Major SSL bug called ‘Heartbleed’ exposes your data

Get ready for a new interruption in your work day. A newly discovered security bug nicknamed Heartbleed has exposed millions of usernames, passwords and reportedly credit card numbers — a major problem that hackers could have exploited during the more than two years it went undetected.

This one is unlike most of the breaches over the past few years, in which a Web site got hacked or let its guard down. This flaw is in the SSL (HTTPS) code designed to keep servers secure — tens of thousands of servers on which data is stored for thousands of sites. The bug was found in SSL certificates using a common form of OpenSSL, which is used on servers to encrypt sensitive information to protect people’s privacy. At least 500,000 servers were reportedly vulnerable and I bet thats a low number.  It primarily affects NGinx and Apache servers which by some accounts is more than 60% of web servers in use today.

Server admins are checking and testing to see if their SSL certificates are using the vulnerable version of OpenSSL and reissuing the SSL certificates using non-affected versions.  You should change passwords only AFTER the new SSL certs have been issued.

OpenSSL is an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements the basic cryptographic functions and provides various utility functions. The beauty of OpenSSL is that it is primarily an open platform.  So that when a vulnerability is discovered it is quickly announced and fixed.  With proprietary systems, a bug could exist and only a handful of people are responsible for policing it.  And if found, they may not tell anyone for fear of repercussions.  Open source is a double edged sword for sure, but it slices both ways and that is a good thing IMHO.

Posted in Code, News, Web Design | Tagged , | Comments Off on Major SSL bug called ‘Heartbleed’ exposes your data

National Underground Railroad Freedom Center Website Redesign

nurfcOldHome

NURFC's homepage in 2007

We’ve been working with the Freedom Center since 2006 and got a chance to redesign their website in 2007. It was a huge undertaking, a complete rethinking of the site’s purpose, architecture, and design.

Over time the homepage was updated to meet the changing needs of the organization. Recently we were tasked with addressing an upcoming shift in the Freedom Center’s online communications goals and didn’t feel the existing layout could accommodate that without pushing other important information into the background.

The center plans on highlighting the work they do combating modern slavery and want the website’s blog to be the primary avenue for this push. That meant getting articles on the homepage without overwhelming visitors with walls of text. We accomplished this goal by bringing a list of recent blog articles to the homepage and also dedicating a large navigation element to the Slavery Today section of the website.

The Freedom Center's new look

The Freedom Center's new look

The other elements of the homepage each provide quick access to the site’s more popular sections, we also brought a list of upcoming events in to help balance out the blog headlines.

One of the biggest challenges we faced during our initial design was the lack of great photography. The building and the exhibits are truly stunning but we struggled to get that across. Cincinnati architecture photographer Miles Wolf has taken some amazing interior and exterior shots since our first go around and we weren’t going to miss the chance to incorporate them into the new site (the home page greets visitors with one of 6 randomly chosen images and each of the main sections also sports a large photograph).

Fortunately, due to the modular approach we took to our rebuild of the site in 2007, the process of applying the design to the site went very quickly. With the exception of the home page, which was built from scratch, we were able to apply the new design across the whole site in just a few hours work.

Visit the site and let us know what you think.

Accel Advisors Website Redesign

AccelAdvisors.com viewed in FireFox

AccelAdvisors.com viewed in FireFox

We originally built (but didn’t design) Accel Advisors’ website way back in 2006 and recently tweaked the layout and color scheme a bit and also updated the code to take advantage of some of the new css3 properties like rounded-corners and drop-shadows* (translation: the site downloads a bit faster and is easier to maintain).

Visit AccelAdvisors.com

*These elements don’t display in the current versions of Internet Explorer but do in all modern browsers and will in IE9, which Microsoft is releasing later this year.

PinkRibbonGirls.org Redesign

prgscreenThe Pink Ribbon Girls is an organization for young women with breast cancer. We’ve been working with them on their website for almost 4 years now. Over that time we’ve added a lot of features in the member area but when it came time to add a whole new section for volunteers (AKA The Pink Ribbon Gang) it was decided that we needed to make a few tweaks to how pages were laid out.

One of the biggest changes was width. Since we first designed the site the average user’s screen size has increased from 800×600 to 1024×768. This gives us a lot more room and the ability to display things across the horizontal without it looking too cluttered.

We also streamlined the sign-in process, added a blog, and a whole section to keep family members and friends in the loop.

Has it been a while since your website was last refreshed? Contact us for a quote.

Posted in News, Web Design | Comments Off on PinkRibbonGirls.org Redesign

2008: A Retrospective

As we look forward to 2009 at Electronic Art, we are pretty busy with projects already and it doesn’t appear that it will let up anytime soon.  Many firms are still investing in marketing, even harder in these down times, to try to capture every sale they can.  It’s always good for us to look back at the past year and think about the projects that kept us busy and were fun to work on. So, I thought I’d look back and recall some good ones.

We started 2008 with the installation of a way-finding kiosk for Boone County Kentucky’s brand new library facility.  This was a nice physical installation with our fabrication partners at Adex International, and our unique kiosk software application helped people find their way around the new facility.

bcpl_home

Continue reading

Google Analytics – Event Tracking

Google just announced that Event Tracking is now available for all profiles. Event Tracking allows you to track, AJAX elements, gadgets, file downloads, load times for data and most importantly flash elements and movies. One large drawback to using flash has been the inability to track how people interact with it. I expect that this coupled with Adobe’s improvements to the flash player should remove some of the barriers that have prevented developers and designers from using flash.

An Event Apart Chicago

Chris and I were fortunate enough to be attendees at the sold out conference last week. The event, which covers everything to do with web design, featured some of biggest heavyweights in the field. What I enjoyed most is unlike other conferences I’ve attended in the past, this conference wasn’t too focused on inspiration or selling software, it truly covered a broad range of topics.

We are both really excited about applying what we learned to our current and upcoming projects, and sharing what we can with our team that was unable to attend. I for one am excited to adapt some of the brainstorming/problem solving skills and user interface tips. Borrowing words from a famous chef, we will be cranking up our work a notch.

One final detail, we got a sneak preview of Adobe Creative Suite 4 and I am IMPRESSED. There might not be as much wow factor as previous upgrades, but the usability and workflow changes are much appreciated by your truly.

EA is at KioskCom & AnEventApart this week

This week is an odd week where many staff members are not in the office at Electronic Art.  Myself and Rob Brinkmeyer will be exhibiting at www.KioskCom.com , an industry trade show for kiosks, digital signage and everything related.  Come see us in NYC and see our kiosk & digital signage hardware and software services.

Also, Chris and Erik are in Chicago at www.aneventapart.comfor web design listening to notable industry speakers such as Jeffrey Zeldman, Eric Meyer, Cameron Moll and many others.  It’s a total geek fest from what I can tell.  Chris is making updates to Twitter throughout the conferences, his remarksare a crackup.  Sounds like a sea of Apple fans.  Not that we are not fans, Erik is a Mac head here in our office.  I just think it is funny that design happens on Macs and the world reads web pages primarily on Windows.  Such is the world for now, unless Apple can gain more market share!   (Go APPL, I own your stock in my retirement…)

I will also keep my Twitter & Facebook pages updated throughout KioskCom.  And we will hopefully be able to update this blog with some interesting show information.   Gotta go pack and catch an early flight to Manhattan.  Later!