Celebrating 27 years with a site update

We’re celebrating our 27th year with a new site design! As always we’re still writing code! Site speed is becoming more of a metric for websites, and it’s super important for both SEO and for your visitors. Our last major site redesign was four years ago, and like many sites over the years this has … Read more

USA Department of Defense: Detecting Agile BS

The USA’s Department of Defense has a Defense Industrial Base (DIB) Cybersecurity (CS) Program to safeguard information. Under the DIB CS Program, DoD and DIB participants share cyber threat information. In October, the group released a detailed guide on one of our favourite topics, Agile software development. Agile software development is an approach where ‘requirements … Read more

Cloud authentication: locked out of your home?

On Wednesday, October 10th, it was reported in the Daily Mail and The Register that the security company Yale had unplanned network maintenance which caused their cloud service to go offline for 24 hours. Please bear with us, we apologise for any inconvenience caused. *Please note this issue affects all of our app-controlled alarm systems, … Read more

Google Chrome breaks the world-wide-web – www and m subdomain hidden in address bar

Google Chrome has recently made the unpopular move to fundamentally change how URLs are shown in the browser. In almost all browsers (except Safari, below), the full URL is shown in the address bar, https protocol and all. However, with version 69 of the Google Chrome browser, a change has been made to attempt to … Read more

Are your S3 buckets private?

Alongside checking your backups are working, updating your systems, checking for viruses, and all the other monthly tasks, it’s easy to overlook simple security areas of your network and storage. Over the past few months, there have been a deluge of exposed Amazon S3 buckets which have been exposed or found. The data of 123 … Read more

Are Cloudflare to start their own Public DNS?

It’s heavily rumoured that Cloudflare will soon be announcing a Public DNS server. Their website, every1dns.com is currently empty, but Google have a cached version of the site available. The two DNS servers, easier to remember than Googles are said to be 1.1.1.1 and 1.0.0.1. According to their website, both support encrypted DNS as well … Read more

Word blacklists, censorship, and Google Shopping

As of recently, Google have ‘broken’ Google Shopping. It appears they have set up a blacklist of words which cannot be used in searches. The problem is commonly called the Scunthorpe Problem. This is where certain words or phrases are caught by a spam filter or search engine because the words used contains a string … Read more

UK Gov sites hijacked by Cryptominer, and Subresource Integrity

Over the weekend, thousands of websites around the world, including the UK’s NHS and ICO and the US Government Court system, were compromised, and caused visitors to mine crypto-coins – generating money for the miscreants. These sites were using a popular plugin called Browsealoud. Their support software “adds speech, reading, and translation to websites facilitating … Read more

State of the Web – Autoplaying Audio and Video

It’s an ongoing debate – users do not like videos to autoplay (apart from YouTube), and designers want their website to feature their video and audio immediately on visiting the page. In the distant past, this has often been ‘solved’ by using Adobe Flash to play videos. Browsers soon caught up to this madness, and … Read more

Which Payment Gateway

Often, the choice of which payment provider to use is a case of which offers the lowest cost, or which offers the functionality that’s required for your business. Once past these limitations, many payment providers are the same; offering either an on-page or external redirection site to take payment, and returning a secure callback to … Read more