iWeb at HackMTL 2013 – Javascript edition

Published on August 23, 2013 at 12:17 pm by iWeb Technologies in: Web Development Articles

On August 16 and 17 iWeb participated in #HackMTL, a ‘hackathon’ event organized by MTLStartupTalent and held at the Montreal Olympic Stadium. The hackathon brought together more than a hundred developers from a wide variety of backgrounds for 24 hours of hacking in Javascript, creating single page applications, Chrome extensions and Node.js based systems, and even integrating it all with hardware. Here’s an account of the event for anyone who couldn’t attend, or is simply interested in understanding what a hackathon is. We also have details of the competition winners.MTL hackathon Continue reading »

64-bit Linux: important security vulnerability identified

Published on September 19, 2010 at 3:32 pm by iWeb Technologies in: Web Hosting Articles, iWeb Articles

Last friday a security vulnerability affecting 64-bit Linux operating systems has been identified (see: http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3081 and http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3301).

This vulnerability is potentially very harmful because it allows an ill-disposed hacker to take over a web server and give him full root access thanks to a backdoor. Continue reading »

WHT, largest web hosting forum hacked; users data made public

Published on March 24, 2009 at 3:08 pm by heri in: Web Hosting Articles

wht hacked WebHostingTalk, one of the oldest forum about web hosting, and a reference in the industry, experienced a major security problem yesterday.

It appears an unknown hacker was able to access the backup server, get access to the database, delete the tables, and then access WHT from the backup server. The WHT team had to take the website down, and could only upload a backup from late last year.

If you are a sys-admin or a web developer, do read the post and the following comments.

It’s surprising to see that such a reference in the web hosting industry could be hacked, with user data such as email addresses, private messages, hashed passwords posted to the web. One would think that the technology team at WHT would be the most advanced and experts in security, data backup, web development and system administration, by seeing all the daily threads and discussions on these subjects.

Of course, security is not an easy issue. Hackers always target the biggest, most visible organizations and websites which will give them maximum visibility, and hacking WebHostingTalk and getting access to the members database is a feat most hackers would want to accomplish. The same goes for banks, insurance companies, governments, and many large companies. A whole country (Estonia) was for instance attacked with a DDOS 2 years ago by russian hackers, after a political disagreement. A more recent episode was when JournalSpace had to stop running their website, when a rogue sys-admin destroyed the database.

Nevertheless, there are basic tasks one can do to prevent such “terror stories”: do security audits of your servers, download every week on a local machine the backups, use a continuous backup solution such as R1Soft, monitoring closely ssh access to the servers, use at least 3 different backup systems etc.

There was also a security guide published here, with also instructions on your first setup.