Paul's Painting Services

Web Security

Technology is an integral part of our everyday lives, as technology advances, so does our
dependence upon it. We often find ourselves storing personal information such as our email address,
home address, personal photos, phone number, and sometimes payment information – not realizing how easy such information can be compromised by hackers. This is due in part, to the amount of
information web applications can access.

According to JavaScript - The Web Warrior Series, 6th edition by Sasha Vodnik/Don Gosselin, properties such as appName: Which shows the name of the web browser displaying the page;
appVersion: This property shows the version of the web browser displaying the page; geolocation:
This is an API used for accessing the user’s current location, and also the permissions the user has
enabled, which include denying or allowing access to such information; onLine: This property
displays whether the browser currently has an internet access/network connection; availHeight: This property shows the height of the display; screen, colorDepth: This property shows the display screen’s bit depth, it displays whether a color palette is in use or, if a color palette is not being used, then it returns the value of the pixelDepth property; and last, pixelDepth: This property shows the screen’s color resolution via bits per pixel. All of these properties are a part of the Screen Object – which is used to gather the information above.

Now back to the subject of hackers, there are various ways a hacker gain unauthorized access to your personal information; by storing a malicious script in a script file in an HTML page, or by placing a mischievous object, link, or embed into an HTML file, or message board that allows such properties. One way a user can protect themselves is by making sure the operating system has a firewall enabled, only entering sensitive information on trusted and secure websites (sites that use HTTPS) – and on a secure connection (a VPN or password-protected home connection), avoiding suspicious emails that ask for personal information – as these are usually phishing attempts to steal sensitive information, using only strong passwords on websites, and by limiting information that applications can access – as well as researching such applications before downloading them.

● Below are websites that discuss web security ●

This website touches on the basics of web security and web threats:

This website provides 7 tips for mobile users to hinder applications from confiscating their data:

This website provides an in-depth summary regarding web applications, how they function, and web application threats:

This website has information regarding a popular app that was supposed to clean up and unzip user files, but instead, it ended up stealing personal information and uploading it to a remote server: