Categories
Trends Uncategorized

WhatsApp Soundly Beaten As Stunning New Alternative Goes Live

WhatsApp Soundly Beaten As Stunning New Alternative Goes Live

While on the surface WhatsApp remains king of the messaging hill, beneath the surface there are some worrying signs for Facebook’s flagship platform. With its 2 billion users, WhatsApp can seem unstoppable, but it has some weaknesses in its functionality—in the way it works. And, above all, it has one dealbreaker for many—its Facebook ownership.

So, what are those functionality weaknesses? Well, there’s the continued lack of genuine support for multiple devices—the option to link apps on your phone, tablet and PC to a single account. Then there’s the serious flaw in its backup option, which is required to transfer message history to a new phone. Those back-ups fall outside WhatsApp’s end-to-end encryption—and that’s a critical issue.

WhatsApp voice and video calling are excellent—fully encrypted, perfectly integrated with its messaging, single-click calls for the groups we use daily. But those calls—video or voice—are constrained to our smallest screen devices. And that just doesn’t work anymore. WhatsApp knows this—multiple linked devices and desktop calling are reportedly in the works. But, in the meantime, we’re turning to the competition.

All of which makes WhatsApp’s much smaller, but much more exciting, upstart rival Signal a potential giant killer in the space. Signal is the modern-day messaging disruptor, seeking to repeat the trick WhatsApp itself carried out all those years ago, before the Facebook acquisition.

Signal was designed to put security first, that’s its USP—WhatsApp actually uses a tweaked version of the Signal protocol itself. And historically this approach made for a clunky Signal user experience. But all that’s now changing. Signal is on a mission to take on the mainstream. And if you haven’t tried the app yet, you really should.
Back in August I reported that Signal was beta-testing voice and video calls from its brilliant desktop app—a genuine app, 

not the web-based smartphone scraper offered by WhatsApp.

Signal also offers a seamless iPad app. There’s no need to keep your smartphone switched on or connected to access Signal from other devices.

Signal’s new desktop calling feature is now live—go try it for yourself. 

This is much more important than it may sound. It emphasizes the multiple encrypted endpoints available in Signal, it showcases convergence—playing a convenience card to the new work from home workforce. There may not be backups with Signal, but these other encrypted instances provide resilience in case you lose your phone. And the platform appears flexible and nimble in contrast to WhatsApp. You’ll struggle to find a tech or security reporter recommending WhatsApp over Signal these days.

The more material factor, though, is what happens next. Facebook is caught between a rock and a hard place with WhatsApp. Tempted to introduce new monetization and advertising options, it knows that a user backlash will follow any overstep. And the likes of Signal and Telegram are watching and waiting. Signal is fast approaching the critical mass required to be a viable alternative for any WhatsApp exodus.

On the desktop calling specifics, Signal has started with person-to-person calls, but group calling is clearly in the works. And while this is all part of its campaign to take on WhatsApp and Telegram for the secure messaging space, it also seems to have bigger video conferencing targets in mind. “We think that calls need to zoom out of the past and into the future,” it says in its blog post.

Working from home and enforced distancing has exponentially increased our use of video calling. Zoom, Teams and Google Meet, as well as Facebook’s new Rooms reflect this. And underpinning this new way of working is a new level of convergence between messaging and calls and an increasing need to operate seamlessly from smartphones to tablets to desktops or laptops. We are inevitably less mobile, we want to access these apps from a laptop or tablet we may be using, and not be switching to our smartphones while at home.

While the headline threat to WhatsApp likely comes from Apple’s continuing evolution of iMessage, which already offers seamless cross-platform access, and Google’s RCS rollout as an update to Android Messages, both have serious issues. That’s because both integrate with the pitifully unsecure SMS architecture. Apple’s end-to-end encryption only works while messaging users on its own ecosystem, and Google has not yet added any form of end-to-end encryption to its RCS deployment—another feature reportedly in the works.

Signal now offers multiple device access, desktop calling, fully encrypted message history transfers to new devices, disappearing messages—another feature WhatsApp still has in the works. Furthermore, it is more secure than WhatsApp—its encryption deployment is openly viewable, it doesn’t collect any metadata, it isn’t owned by Facebook nor is it about to be integrated into a gargantuan marketing-meets-messaging machine. The integration of Facebook’s various platforms—Messenger, Instagram, eventually WhatsApp, is bad news for users.

WhatsApp remains the mainstream messenger of choice for most users. You’ll find all your contacts most likely already there, it’s easy to use and reliable, its security is good enough for 99% of its userbase, it offers a backup option (security caveats apart) for those that might lose their phones and need to restore their history.

But this is an equation that’s changing. Signal is extremely compelling, and its user experience now beats WhatsApp in many ways, from simple emoji replies to seamless multiple device access. And on the security front, there’s no contest. Facebook’s collection of WhatsApp metadata—who you message and how often is a grey area. Conversely, Signal’s lack of any data collection is black and white.

It’s all starting to stack up toward a shift away from WhatsApp.

Unsurprisingly, while Signal user numbers are measured in tens not hundreds of millions or even billions, it is now soaring.

Source: www.forbes.com

Share on facebook
Share on twitter
Share on linkedin
Categories
Trends Uncategorized

Skype is still around — it’s just been upstaged by Microsoft Teams

Skype is still around — it’s just been upstaged by Microsoft Teams

When Microsoft-owned LinkedIn said last month that it would add a video-calling feature to direct messages, it said it would start allowing users to kick off calls through Microsoft Teams, Zoom and Verizon-owned Blue Jeans.

Skype, Microsoft’s third-biggest acquisition after LinkedIn and Nokia, was left out.

 

The effort stemmed from a project engineers developed for a Covid-response hackathon LinkedIn held earlier this year. LinkedIn employees use Blue Jeans internally, and they also chose to incorporate “the other most popular services, Zoom and, in our own backyard, Teams,” Chris Szeto, senior director of product, told CNBC. LinkedIn employees worked with the team behind Microsoft Teams to build the integration, Szeto said.

 

The absence of Skype in the implementation exemplifies the video-calling service’s diminishing presence in a year when competitors became more prominent than ever, as the coronavirus pandemic forced people to connect online. Skype is still around — it’s just been upstaged.

Skype did get a boost from the virus. In March Microsoft said that Skype had 40 million daily active users, up 70 percent from the previous month. But even at Microsoft, it’s not the star. In April the company said Teams had amassed 75 million daily active users.

More recently, Skype has lagged behind its competitors. The Skype iPhone app failed to crack the top 200 apps ranked on Apple’s App Store in August and September, according to data from app-analytics company AppAnnie, while Zoom for iPhone never left the top 20 and Google Meet was generally in the top 100.

Microsoft has brought out many Teams updates this year, including some, such as breakout rooms and support for up to 1,000 meeting participants, designed to help stave off newcomer Zoom, whose usage spikedduring the pandemic.

 

Skype has received some enhancements this year, too, but not as many as Teams. It’s now possible to raise your hand or change your virtual background during a Skype call, for instance.

Microsoft is also trying to broaden Skype usage by placing the app in some of its consumer-facing products. Soon, when you open a new tab in the Edge web browser or the online version of Outlook, there will be a button for quickly creating a Skype call. If you invite your friends to a call by sending a link, they can join without downloading or signing up for Skype. Microsoft also started testing a Skype integration in Windows 10 — you can start a call by clicking a new button in the System Tray.

But these feature updates and integrations are unlikely to help Skype grow, said Jim Gaynor, a research vice president at Directions on Microsoft, a company that advises companies on using Microsoft products.
“If Skype was going to become bigger, this year was the time for it,” Gaynor said. “What happened right now was the perfect storm,

 the perfect set of circumstances for any online communications product. If you cannot significantly grow and make your product flourish and thrive now, forget about it, you’re too late now.”

The good old days

Skype is an old brand by tech standards. The company was founded in 2003 — a year before Facebook — and went through several owners while amassing a devoted core of users. It also had a solid place in the tech-cultural zeitgeist as a tool for distant relatives to stay in touch.

By the fourth quarter of 2010 it had an average of 145 million monthly connected users, and Microsoft bought it from a private investor group in 2011 for $8.6 billion — its largest acquisition ever at the time. Microsoft’s then-CEO, Steve Ballmer, said that the deal could bring together hundreds of millions, or even billions, of consumers. (In a 2019 blog post a Microsoft engineer wrote that Skype had reached “four billion total users, more than 300 million monthly active users, and more than 40 million concurrent users.”)

Ballmer’s successor, Satya Nadella, has moved Microsoft away from some consumer markets. In 2014, a few months after Nadella became CEO, Microsoft drew on the Skype name when it rebranded its Lync unified-communications software to Skype for Business.

In 2014 Slack came out with its team-communications software. Microsoft responded by introducing Teams in 2016. Then, in 2017, Microsoft declared that Teams, not Skype for Business, would be its main work communications program in its Office 365 productivity app bundle. Last year the company started putting new Office 365 customers on Teams. Some organizations still use Skype for Business, though, Gaynor said.

While Microsoft was busy deemphasizing Skype, other communication apps for consumers, such as Apple’s FaceTime and iMessage,Facebook’s Messenger and WhatsApp and Tencent’s WeChat, were rising in popularity.

Microsoft seems to be telegraphing Skype’s eventual demise. This year Microsoft made it possible for Skype users to call Teams users, and vice-versa. At the Ignite conference for IT professionals last week, more than 100 sessions touched on Teams, while there was just one talking about Skype — and it was about moving to Teams.

Microsoft says Skype is still important, even as it expands Teams for consumer use. For instance, soon it will be possible to keep a shopping list or share your location with friends or family members in Teams.

“Skype will remain a great option for people who love it and want to connect with chat and video calling capabilities,” a Microsoft spokesperson told CNBC in an email.

But perhaps the best measure of how far Skype has fallen comes from popular culture. Last month, “The Late Late Show with James Corden” took a swipe at Skype. He and other actors playing Skype employees think up ways to overtake Zoom — the head of marketing, after arriving late, says, “Sorry, I had the wrong Zoom room.” The workers decide to establish a raffle. Every time someone signs up for Skype, they’re given a shot at winning a vacation on a cruise ship.

Source:www.cnbc.com

Categories
Trends Uncategorized

10 UX/UI challenges for the uninspired (and the unemployed)

10 UX/UI challenges for the uninspired (and the unemployed)

As a recent design bootcamp program graduate, I knew looking for a great design job would be a challenge. I anticipated that after I finished school, I wouldn’t be working my dream role immediately. I’d be happy having a job at a good company with teammates that were decent enough.

What I didn’t anticipate was being 3 months out of school without any job at all. To preserve my ego I will blame COVID entirely. But really, what company would want to take a chance on a brand new designer in a time where taking a chance on anything seems especially risky? In my recent experience, even finding freelance or volunteer design work is a major challenge.

So here I am, a UX/UI Designer with no job but a desperate desire to prove myself and gain experience. I know based on my cohort of fellow bootcamp graduates that I am far from the only one in this position. But if we are struggling to find freelance or volunteer design work and companies aren’t jumping at the chance to hire a brand new designer, what can we do to keep learning and maintaining our skills?

I don’t know about you, but my pre-quarantine brain and mid-quarantine brain differ drastically in motivation. Yes, I want to do more design work. And yes, I have a list of side projects I’d love to start on. But to be honest, I’ve had about enough time alone with my own brain. I want to be inspired by ideas and problems I’ve never considered, from people with completely different perspectives.

Luckily there are a ton of brilliant (and free) design challenges available online, and I have them to credit for pulling me out of the uninspired and directionless slump that is my quarantine brain. Here are 10 of my personal favorites.

Daily UI

Daily UI sends you an email a day that contains the challenge for that day — anything like designing a payment page or a digital boarding pass. While it is probably better to show your design process than a stand-alone screen, I like completing these to see what kind of creative spin I can put on a concept that is pretty well established already.

Dribbble Weekly Warmup

30 Day UX Challenge

Put together by the team of 3 brilliant women of UX Boot Camp, this is a month-long comprehensive challenge that keeps you engaged and knowledgeable about the UX design process. It brushes you up on topics like UX strategy, the importance of persona creation, wireframing, and overall best practices. While the purely visual challenges are a lot of fun, I got a lot of value from seeing how they outlined their process and comparing it to my own.

WTF Should I Letter

Daily Logo Challenge

The Daily Logo Challenge is another subscription service that will send you a logo prompt each day. If you’re really aiming to hone your branding and visual design skills, I recommend trying your hand at some logos through this challenge.

Sharpen.design

Sharpen.design isn’t exactly a challenge in the way most of these other options are, but it’s a great way to find some inspiration if you’re wanting to work on some UI skills but don’t know where to even start. For me, coming up with an initial concept or problem is the main place I get stuck. Sharpen helps me get the creative juices flowing.

Uplabs Challenges

Okay so full disclaimer: I haven’t actually completed one of these challenges yet, but I really want to! They put out regular challenges where you can do things like a LinkedIn redesign or building out what the ideal team management dashboard would look like. You can submit your challenge entry, have your submission voted on, and compete to have your design featured in the UpLabs newsletter for over 1 million design professionals to see.

100 Days of Product Design

This is a newer challenge, but I love the idea behind it. Each lesson builds on top of the last, so you learn as you go through the 100 days. So far it seems to highlight more UX principles than UI, but I’m excited to see where it leads since the author is only on Day 34.

Sketching for UX

I’m including Sketching for UX because of the free newsletter this source puts out, which includes a 5–10 minute sketching challenge. I always judge my own sketches pretty harshly, so I was excited to try something to make my sketches a little cleaner, clearer, and more universally understood without always having to accompany them with words.

UX Challenge

The last challenge I want to include is UX Challenge. This doesn’t send you any emails or reminders since you don’t have to subscribe to get these, which is a positive for me. It supplies you with awesome real-world problems for you to solve with your design. This challenge was so fun because each case study can drag you through all steps of the design process and can lead you to create a completely new site or app.

I hope you find these challenges to be as inspiring, thought-provoking, boredom-reducing, and educational as I did. Happy designing!

Source: www.uxdesign.cc

Categories
Trends Uncategorized

Designer makes £77,000 from iPhone icons in a week

Designer makes £77,000 from iPhone icons in a week

A designer has earned more than $100,000 (£77,000) in less than a week, after posting a tweet showcasing his collection of iPhone app icons.

The creator, known online as Traf, says he produced “the right content, at the right time” and was boosted by tech-reviewing YouTube star Marques Brownlee.

Traf had noticed a trend of people sharing screenshots of their newly customised iPhone homescreens, with colour-coordinated icons and widgets.

While this was nothing unusual for users of Android smartphones, Apple had never officially let its users customise their iPhones in this way.

But after the launch of iOS 14 in September, users discovered a work-around that let them completely redesign their homescreens, changing app icons to whatever they liked.

It inspired Traf to share a screenshot of his own minimalistic monochrome design on Twitter.

It was an instant hit, with users describing it as “clean”, “slick” and a “dream aesthetic”. For many, it was a first taste of smartphone customisation.

“Right away, people started asking about the icons in the screenshot. So I quickly packaged them,” he said in his blog.

Since there was “no notion of what an iOS icon set should be priced at”, he decided to charge $28 (£22) for the set.

Many people replied that the icons were too expensive, but plenty of people were not deterred.

 

Sales soared after YouTube star Marques Brownlee, who has more than 12 million subscribers to his technology review channel, showcased the icons.

Traf has now made more than $140,000 selling his icons to more than 5,000 customers.

The designer, who is currently based in San Francisco, called it an “unimaginable result”.

But he said those hoping to emulate his success should not simply try to exploit online trends.

“If I had done this exclusively for the goal of making money, I’m convinced it wouldn’t have worked nearly as well as it did,” he explained.

“Keep working at the things you enjoy, share them with the world, and let the internet do the rest.”

Speaking to the BBC, Mr Brownlee congratulated Traf for “capitalising on something new and making something great”.

Source: sitename

Categories
Trends Uncategorized

The Apple Watch heart monitor sends too many people to the doctor

The Apple Watch heart monitor sends too many people to the doctor

The heart monitoring feature on the Apple Watch may lead to unnecessary health care visits, according to a new study published this week. Only around 10 percent of people who saw a doctor at the Mayo Clinic after noticing an abnormal pulse reading on their watch were eventually diagnosed with a cardiac condition.

The finding shows that at-home health monitoring devices can lead to over-utilization of the health care system, said study author Heather Heaton, an assistant professor of emergency medicine at the Mayo Clinic College of Medicine, in an email to The Verge. That may be expensive for patients and for the system as a whole, and it may take up doctor and patient time unnecessarily.

Heaton and the study team scanned patient health records at every Mayo Clinic site, including offices in Arizona, Florida, Wisconsin, and Iowa, for mentions of the term “Apple Watch” over a six-month period from December 2018 to April 2019. The window came just after Apple introduced a feature to detect abnormal heart rhythms and after publication of a study tracking how well the watches could detect atrial fibrillation.

They found records of 264 patients who said their Apple Watches flagged a concerning heart rhythm. Of that group, 41 explicitly mentioned getting an alert from their watch (others may have had an alert, but it wasn’t mentioned specifically in their health record). Half of the patients already had a cardiac diagnosis, including 58 who’d been previously diagnosed with atrial fibrillation. About two-thirds had symptoms, including lightheadedness or chest pain.Only 30 patients in the study got a cardiac diagnosis after their doctors visit. Most of the concerning heart monitor data, then, were probably false positives, the study concluded. False positives, even though the patient ends up being healthy, can still cause problems: they can push patients to get unnecessary health care and cause stress and anxiety. Even people who don’t have symptoms, like some people in this study, may still feel the need to talk to a doctor about an abnormal flag on a device like an Apple Watch.

“It is hard for a user to ignore an alert that they could have a serious medical condition,” said Kirk Wyatt, an assistant professor of pediatrics at Mayo Clinic and author on the study, in an email to The Verge.

Some of these trends aren’t new. For years, doctors have watched patients come into their offices after researching medical conditions online, Heaton said. Smartwatches, though, passively monitor people who aren’t necessarily looking for a diagnosis. And Apple isn’t the only company flagging users with what its products pick up as abnormal heart rhythms: Samsung’s Galaxy Watch 3 has an EKG feature, as does Fitbit’s Sense smartwatch. While the percentage of people who get an abnormal heart reading on one of these devices could be low (a study of the Apple Watch found that less than 1 percent of users had an alert), millions of people use these products — so there could still be thousands of additional people going to the doctor based on them.

These types of products “blur the line between rigorously-studied medical devices and wellness tools,” Wyatt said. People may not understand how well they actually work and what they should actually be used for. People who already have an atrial fibrillation diagnosis, for example, aren’t supposed to use the Apple Watch feature — but over 20 percent of the people in the Mayo Clinic study did have that diagnosis already. The feature also isn’t supposed to be used by anyone under 22 years old, but nearly two dozen people with records in the study were below that cutoff.

Smartwatches might be useful ways for people to monitor their health on their own, at home, but it’s still not clear what their utility could be. Most of the research done on the Apple Watch, for example, focuses on how well it can detect atrial fibrillation, but it doesn’t track how well it can actually be used as a screening tool in the context of the health care system. Without that information, doctors like Heaton worry that the devices could cause unnecessary confusion and stress for patients. “Understanding context and the nuances of illness is important and at this point cannot be fully understood purely by a wearable medical device,” she said.

Source:www.theverge.com

Categories
Trends Uncategorized

With API attacks rising, Cloud flare launches a free API security tool

With API attacks rising, Cloudflare launches a free API security tool

After attacks against API servers have constantly risen over the past few years, Cloudflare has launched today a new security tool to secure these systems against automated exploitation attempts.

Named the Cloudflare API Shield, this new service will be available for free for all Cloudflare account holders, regardless of pricing plan.

APIs, or Application Programming Interfaces, are exactly what their name says they are — interfaces between different applications. The work by receiving instructions or queries from a “client” and performing a pre-defined action.

APIs are used in a wide variety of ways. They can be embedded inside self-standing apps and allow components to talk to each other, or they can be web-based systems that allow remote “clients” (apps, devices, servers, users) to connect to the API server and relay queries or commands and receive data.

According to industry reports, attacks on web-based API endpoints have grown in number and volume in recent years, and are expected to rise as more companies move to the cloud, where APIs are the glue that holds most companies’ infrastructure together.

The Cloudflare API Shield was built for these systems —the web-based APIs— that are exposed online all the time and susceptible to attacks such as automated login attempts, command injections, user data enumeration, and more.
Cloudflare’s new API Shield works by using a “deny-all” security policy, which the company calls “positive security.”

Once configured for an API server, the API Shield will deny all incoming connections if they don’t provide a cryptographic certificate and key that the API owner has generated in the API Shield dashboard and installed on all approved client devices, may them be mobile apps, IoT devices, web servers, or others.

Working with encryption and certificates sounds complicated, but Cloudflare says this is why it created API Shield in the first place, as a place to automate all these operations as part of a web dashboard.

“We’ll initially support [API] JSON traffic and, based on customer feedback, we will consider extending schema protection to binary protocols, such as gRPC,” Cloudflare said in a press release today.

“Once we are sure that requests reaching customer’s origin comply with the designed schema, we will start including additional security functionalities.”

Planned features include rate limiting, DDoS protection, web application rules specifically designed for APIs, and API analytics.

Source:www.zdnet.com

Categories
Trends Uncategorized

Remove these Chrome extensions right now – they could be stealing your data

Remove these Chrome extensions right now - they could be stealing your data

acebook sues developers of two Chrome extensions that stole user data

Google Chrome users have been urged to check their security protection after more malicious extensions were discovered to have been stealing user data.

Two extensions in particular, UpVoice and Ads Feed Chrome, have been flagged as particular risks, with the companies behind both tools now being sued by Facebook.

The social media giant has filed a lawsuit against the makers of both extensions after discovering that user data was being taken without permission from both Facebook and Instagram.

  • Here’s the best business VPN offerings around today
  • We’ve built a list of the best security keys on the market
  • Check out our list of the best password recovery services right now

Chrome extensions

Facebook’s lawsuit against Israeli-based company BrandTotal Ltd, and Unimania Inc., which is incorporated in Delaware, notes that the two extensions were available to download from the official Chrome Web Store since September and November 2019 respectively.

In that time, the extensions have seen over 5,000 and 10,000 installs each, meaning thousands of users could be at risk.

“BrandTotal enticed users to install the UpVoice extension from the Google Chrome Store by offering payments in exchange for installs, in the form of online gift cards, and claiming that the users who installed the extension became ‘panelists . . . [who] impact the marketing decisions and brand strategies of multi-billion dollars (sic) corporations’,” court documents filed by Facebook stated.

 

“Similarly, Unimania promoted its Ads Feed extension on the Google Chrome Store by claiming that the users became ‘a panel member of an elite community group that impacts the advertising decisions of multi-billion dollar corporations!’,” Facebook added.

The lawsuit claims that the UpVoice extension scraped data from user profiles at Facebook, Instagram, Amazon, Twitter, LinkedIn, Pinterest, and YouTube, with Ads Feed collecting data from users accessing their Facebook, Instagram, Amazon, Twitter, and YouTube profiles.

 

User names, user ID, gender, date of birth, relationship status, and location information was among the data scraped by the two services, along with advertising preferences and other metrics that showed how users interacted with online ads.

Facebook says it has tried to lobby Google to remove the two extensions from the Chrome Web Store multiple times, but the tools still remain available. It advises users that have downloaded either extension to remove it immediately.

Source: www.techradar.com

Categories
Trends Uncategorized

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the user’s device and broadcasting it on public GitHub pages. The findings were spotted by Sonatype’s automated malware detection systems and further investigated by the company’s Security Research team which includes me. The packages previously present on the open source npm registry included:

  1. electorn (intentional misspelling of a legitimate package “electron”)
  2. loadyaml
  3. loadyml
  4. lodashs (intentional misspelling of a legitimate package “lodash”)

All four packages were published by the same user “simplelive12” and have now been removed, with the first two having been taken down by npm as of October 1, 2020. The previous two packages were unpublished by the author themselves. Once installed, electorn ran a script in the background every hour which collected the logged-in user’s IP, geolocation data, username, path to home directory, and CPU model information.

The malicious code within electorn and 3 other identical packages which exfiltrated user information

This information, part of which constitutes the device “fingerprint” was uploaded and published on GitHub in real-time. Some of the information being published is base64-encoded but this can be trivially decoded by anyone who has access to it: Sonatype’s Security Research team has accounted for these malicious packages into their products, and had notified both npm and GitHub teams of the malicious activity stemming from the components.

This led to the takedown of these malicious packages. To this date, all 4 packages have scored a little over 400 total downloads. It is not exactly clear what was the purpose of collecting this data and why was it being published on the web for the world to see, however, incidents like these highlight the potential of typosquatting attacks on the open-source ecosystem.

We can only imagine what the next possible version of these packages could have been capable of – possibly carrying out even more sinister activities. By tricking an unsuspecting developer into mistakenly installing a misspelled package, attackers can push their malicious code “downstream” into any other open-source projects that use the misspelled malicious component as a transitive dependency. Adopting DevSecOps best practices and building security early on into your software development lifecycle can prevent “counterfeit components” such as electorn and loadyaml from entering, and thriving in your software supply chains.

Source: www.securityreport.com

Categories
Trends Uncategorized

How I Switched from Windows 10 to Linux Mint

How I Switched from Windows 10 to Linux Mint

This article is all about my journey on switching from Windows 10 to Linux Mint 20, how I got easily adapted to the Linux environment, and some resources that helped me to set up a perfect Desktop environment.

Uncertainty

Ok, now I have decided to switch to Linux but here comes the first question. Which distro will satisfy my needs both in terms of GUI and other aspects? Linux is not something new to me since I have been working with RHEL based distros in my work for the past 4 years with the command-line. I know RHEL based distros are good for enterprises but not for personalized desktop environments, at least that’s what I am thinking till now. So I started my research to find the distro that should be easy for me to use and at the same time should have good community support if in case I ran into some problem. Among many Linux distros, I drilled down my list to 4 flavors.

  • Ubuntu
  • Linux Mint
  • Manjaro
  • Arch Linux
 

Before deciding the Distro it is necessary you formulate the list of tools/programs or packages needed and check if the distro you choose provides all those features. For me, I use Linux for two main purposes: one is for my professional development work, writing articles, and second for my personal use like Video editing and Movies. Most of the popular software are created to be compatible with Windows, macOS, and Linux like Sublime TextVSCodeVLC Media PlayerFirefox/Chromium browser. Other than these software, cloud-based services make our life easy Like Microsoft Office 365 or G Suite.  

 

  Considering all these I decided to go HYBRID. All my tools or software are cross-compatible or cloud-based so in any case, if I have to switch back to windows or Mac os I can use the same set of tools.

Reason to Choose Linux Mint Over Other Linux Distros?

Well, this is purely a personal choice. Based upon the comparison between different distros like Ubuntu, Mint, Manjaro, and Arch Linux I chose to opt Linux MintLinux Mint is based on Ubuntu and Debian and comes with three different desktop flavors (Cinnamon, MATE, Xfce). Linux Mint is the go-to OS for people switching from Windows to Linux for the first time. Below are the articles published in this site, which will help you to install and configure Linux Mint on your machine.

  • How to Install Linux Mint 20 Alongside Windows 10 or 8 in Dual-Boot UEFI Mode
  • How to Install Linux Mint 20 “Ulyana” in Your PC

Linux Package Management

The first thing I did before installing Linux Mint was to learn how to work with package management. Since I already had some experience with yum command it is easy for me to learn from other package managers. There are many ways we can install packages starting from getting the source binary, Synaptic package manager, Snap store, or via the apt package manager.

Linux Terminal

For me, the real beauty of Linux is the terminal interface. I installed oh-my-bash to make my terminal look cool and aliased my frequently used commands to increase my productivity. I did everything via terminal starting from Monitoring the system, Disk Management, Network Management, Package Management, etc…

List of Software I Use in Linux

Here are the list of software I use for my personal and professional work.

Web Browsers
  • Firefox
  • Chromium
Multimedia Player
  • VLC Media Player
Code/Text Editors
  • Sublime Text
  • VSCode
  • Nano/Micro
Programming/Database

I use Python, Bash, Git, and MySQL databases for my day-to-day work so it is necessary for me to set up the correct tools and workflow. The advantage of setting up a programming stack in Linux is I wrote a simple bash script which is a one time work. So next time, if I have to switch to a different Linux distribution I don’t have to spend my time setting up the stack from the scratch. I use Sublime Text 3 and Vscode for my development work and use Nano for command-line editing.

  • Sublime Text Editor for Linux
  • VScode for Python Development
  • A Beginner’s Guide on How to Use Nano Text Editor in Linux
Productivity Suite

On a daily basis, we need tools like an email client, calendar, task creator, to-do list, Powerpoint, Word Processor, Spreadsheet, collaboration medium like slack, Microsoft teams, etc. There are two ways you can set up the productivity suite. Either find the right set of tools and install it in OS or use cloud-based services. I use cloud-based services (G Suite and Office 365) which satisfies my needs. But there are a bunch of tools you can explore and configure as a productivity suite. Other than the described tools, below are a set of tools that I use for system management and other purposes.

  • Stacer – System optimizer and Monitor.
  • Joplin – Note-taking and to-do application.
  • Timeshift – Backup and restore utility.
  • Virtualbox – Virtualization software.
  • MySqlWorkbench – MySQL GUI based client.
  • Shutter – Screenshot tool.
  • Snapcraft – App store for Linux.
  • Spotify – Music and Audio.
  • Deluge – BitTorrent Client.

For all the list of software I mentioned in the above sections I created a bash script that will take care of installation, configuration, and retaining the perfect environment that I created now. Let’s say if I am switching from Mint to Ubuntu then I can retain everything with a single script. That’s it for today. If you are a Windows user, try installing Linux. As a newbie, you will have some difficult time in scratching the surface, but trust me once you make your hands dirty with Linux you will never regret switching from Windows to Linux. We are excited to hear back from you about your experience with Linux.

Source: www.tecmint.com 

Categories
Trends Uncategorized

3 Advanced SAAS SEO Strategies and Best Practises

3 Advanced SAAS SEO Strategies and Best Practises

In a crowded and competitive market, SaaS companies need to go beyond the basics to stand out. These three SEO tactics will help you scale effectively. The number of SaaS companies grew from 150 in 2011 to 8,000 in 2020 – a 5,000% growth, according to Scott Brinker’s annual Martech 5000 analysis. It’s getting crowded and competitive. As a result, basic SEO tactics don’t cut it.

I compiled three of my favorite advanced SaaS SEO strategies in this article, some of which I used during my time at Atlassian myself. (Disclosure: I worked at Atlassian for years.) The number of SaaS companies grew from 150 in 2011 to 8,000 in 2020 – a 5,000% growth, according to Scott Brinker’s annual Martech 5000 analysis.

It’s getting crowded and competitive.

As a result, basic SEO tactics don’t cut it.

I compiled three of my favorite advanced SaaS SEO strategies in this article, some of which I used during my time at Atlassian myself. (Disclosure: I worked at Atlassian for years.)

𝗨𝘀𝘂𝗮𝗹 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀 𝗼𝗳 𝗦𝗮𝗮𝗦 𝗦𝗘𝗢

A lot of startups see initial traction with content marketing.

They build a couple of landing pages, get a TechCrunch article, and hit the 1M ARR (annual recurring revenue) mark.But then they lose momentum.
Conversions and traffic stagnate, the marketing team becomes overloaded, and the attention on paid channels becomes bigger.

Once a business is hooked on paid channels, it’s hard to get off.

And those that get on it too early take away their chance for organic growth.

Sometimes paid channels mask Product/Market-Fit, and the company runs into the “leaky bucket problem” – they have a hard time retaining customers.

So, the main challenge for SaaS startups is to keep the early momentum going and scale organic traffic.

But title optimization and blog articles are not enough.

They need advanced strategies.

𝗙𝗿𝗼𝗺 𝗕𝗮𝘀𝗶𝗰 𝘁𝗼 𝗔𝗱𝘃𝗮𝗻𝗰𝗲𝗱

Don’t confuse advanced SEO tactics with hacks or tricks.

The key is scalability.

Whereas basic SEO tactics may get you on Page 1 of Google for a set of keywords, advanced strategies allow you to tackle hundreds – maybe thousands – of keywords with one format.

The easiest way to push scalability is to create more pages with inventory like:

* Apps.
* Integrations.
* Marketplace format.


This strategy comes with its own technical SEO challenges and needs to fit into the bigger business strategy

However, sometimes companies don’t make their inventory public.

This is a costly mistake.

The other way is to create content in a more programmatic way than a blog – that’s when you build full hubs of content.

Lastly, scalable SEO isn’t just focused on content but also links.

To get high-quality links, tools are celebrating a resurgence.

And I’m pointing a few successful ones in the SaaS space out as well.

Some brands that are doing this really well are:

* Shopify.
* HubSpot.
* Canva.
* Zapier.
* Atlassian.

𝟭. 𝗟𝗲𝗮𝗿𝗻 𝗛𝘂𝗯𝘀

Blogs published content in time-sorted feeds long before Facebook launched theirs in 2006.

“Sorted by new” is exciting when there’s too much content to comprehend.

But not all content has to be published that way, especially when you create evergreen content.

The alternate structure resembles a library much more.

I call that a “Learn Hub”, but some call it a resource or knowledge center.

Learn Hubs systematically target keywords within a topic.

This makes it much easier to scale traffic and keep readers engaged because the content lives closer together.
Zapier, for example, built a library around the blog content.

They cover topics from “How to use Zapier” to “automation” or “CRM”.

What I find very elegant is how they integrate the product with the content.

Most articles show related Zaps in the side navigation, drives conversions (I know from my time at Atlassian), and product engagement.
Zapier’s learn hub ranks for almost 5,000 keywords in the top 10 and brings roughly 50,000 monthly sessions, according to SEMrush.
But they aren’t alone.
Hasura has a learn hub around frontend and backend tutorials that ranks for over 650 keywords in the top 10 and drives 30K monthly sessions.

Canva gets over 250,000 sessions from over 5,500 top 10 keywords and also found a smart way to integrate their product with content by linking directly to templates.

𝟮. 𝗠𝗮𝗿𝗸𝗲𝘁𝗽𝗹𝗮𝗰𝗲𝘀

In the SaaS world, you’re either a platform or you integrate with one.

Just think about Slack and how many other products you can connect with it.

For SEO, the inventory of integrations or apps serves as a scalable page format.

So do marketplaces around apps, service providers, or valuable goods like themes.

The questions that come up are:

What content to display on these pages.
How to interlink them.
How to integrate this system into the rest of the site.
Wix, for example, is a SaaS solution for freelancers but also offers a marketplace that connects site owners with freelancers in website design, marketing, or web development.
Zapier offers a large space for integrations under/apps, ranks for over 5,000 keywords in the top 10, and drives over 65,000 monthly sessions.

Shopify has a subdomain for apps that ranks for over 3,500 keywords in the top 10 and drives more than 140,000 monthly sessions.

Atlassian has a marketplace that drivers over 28,000 monthly sessions with more than 1,000 keywords in the top 10 that connects product users with applications for Jira, Confluence, BitBucket, and other solutions.

𝟯. 𝗧𝗼𝗼𝗹𝘀

Even though many SaaS companies build powerful brands that attract lots of organic links, SEO professionals in the space can’t rest on their laurels.

I’m not talking about buying links or PBNs and not even about guest posts, but linkable assets.

Besides annual reports and other data-driven content formats that are very powerful, tools still do the trick.

Surprise!

Tools have driven great links for ages.

But now that SaaS products and web experience borders blur, tools have gain new popularity because they serve as a gateway drug to the main product.

Gusto has a full library of different tools that drive over 2,000 backlinks and over 90,000 monthly sessions, according to Ahrefs.

One that I found very interesting is an hourly pay calculator for all 50 states.

Other tools include new employee checklists, salary comparisons, or tax calculators.

All of these provide substantial value for Gusto leads, and they fit in the space.

Splunk created a value calculator – an idea I could see work for many businesses – that collected 1,500 backlinks over time.

Their data maturity calculator drew even 5,800 backlinks – a testament to the returns from creative calculators.
Shopify built a library of tools for merchants, and again, it’s about value first and links second.

From slogan maker to business card maker or invoice generator, Shopify has a tool for it and attracted a massive 39,500 links and over 200,000 monthly sessions.

𝗗𝗲𝘃𝗲𝗹𝗼𝗽𝗶𝗻𝗴 𝗦𝗰𝗮𝗹𝗮𝗯𝗹𝗲 𝗦𝗘𝗢 𝗦𝘁𝗿𝗮𝘁𝗲𝗴𝗶𝗲𝘀

The way to break through the traffic and conversion plateau is through scalable SEO strategies.

At the traffic inflection point, the site progresses from a marketing tool to a destination where users find answers to problems, tools, and exciting content.

At Atlassian, we made many choices with the user in mind first and SEO second (or third after the product).

Many ideas were born out of usefulness for customers and readers, and then we used SEO data like search volume to support it.

So, there are two takeaways from this article.

* Seek scale, not just in your product but in your marketing as well. SEO is well-suited for scale if you know how to do it.
* Start from a user-perspective when finding scalable SEO tactics. Often, users point the way in interviews, surveys, or tests.

Asking for alternatives to your product that don’t involve direct competitors can show the way to topics that your customers care about, yielding lots of opportunities to create content around.

Source: www.sitename.com