Week 13 Presentation
Week 12 Presentation
Week 13 Readings and News Articles
Week 11 Presentation
Week 12 Readings and News Articles
http://online.wsj.com/articles/google-renews-its-cloud-efforts-1415062792
Google Renews Its Cloud Efforts: Company Adapts Offerings as It Tries to Catch Up to Amazon
Though Google is on top when it comes to it’s powerful networks of data centers, able to handle more than 3 billion search queries a day, they fall short to Amazon when it comes to renting out computing, though Google is making an attempt to change this by highlighting new offerings that will make it easier for customers to set up cloud services more quickly. It seems that five years ago Google’s service didn’t really exist leaving Amazon kind of the only option, but now more recently speaking, there seems to be a little more competition.
Week 11 Readings and News Articles
Reading – SQL Injection Tutorial
———————————-
It is very important when creating a website available for public use, to test for vulnerabilities which let users modify the URL in such a way they can malicously connect to the database and extract/modify and even
delete data all from a common browser. It is very easy to check for this vulnerability as noted in the reading. WebCruiser, a common Web vulnerability tool which will aid in the audit process.
Weekly Article
—————–
http://www.theregister.co.uk/2014/10/16/drupal_megavuln_sql_injection/
Drupal SQL injection nasty leaves sites ‘wide open’ to attack
Drupal before coming up with a patch for Version 7 (7.3), those not on the new version were vulnerable to SQL Injection attacks. Since many people create their sites in Drupal mostly (in my opinion) because their lack of programming knowledge, many if not all of these sites running version 7 and before share the same vulnerability, since their code is set up in almost the same fashion and from what I am told, it is not difficult to find sites using these version simply by using a simple Google search. A German Security Firm discovered the flaw and it has be stated that a malicious user can exploit these vulnerabilities without any kind of authentication. The make matters worse, the vulnerability was sitting in the public domain in Drupal’s public bug tracking database since November 2013 (this article was written in October 2014).