 |
Technical
Information
|
| |
| Are
you puzzled? Ask us for help! |
| |
|
|
|
| |
| Note: The
information in this section is provided to assist you in making an educated
choice for guarding the security of your computer system and your privacy.
Information contained here has been obtained from sources believed to be
reliable. We do not guarantee its accuracy or completeness and neither NOVALynx
nor the authors of this website shall be responsible for any errors, omissions
or damages arising out of the use of this information. |
|
| |
| Secure
Website Information Top
of this page |
| |
|
|
When
you are entering a secure site you are attempting to make a secure
connection to the website. NOVALynx can provide secure communications
and the connection will have a valid certificate.
|
| |
|
|
|
Secure
communication means that information you provide, such as your name
or credit-card number, is encrypted so that it cannot be read or intercepted
by other people. The certificate is a statement guaranteeing the security
of the website. A certificate contains information that a specific
website is authentic. This ensures that no other site can assume the
identity of the original site. |
| |
|
|
|
When
you enter a secure website, the browser can display a dialog box and
a lock icon in a locked position somewhere on the screen. When you
leave the secure website, the browser may display a dialog box to
notify you and the padlock icon will open or disappear. |
|
|
|
| JavaScript
Information Top
of this page |
| |
|
|
JavaScript
is a scripting language now supported by all major browsers. This
programming language was originally developed by Netscape Communications.
It is used to make interesting and useful things happen on your browser
by loading programming directly into your browser. |
 |
|
|
|
On
our site there are no operations that rely on the use of JavaScript
or any other kinds of scripts. At one point we used JavaScript for
fun things like changing buttons and images when the mouse was over
them and even for navigating between screens. We have discovered that
many people have scripts (programming put onto your browser to do
things) turned off. Some do this for security reasons. Some users
just ended up having their browsers set that way when they were installed
or when someone else used it and changed the settings. |
|
|
|
|
Many
users have scripts (which would include JavaScript) disabled because
there is the possibility of destructive programming getting into your
computer or onto your network from hostile websites. |
|
|
|
|
Cautionary note: Our banks will not let us do transactions if scripts
(programming) and cookies are disabled. You may need to turn them
on temporarily to carry on your banking activities. |
| |
|
|
|
"The
Computer
Security Office of Stanford University does not recommend using
JavaScript in Stanford Web pages." However, there are alternative
scripting and programming languages that are secure and provide
as much, if not more functionality than JavaScript The safe alternatives
include PERL, PHP and Java. (PHP is the scripting language used
to manage the NOVALynx site.)
Notes
from David Brumley, Stanford Security Office:
"The
Computer Security office does not recommend using JavaScript in
Stanford Web pages because it presents a clear danger to our users.
If a user enables JavaScript to browse the Stanford sites they will
leave it on when browsing possible hostile sites.
The
Dangers
JavaScript
can easily be programmed for:
- Data
theft -- I can steal any file on your hard disk, including grant
proposals, passwords, credit card numbers, and private encryption
keys.
- Invasion
of privacy -- I can monitor which websites you visit in real time.
- Infection
of viruses and other damaging programs -- I can send you a malicious
e-mail that auto-executes via JavaScript
These
dangers exist in anything JavaScript enabled including e-mail and
news readers.
...
JavaScript is traditionally used for one of two things:
a.
Web Page Style
b.
Form Manipulation
Both
of these objectives can be accomplished by using a more secure programming
or scripting language. Secure alternatives to JavaScript include:
- PERL
-- can and should be used for form manipulation and validation
- PHP3
-- enables Web page designers to do everything JavaScript does
plus more like easy database connectivity and on-the-fly GIF creation
- JAVA
-- offers all the benefits of a full feature programming language
for both web page content and CGI processing."
|
| |
|
|
|
You
can get more information on JavaScript danger by going to the Google
search engine at www.google.com
and typing in "javascript dangers". |
|
|
|
| |
| Cookie
Information Top
of this page |
| |
|
|
Why
do cookies exist? To display a page in your browser, the browser must
request information from a web server. Once the web server delivers
the page to your browser, no connection is maintained. Each request
is individual with no regard to what came before. If you move to a
new page there may be a need to know that you are the same person.
There are several ways of keeping track of you and one of them is
through the use of cookies. These are small text files placed on your
computer by the Web server to identify you as the same person. |
| |
|
|
|
Cookies
are not active software programs that can do any programming tasks.
Each cookie is simply passive text (a text file similar to text supplied
in a plain text e-mail) that can be read only by the site that created
and placed it on your hard drive. They cannot cause or carry viruses. |
| |
|
|
|
Many
users object to cookies because the placement and retrieval of cookie
information is too often used to track you behaviour on the Web. Some
companies have formed alliances across the Net that allow tracking
of surfers' personal data and shopping habits. |
| |
|
|
|
Cautionary
note: Our banks will not allow us to do transactions if cookies and
scripts are disabled. You may need to turn them on to carry on your
banking activities. As you move from page to page viewing your private
information, the bank will need to know that it is the same person.
|
| |
|
|
|
If
you set your browser to accept no third party cookies and to delete
the cookies after you leave a particular Website, then cookies cannot
track you as you move around the Web. |
| |
|
| |
|
|
| Frames
in Browsers Top
of this page |
| |
|
|
Jakob
Nielsen
- from: Designing Web Usability: The Practice of Simplicity, New
Riders Publishing
For
more information on Jakob Nielsen go to our LINKS
page
“My
main recommendation to frames is
Frames: Just
Say No
People
who really know what they are doing can sometimes use frames to
good effect, although even experienced designers are advised to
use frames as sparingly as possible.
Navigation doesn't work with frames because the unit of navigation
is different from the unit of view. If users create a bookmark in
their browser, they may not get the same view back when they follow
the bookmark at a later date, because the bookmark doesn't include
a representation of the state of frames on the page.
Even
worse, URLs stop working. The addressing information shown at the
top of the browser no longer constitutes a complete specification
of the information shown in the window.”
|
|
| |
|
|
| Why
PHP?* Top
of this page |
| |
|
|
PHP
is a computer scripting language that resides on the web server. Unlike
JavaScript and VBScript, the PHP programming is never placed on your
computer. When you visit a web page that has php programming in it,
it creates HTML and sends that to your browser to create the web page
that you see. |
| |
|
|
|
PHP was created in 1994 by one man, Rasmus Lerdorf and has now gone
through three major rewrites to bring users of the web the mature,
broad product we have today. As of July 2002 it was in use on over
9 million web sites and this number is growing rapidly. This
is an increase from the January 2001 PHP usage of just over 5 million
websites. |
| |
|
|
|
PHP
is very efficient and millions of hits per day can be served using
a single inexpensive server. |
| |
|
|
|
PHP
has native connections available to many database systems including
direct connections to MySQL, PostgreSQL, mSQL, Oracle, dbm, filePro,
Hyperwave, Informix, InterBase, and Sybase among others. |
| |
|
|
|
What
new resources does an Internet user need to be able to use PHP
programs and the databases associated with them? NONE! but
what she probably already has: an Internet connected browser on
a Windows, UNIX, Linux or Mac computer.
|
|
| |
|
|
| MySQL
Database Top
of this page |
| |
|
|
A
database allows you to efficiently store, retrieve, sort and search
data. MySQL (pronounce My-Ess-Kew-Ell) is a relational database
management system (RDBMS) that is very robust and fast. |
| |
|
|
|
Many
users can work concurrently with fast access to the data and it ensures
that only authorized users can obtain access. |
| |
|
|
|
It
uses SQL (Structured Query Language), the standard database query
language worldwide. |
| |
|
|
|
MySQL
has been publicly available since 1996, but has a development history
going back to 1979. |
|
| |
| |
|
|
