Recently by Paul Gilzow

I was part of something truly monumental this last weekend. After a week of hide and seek, Tony Hawk ended his Twitter Hunt extravaganza (#THTH) with a surprise demo here in Columbia, MO. Why was this monumental (besides having the Michael Jordan of skateboarding here in the home of the University of Missouri), and more importantly, how is this relevant to us in Higher Education? Because it was one of the most successful uses of Social Networking/Media I have seen to date. (photo by Genevieve Howard)

Many universities have implemented whole disk encryption on university-owned laptops in order to provide protection against data loss if the laptop is lost or stolen. Truecrypt and PGP Whole Disk Encryption are two common software solutions used. However, recent research from Invisible Things Lab has come up with a proof of concept (dubbed Evil Maid Attack) that would allow them to hook into the encryption software and sniff the password.

Attack happens like this:

1. Attacker has access to your laptop for 1 to 2 minutes (like a maid at a hotel)

2. Attacker boots laptop from a USB stick and infects the system with the Evil Maid Sniffer

3. Victim returns to the hotel room, boots laptop, enters in disk encryption password (that is now sniffed by Evil Maid)

4. Victim leaves laptop in hotel room again

5. Attacker can now boot laptop again off the USB stick and acquire the sniffed passphrase.

At this point the attacker can either steal the laptop altogether, or boot it up and steal specific information.

So, what can you, as an end user, do to alleviate this attack? Short of never leaving the laptop physically unprotected (i.e. place it in a safe when you leave the room), not much. I know that sounds pessimistic, but the harsh reality is that whenever a device leaves your hands, it has become insecure. Assume, that even with encryption, you are still at risk.

(via Invisible Things)

I’ll try to list off all of the relevant sites/tools that we discussed today. I’ve also uploaded the actual powerpoint presentation file if anyone wants to view it.

Universal Design-Final.pptx

• Good explanation of the principles of Universal Design: Universal Design Principles
• Adaptive Computing Technology (ACT) Center
• University of Missouri Web Policies and Guidelines
• Missouri IT Accessibility Standards (MITAS) - pdf file
• University of Nebraska-Lincoln Architect Website (example of a “bad” site)
• JAWS for Windows (Screen Reader)
• Dragon NaturallySpeaking (Voice Dictation software)
• ZoomText (Screen Magnification software)
• Mobile Phone Emulator - doesn’t play nice with Firefox but should work properly in IE as long as you have Java installed
• The “cleaned” version of the Columbia Daily Tribune
• Class-action lawsuit against Target, and another article about the lawsuit
• Cynthia Says (ADA evaluator)
• Functional Accessibility Evaluator (ADA evaluator)
• Wave 4.0 (ADA evaluator)
• Wave Firefox Extension
• Fangs - the screen reader emulator Firefox Extension
• HTML Validator Firefox Extension
• Color blindness checker
• My blog post on Firefox Extensions for Accessible Web Development
• Josh Nichol’s blog post on color blind accessible sites

Yes, I know that there are already a million posts around the web on the best Firefox extensions. However, I had a colleague ask me for some resources specific to making a site more Accessible. So I sent her a list of Firefox extensions specific to testing a site for Accessibility, and thought I would share them here as well.

First, here is the list of IT Accessibility Standards for the state of Missouri: http://www.oa.mo.gov/itsd/cio/standards/ITGS0003.pdf. This is the standard that we try to meet with the websites/web apps we develop.

Accessibility related

Accessibility Toolbar

This Mozilla/Firefox Accessibility Extension makes it easier for people with disabilities to view and navigate web content. Developers can use the extension to check their use of structural and styling markup that support functional web accessibility. In addition, it provides link to submit a page to the Functional Accessibility Evaluator at the University of Illinois at Urbana-Champaign.

Fangs Screen Reader Emulator

Creates a textual representation of a web page similar to how the page would be read by a modern screen reader.

Yellowpipe Lynx Viewer Tool 1.2.1

Enables you to see what a page will look like when viewed with Lynx, a text-mode web browser. It is also presumably, how search engines see your site. In addition, it can help determine if web pages are accessible to the vision impaired. Also gives a pretty good idea of how your site will work when javascript is unavailable.

General Web Development

Web Developer Toolbar

Absolutely invaluable collection of tools/utilities for web developers. Way too many features to try and list. If you do web development, you need this extension.

HTML Validator

Performs an inline evaluation/validation of the html code of any page you look at. Essentially, this is the same thing as running your code through the W3C.org’s code Validator, except that it is done locally on your computer. It also allows you to see, at a glance via a status bar icon, if the page you are viewing passes the validator, and if not, how many errors/warnings there are. Having standardized code doesn’t make your site Accessible, but having standardized code makes it easier to make it Accessible.

Firebug

Another invaluable web developer tool. Firebug integrates with Firefox to put a wealth of web development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page. I could not live without Firebug and the Web Developer toolbars installed. Well, I could live, but I certainly couldn’t develop nearly as efficiently.

Yslow

YSlow analyzes any web page and generates a grade for each rule (based on Yahoo’s “Rules for High Performance Web Sites”) and an overall grade. If a page can be improved, YSlow lists the specific changes to be made.

It is a great time to be a web developer! We recently mentioned how Opera had released version 9.5 of the Opera browser. Today, the mozilla foundation will release version 3 of Firefox.

To celebrate the release of Firefox version 3, I thought I would provide you with a list of interesting articles and a download of FireFox 3 - Revealed courtesy of Sitepoint.com.

First up, get the most out of Firefox 3 — with this FREE eBook from sitepoint.com!

Next up, webmonkey (yes, they are back!) has a great article on Why You Should Download Firefox 3 Right Now

Last, LifeHacker speed tested the 4 major browsers (Opera 9.5, Safari for windows 3.1.1, Firefox v3 RC3, IE 7) to see which was the fastest in 3 major categories: startup time, Javascript & CSS, and memory use. Speed Testing the Latest Web Browsers

Regardless of which browser you find to be your favorite, the fact that all the major browser vendors are updating their browsers to better support CSS, HTML standards and Javascript will surely make our lives as developers easier and more efficient!

Yesterday we learned that Firefox version 3 finally has an official launch date. But what does that mean to those of us who develop for the Web, and for the end user?

Instead of creating an exhaustive list of the details of version 3, I’ll instead point you to the Field Guide to Firefox 3, by far THE best guide I have seen so far on the new (and in some cases, improved) features in FireFox3.

Jason posted a couple of weeks ago about the release candidate for Firefox 3. We now have an official launch date for the final version of Firefox version 3. The Mozilla developers announced last night that it is their “… expectation to ship Firefox 3 this upcoming Tuesday, June 17th.”

Testing your web pages/sites in multiple versions of IE has always been a pain. Mostly because you can only have one version of IE installed on your computer at a time (yes, I know there are some hacks you can use to have more than one installed, but they are buggy, prone to crashing and dont give you accurate results). And, if you upgrade your XP installation to SP3, it comes with IE7 with no ability to downgrade back to version 6.

I have long been a proponent of using Microsoft’s Virtual PC and their free Internet Explorer Application Compatibility VPC Images. These allow you to run virtual machines with XP and a specific version of IE (6, 7 or 8; no version of 5.5 available). While this works and is certainly handy, it means that if you want to see how your site looks on all the versions simultaneously, you will have to load up at least two VM’s. Depending on how much system memory your computer has, this can bog things down quite a bit. There’s also the annoying fact that these VM’s expire every 3 months.

So the method works, but it still leaves a lot to be desired. Looks like someone felt the same way, but actually had the know-how and motivation to do something about it!

Released earlier this year, IETester allows you to view your site in IE version 5.5, 6.0, 7.0 and 8.0 beta1 all within a single “window” in different tabs. You can now quickly tab through all 4 versions of IE to see how they compare!

Note that this is alpha software, so don’t be surprised if you experience some bugginess. For example, when I switched from tabs to a side-by-side comparison (similar to the image above) and tried to scroll horizontally, the screen for that IE version went blank and took about 10 seconds to come back. But once they can get these minor annoyances worked out, I can see IETester easily becoming a top-10 indispensable WebDev tool.

ReadWriteWeb had a very interesting post today about how 7 out of the top 10 fastest rising search terms from last year were “navigational search” terms: searches for a website that the user wants to visit where adding .com to the search term would have take the user directly to the site. In other words, instead of typing “www.facebook.com” into the browser’s address bar, the user searched for the term facebook in order to get to facebook.com.

We, as developers, have long been taught that providing your users with an easy-to-remember, intuitive URL is the best way to ensure that your users can find your site. But in light of this new information, I wonder if we, as a campus, should begin discussions on how we can make sure all our various sites are optimized for search engines.

Google recently released Google Doctype, “…a Google-sponsored open encyclopedia and reference library for developers of web applications.”

I’m a little disappointed in the content of some of the “HOWTO” articles (they just aren’t very deep) though the security articles are very good. The DOM, HTML and CSS References are top notch and are sure to be EXTREMELY handy in the future.