Important Security Announcement: OpenSSL bug

Posted on by April 10, 2014

The recent OpenSSL issues (CVE-2014-0160) have required most of the world’s Internet service providers to patch their systems and we completed ours late on Monday this week.

Our perimeter systems should have detected some of the possible ways this exploit would have been used and we haven’t seen such alarms, but there are ways services may have been attacked that would not have been seen.

Despite the seriousness of this bug and the potential for loss of data, it is unlikely that our services were targeted using such methods. However, we suggest users should not be complacent so we offer the following advice.

As a precaution we recommend users change passwords on Zimbra email services which are the most likely to have been affected.

We are also reviewing all systems for other secondary signs of compromise or attempted compromise and will be renewing vulnerable certificates where keys may have been compromised.

Some aspects of certificate renewal have been delayed beyond our control due to the huge increase of validation and re-issue tasks at certificate authorities.

Firefox users may experience an error showing relating to the OCSP server. This is an added protection Firefox uses that checks a service that looks for revoked certificates. Again due to the increase in revoked certificates, lists are not getting updated as quickly as usual and so it cannot confirm that a new certificate is not listed.

To fix in the short term: If you check under Firefox preferences you will find Advanced – Certificates – Validation – and untick the OCSP server check. After 24hrs we recommend you return this setting to normal.

If you have any queries relating to this please do contact support and they will be happy to assist.

Choosing a domain name

Posted on by February 7, 2021

Choosing a domain name – falling off a log, right?

Well yes in that debit card in hand it’s the work of moments to buy yourself a domain name, but care is required to make sure that you register a domain name that meets the needs you have for it. This is a very general and non-technical guide to choosing a domain name.

.co.uk or .com?

Let’s assume you’re a UK organisation choosing a domain name. If you make widgets then .co.uk is the most appropriate TLD (Top Level Domain). Many companies also buy the .com to protect the name. Whether your company name ends in .com or .co.uk isn’t a major consideration, but if you’re manufacturing in the UK or just like to be loud and proud about being British then .co.uk will give you mileage.

.net or .org?

However, what if you provide online services, as we do? Then .net may well be best to show your net-based focus, and is the one we chose. If you’re a charity or non-commercial enterprise then .org or .org.uk is the best choice. Consider also the recently released raft of specialist TLDs such as .photography, .london, .wales, .hotel, .pizza and .golf.

International TLDs

Another option is international domain names that complete a word or give a snappy finish, such as .ie (Ireland), .io (British Indian Ocean Territory), .tv (Tuvalu) and .ly (Libya). There may be restrictions imposed on non-native companies registering these names, so you would need to look into each instance carefully. Generally these are best left to the funky young companies choosing a domain name to convey bounce and creativity. The golden rule here is:

identify what you’re trying to convey with your domain name, and go from there.

What if your company name’s been taken?

If you’re very very lucky your company name may still be available, but most ordinary words and names have long since been snapped up. The new supply of TLDs will ease that situation, but you could also try choosing a domain name based on a variation of your preferred name. Eg Mackay Widgets might have wanted www.mackay.co.uk, but it could also weigh up mackaywidgets.co.uk, widgets.co.uk, ukwidgets.co.uk, mackaywidgetsuk.com etc.

Bear in mind where and how this domain name will be deployed. Underscores and hyphens don’t translate well to radio advertising and ideally a URL should be fairly snappy. mackaywidgetsuk.com gets across the company name, product and location, but it’s quite long.

SEO, marketing and site optimization is a whole other area of expertise. Specialist advice should be sought on this from a company such as We Are All Connected who are, interestingly, at https://www.weareallconnected.co.uk/.

Can we register a domain name for you?

Once you’ve chosen your domain name you must then negotiate the minefield of filling in each field correctly. Failure to do this can put your ownership of your domain name at risk. If you’d like advice on best practice, or would like us to see through a domain name purchase for you then please get in touch.

Coding in Schools

Posted on by March 10, 2014

September 2014 sees the introduction of coding in schools as part of the curriculum

We love this BBC article on the Hour of Code – it captures so much about children (especially boys). Working through the exercises complements coding in schools and starts to make code something accessible to children, theirs for the taking, rather than a scary occupation reserved for those who’ve grown roots into their computer.

The Hour of Code

The Hour of Code is a US initiative aimed at imbuing children with an interest in coding, but it chimes in perfectly with the changes in the UK curriculum that will put programming to the forefront of ICT lessons and replace the “obsolete and boring” IT curriculum as it stands. This idea is not particularly new however – in 2011 the prospect of GCSE students writing programs was being unveiled by David Willetts. Since then, teaching children to code has become quite the thing, from books aimed at four year olds to global teaching groups such as CoderDojo and the home grown primary-aimed after-school Code Club.

Support for teaching – double-edged sword?

Coding in schools is still not compulsory though, we must wait til September for that, but it is appropriate that it makes its appearance during the Year of Code. The introduction of coding is being supported by two million pounds to create a core of Master Teachers, over a million pounds to Computing at School to support primary school teachers and a bursary to support candidates wanting to become computing teachers. This last should be viewed with caution, it must be said, because:

Scholarships of £25,000 – backed by Microsoft, Google, IBM and Facebook – are being offered to computer science teachers

Having finally disentangled itself from the clutches of simply teaching basics in proprietary skills, we can’t allow ICT teaching to become yoked to a different set of self-interested taskmasters. Do we really want to see Microsoft quoted on the government’s own website?:

We’re already helping teachers in a variety of ways. From the brand new “Switched On Computing” teaching materials through to our teacher training roadshow. I am confident that through this combination of funding, materials and activities, teachers will be hitting the ground running come September.

Furthermore, Codecademy warned in December 2013

“that a large number of English schools “have not even started thinking” about the major change to the curriculum.”

However, if we get this right

CAS and Codecademy said the changes will make England “the educational envy of almost every other country in the world”.