Tuesday, November 27, 2012

How NOT to Recover Quickly From a Hacking Incident

With many determined hackers attempting to hack into websites, getting hacked is almost inevitable. It is not a matter of if but when your website is hacked, so we need a plan on how to get your website back up quickly when it happens. Websites routinely get hacked but they recover quickly. Websites from Nigeria, UAE, Bangladesh, Iran, Sweden and even Switzerland got hacked but they were quick in restoring their services. How they restored their sites was easy, but this piece is not about how their restored their sites. This is about how NOT to recover quickly from a hacking incident in general.

I recommend the following steps so you will NOT recover quickly.

1. DO NOT shut down your site immediately. Why is this important? News of a hacking incident spread fast. It is important that the public sees and confirms that your website is hacked. By not shutting down your site immediately, you show that you still maintain control of the website. You will shut it down when you want to and not because you have to. Also, by NOT shutting down the site, you allow the hacker to further compromise and infect the system. DO NOT mind if he has complete control of the website. He could further harm the system and it’s still not a problem because you DO NOT want to recover quickly.

2. DO NOT backup regularly. Why is this important? Backups that are a few months old mean that you will need tons of efforts to bring them up to date. This favors longer recovery times. You DO NOT want to recover quickly.

3. DO NOT PREPARE A RECOVERY PROCEDURE. Why is this important? You DO NOT want to recover quickly.

4. DO NOT IMMEDIATELY SEEK THE ASSISTANCE OF OTHER PEOPLE IN THE RECOVERY. Why is this important? You DO NOT want to recover quickly.

5. Overwrite your most recent versions with the old backups. Why is this important? Using the most recent version is the fastest way to restore your site. So why shirk away from a challenge? LOSE the recent version by overwriting it with old backups. 

6. Take your time assessing what happened. Why is this important? Take your time but do everything else frantically to make it appear that you’re doing something. You DO NOT want to know what unpatched OS vulnerability or unupdated malware or antivirus caused the hit because  you DO NOT want to know what patches and updates you missed. Ignorance is bliss.

7. DO NOT run antivirus and malware checks on the infected server. Why is this important? If you know what trojan, backdoor, or virus infected the site, then you can apply the appropriate remedy on your backup sites, but you DO NOT WANT to recover quickly.

8. Prepare to run a deprecated version of your website. Why is this important?  Spread your resources thin by preparing a deprecated version of the website that you will run after a hacking incident. The deprecated website will show the cyberworld that a) you have not recovered from the hacking; b) you have false hopes believe that a deprecated site will not be hacked; and c) you don’t have the confidence to face hacking attempts again (all because you took steps #6 and #7 above).

9. Dilute your resources by focusing on other processes. Why is this important?  Just shortly after a hacking incident is the best time to feign to study how to improve other processes not related to the hacking. This will deflect attention from the missteps prior to and shortly after the incident. This is also the time to blame the OS (even if thousands of sites still use them and the vendor still issues support and patches).

Saturday, November 17, 2012

The quest for the most bang for the buck android phone

I replaced my trusty Samsung Galaxy Ace which I have given to my son with a CherryMobile W100. It was a steal for Php 3,500. It had a 1 Ghz processor that can smoothly play Temple Run, it accommodated 2 SIMS, and took decent photos. It served me well for more than a month, but unfortunately I lost it in a cab. While we hear news of wads of dollars left in taxis that honest drivers/ passengers return to the rightful owners, you never hear of lost phones finding their way back to the owners. But that's another story.

I wanted to replace my lost W100 with another W100 but then I heard of the new CherryMobile Flare introduced 3 weeks ago. The specs sheet say it had a dual core 1.2Ghz Snapdragon, dual camera, dual SIM, and a middle of the road GPU. Many other phones could beat those specs. But no phone could beat the giveaway price of Php 3,999. Other phones just a notch ahead in specs command twice the price, so I sought out where I can buy this model.

It turned out that CherryMobile, after introducing Flare last October, had scheduled its launch at an undetermined date in November. The long wait whetted the Android fans' desire to get one. The low price convinced many that the price would go up later, since similar cheap-brand phones cost least 75% more. On the other hand many hope that MyPhone and Starmobile would also drive down their prices.

And then the announcement came that Flare would finally be sold on November 17 in just 2 stores. The local blogging world had been anticipating this news. Forum buzz indicate a heavy turnout. CherryMobile is giving away a powerbank worth Php 999 to the first 50 buyers. And learning from a similar buzz sale 2 years ago, when the announced a 50% discount for LG Optimus One and Nokia C6 caused chaotic queues at Megamall, I ventured out early to grab one.

So I arrived at SM North Edsa at around 9:30am. The mall opens at 10am yet but a handful of probably Flare fans are buzzing at the entrance. When the mall opened, the small throng quickly scaled the escalators. I followed in earnest, confident that I would be among the first 50, for how could all these people be going to the same store? But when I got there, I saw to my dismay that at least 150 people arrived before me.

Selling will start at 1pm said the store clerks. But despite some minor hassles, the store and the mall management kept the lines organized. They gave I think around 500 cards to those at the line.  Listening to the chatter of those who waited, I glimpsed that there is a strong community of Android fans that can tweak their phones. I may have gained a few friends that I can turn to when I want to root my phone.

Everyone that stayed the course got what they queued for. Practicality permeates more in them than pa-sosyal effect. So congratulations to CherryMobile SM North Edsa for the successful sale. The new Flare phone is not the best phone out there, but it surely gives the most bang for the buck.

Unpacking the box at home: The phone's UI looks generic. There are not that many specialized apps pre-installed. There is no FM radio, and the video is not HD at 480p. The battery is a thin 1500mah, expect it to last at best a day. But as I said, at sub 4k pesos, this phone is the winner.