – basically my only goal. Coupled with the ironically timed failure of my digital SLR, my beloved Nikon D70s, it was actually easy to get back to the film based Nikon N75 I had begun shooting with long ago. » Read the rest of this entry «

Android on Penn State’s Campus

April 7th, 2010 § 14

As a T-Mobile G1 owner, I have attempted multiple times to connect to Penn State’s campus-wide wifi. The benefits are easy to see; having high-speed internet is always a plus and it saves trouble connecting to a less stable 3G cell phone network. Finally, after a few different attempts (and some exactly the same), I found a working configuration to connect my G1 to Penn State’s wireless. » Read the rest of this entry «

Simple Subversion

February 19th, 2010 § 2

I’ve overheard talk about Subversion and the similar systems for code revision history. Since I have never had a major project of my own or been part of a team coding one, I have not needed nor spent the time setting up subversion. I acknowledge its benefits – I wish I actually had a project worthy of needing a subversion system. Tracking changes, creating branches, and working in parallel with another developer all peak my interests.

Today I found myself in a situation that needed revision history. » Read the rest of this entry «

Working on new site

February 14th, 2010 § 0

So here is the basics of my new website after my old server disappeared. I should have this completed soon and updated with new content. Check back soon!