Skip to main content

Maintain business domain name intact

There is one thing that organizations must do. They have to register their own domain name, make it final, and afterwards be certain that they are managing it on their own. Digital reputation is increasingly becoming one of, if not there already, the criteria to assess how sound a business fundamental is. Really? Imagine if you caused, or a business keep, changing its own domain name. It is more likely that customers will have a hard time finding what they want to know about how to do business with you. There is much more than just learning the how regardless if a strictly or shabbily regulated business and industry is taken into account. And if the domain name has to be changed, don't totally abandon it. Make a redirect to the new domain name you intend to use and keep it that way for years to come. Until such time that every customer has learned about it already, and that the internet including search engines has been pointing and crawling to the new one directly and automaticall

HTTP Strict Transport Security strict browser processing or bug prevention or what?

Having a different internet browser makes handy for people whose job is to make sure any web service or application, and their behavior, would not fail before and after making any changes, or upgrade.

In our definition, it is that it would not fail regardless of methods, not the geeky ones and without harm of course, applied to access, in a regular way, a resource designed and made available to the public.

We think that premise, which is to "make sure it will work, somehow a little better", characteristic of our work @𝖎𝖈𝖑𝖆𝖘𝖘𝖊𝖉, is true to any technology designed for use mainstream but which this post is toned or using such example, specifically.

Do you know what causes a browser to process a web service or application like this in the image?



We would see it is due to an HSTS, primarily, not being processed or some bug prevented to load by, in here we have, Microsoft Edge Dev browser where a notice is produced. Then it could be that, with other browsers, this is not at all a problem and the service is working fine.

The web, as many of technology people are aware, has become a link to many related services. A single domain name, at first glance, may not appear to run many differentiated web services or applications but in reality it may have composed unique functions to complete the entirety of single web operation. In the case of e-commerce, it may contain services offered independently including payments, banking, inventory, supply chain, customer service, etcetera.

Going back. If we focused on the problem, what may have caused the problem? We would first check on the HSTS, different from HyperText Transfer Protocol Secure (HTTPS), itself. Turning off or removing it to check further, would it enable the service or application to load up? If not, what else may have been causing it? 

We cannot also say, browsers doesn't support HSTS so it's better not to use for now. Same attitude with new internet security technologies, their application is not entertained until some time. When news have began to spread a probability of risk discovered specific to a certain application, if not that very popular practice we have so embraced.

How fast until you can, or when are you going to stop investigating, make amends you possibly can and conclude that something is wrong and being able to, point out precisely the problem without doubt? This makes one to narrow down the defect but it doesn't mean the goal to have the HSTS has already been resolved. Not yet, it is going to have a fresh start, but at least the quest to understand and run such service is near. 

What would you do if you're certain that everything has been done according to available specifications and they should be working?

Comments

Popular posts from this blog

Philippine telcos blocking entire SMS text with internet addresses in it

If you are sending SMS texts to your friends, family or colleagues and they contain internet or web address including IP and email addresses, and even a period or dot separating, regardless of, your words and numbers, they are automatically blocked and not going to be received by your waiting recipient. Cooler heads must prevail here especially if an important message is urgently being expected. IP version 6 address is fine. However, an IPv4 including localhost address (given automatically to every computers and network interfaces as their own alone designed for troubleshooting purposes), and your money in the billion figure using dot as separators would be blocked.  If you send "local.business, naman.naman etcetera" or any words that made you use dot in between them, as part of the text, they will be blocked. There are some, that isn't blocked in this category. Like check.iclassed, some.ent, whatever.local etcetera, that is because they do not form any domain name at all

Philippine cyber campaign

Are Philippine institutions being targeted or simply being probed? We don't know for certain. It could be either or both. Whichever comes first? What we can understand, with the success of such attacks, is that they have found their way. Really.   How hard or easy? The attacker knows, but probably, also, those being attacked. Inclination should be there no matter how sophisticated our security systems are. In cybersecurity, we do a very focused job. Making sure we disappoint whoever is trying to gain access to any resource without permission and authority regardless of the environment we are in. What happened is that every asset deemed to have every variant of resource built-in, operating, that makes up the entire system working whatever it is trying to employ, in that case the primary purpose. Meaning, we have to know if we are running our system in a manner that is really secure, provisioned properly during design stage and managed continuously afterwards, post-implementation. No

iclassed privacy policy, unbelievable at first sight

Those who, before engaging us and was reading our business conduct, alerts and notices , could not restrain themselves asking, "can you really do your job without keeping any data at all? At the end of the day, you should still be looking at those information and make sure you did, and will, do well. I am expecting a lot from you here, you said so yourself!" Now, that last sentence is so loud. We keep them, not in our premises, but yours. If you've been our clients, you'll know how persistent we are when it comes to the reliability and security of your systems, data and credentials. That's our responsibility, as is made popular by cloud computing, and we don't need to be in a cloud.