Many people have now become bloggers on the Internet, with a great deal more now personally managing the development side of their blog.  One thing that most blog devs like to get, to give it it’s own individual uniqueness is…… a theme.  Themes are great, and can transform a website, but beware – do you really know where your theme came from?

For WordPress users, searching Google for “Free wordpress themes” might seem like a great idea.  However increasingly this is becoming one of the most dangerous things you can do.

There is a lot of trust placed in a theme developer when you download and install their theme.  The reason for this is that, especially if you are not an experienced programmer, they could place any code they wanted to in there – even malicious code, and you might be non the wiser.

What harm can that do?  Well potentially lots!  If you’re running a reputable blog for your company then hidden likes to “Busty Babes 3″ and “Winky Mania III” might not go down great with your bosses and could seriously damage the reputation of your business as it is linked to such, lets say, questionable websites.

But, surely I’d see those links?  Well you may do, but you most likely won’t.  Most people who want to place secret code in a theme are pretty good at it by now.  So links will be changed to the same colour as your background or even placed entirely off screen.  So what’s the problem then?  If people can’t see them how could that possibly affect your website?  Well, the reason is that you may not see it, you may even (luckily) get away without your visitors, customers or potential investors seeing it.  But there’s one thing on the Internet that will most definitely see it, without a shadow of a doubt.  That is Google (and every other search engine!).  Google will start to link you to the other websites due to the links you have back to them.  And it may be difficult to explain to your boss why the manufacturing business website you are running for him suddenly ranks 3rd place in Google for “Busty Babes” and “Girls Go Wild”.

The example above is a serious one, albeit slightly humorous.  But that is not the only thing that could potentially be included in your “fantastic” new theme.

Oh no, there’s more!  You could have real malicious code pasted in there.  For example, there could be code in there which makes it easier (i.e. leaves the proverbial front door unlocked and open) to bypass your servers security and attack it, change your content, hijack your account and the list goes on.  Of course, none of these things are good – but they are possible if malicious code is in there.

And not only that, anyone with the requisite knowhow can use the open door to mess with your website – not just the person who put the code in the theme in the first place.  Most themes like this tend to be counterfeit copies of real premium themes that genuine developers have put a lot of time and effort into creating.

But, I’m an experienced programmer, I know what I’m doing, I’ll recognise any malicious code.  Well, possibly, but quite likely not.  I mean, even the most experienced programmers won’t necessarily understand what every piece of code is and if you do, you are unlikely to have the time to vet it all before it goes live.  And in any case, most malicious developers realise that they could in theory be caught out and encrypt the offending malicious code and then decrypt it on the fly using base64() and other similar functions.  I would hazard a guess that there isn’t anyone out there, however clever or experienced, that can decode encrypted strings on the fly in their head!

In conclusion, in general, free themes for blogs (and free themes for other server software) are generally a bad idea.  There are some good ones out there that are fine to use but more often or not these are from reputable companies.

Make sure you know where you themes have come from and who has written them.  You don’t want to invest a huge amount of time in your website to have someone destroy it in a few clicks and keyboard presses.

The safest and best quality templates are of course premium templates from reputable companies!  Happy, and safe, template hunting!

Google+, the most recent big name social networking site to be launched, is continuing to frustrate developers worldwide with it’s not-so-complete Application Programming Interface (API).

An API is a set of functions and essentially a programming language (and it use that term very loosely!) that allow third party developers to develop applications and websites that interact with them.

Facebook has a similar API for it’s own service, unsurprisingly called, yep, you guessed it, Facebook API.

Now with the Facebook API you can (as long as you have sufficient permissions from the user) access profile information, friends lists wall posts, about me, work history and a great deal more information and use this to enhance the experience for Facebook users on your own website.  You can even post to their wall, update their status, share photos and videos etc.

Now the reason why the Google+ API (based on OpenSocial – a popular open source social networking platform) is frustrating developers?  Well, if you want information, such as the profile information, ‘circles’ information etc you’re fine.  But a lot of data from your Google+ site cannot currently be shared.  The major thing however is that communication with the Google+ API is pretty much all one way.  You can get information from it, but cannot send (for example update status posts, add new photos etc) back to it currently.

Now Google+ is based, and is largely composed of OpenSocial – which has all these functions in place.  But Google+ has it’s own special variant of OpenSocial and currently hasn’t released any functions to send information to Google+ or even got all the functions to retrieve all the information from Google+, if authorised.

Until Google+ does this it is unlikely to see as rapid growth in app development on it’s platform as Facebook – who has new websites and apps appearing everyday that integrate the worlds biggest social network.

No doubt it is in the plans of Google to release a fully functioning and comprehensive API but we hope this is in the near future.  Every day that it is not released they are likely to fall even further away from Facebook, who already have, without doubt, the commanding share of the social networking market.

As I’m sure many of you know, Facebook timeline has been launched over the past few months and users could voluntarily sign up to the new timeline.  But now, as Facebook moves forward, it will be soon making the Facebook Timeline universal and compulsory with current members being notified in batches that they are to be transferred over to the new timeline.

The timeline has many great features, simplified yet fairly effective privacy settings and it’s biggest asset (or downfall depending on how you feel!) is that now information which you shared on your Facebook profile many moons ago and had dropped to the bottom of the Facebook pit never to be seen again is back!  Back with a vengeance!  Now, thanks to timelines easy navigation system it is simple to browse to a specific point in time, even years ago, and see what you were doing and sharing on Facebook.  Timeline even gets involved with life pre-Facebook, for example births, marriages and other ‘life events’.

Sounds great right?  Possibly, but it could cause potential nightmares for a lot of users.  Facebook has been available in the UK for around 5 years now with many people having been members since 2006 / 2007.

Remember that photo of you tied naked to a lamppost on your 18th birthday?  Remember that photo of you stumbling out of a club at 9am in the morning several sheets to wind?  Yes, there are all times that we would like to forget and that we thought were safe at the bottom of a Facebook server never to be seen again.  Wrong!  They’re back alright – and would you want your current boss reviewing all of your teenage displays of immaturity or Facebook status wars of you abusing an old granny?  Probably not, it could mean that promotion or pay rise disappearing!!

Thankfully, there is a way to review and censor your own history to make is squeaky clean.  The only problem is that it will be very time consuming!  Even if you have only used Facebook weekly from 2006/2007 it will amaze you actually how much content that you have placed on there!  And for the Facebook addicts out there, you’re going to need to devote days and days to clean out your days of debauchery! The ‘Activity’ log shows everything that you have shared on Facebook – status updates, wall posts, comments, likes, photos, videos, app posts – you name it, if you’ve shared it, it’s on there.  Theres also a handy little button next to each post which allows you to quickly hide it from your timeline or delete it altogether.

If there are things that you definitely don’t want to be unhidden accidentally then it would be advisable to delete them!

Now would also be a good time to update all your privacy settings and ensure that nothing is public and your lowest privacy setting on posts is ‘Friends’.

After switching (or being switched) to timeline you have seven days to review the content before your timeline goes automatically viewable by the rest of the world (or if your brave, or sort out your profile before the seven days is up, you can always click ‘Publish Now’ – be warned, there is no going back from publishing your timeline!).

In conclusion, a valuable lesson can be learnt from this.  Facebook remembers EVERYTHING.  So always do choose your words carefully, try to keep private issues private and if you do make mistakes (or make posts that seem like a good idea at the time, but not a little while after) make sure you review your activity log periodically to be safe.

Now it’s your choice.  Is Facebook timeline going to be a dream or a nightmare for you?

Anonymous, the cyber activism group, continue to cause disruption to EU governments and businesses in response to the EU’s acceptance of ACTA, the Anti Counterfeiting Trade Agreement.

Greeks government servers went down, followed by Swedens and now Bulgarian pro-ACTA business Prophon becomes the latest victim in this seemingly never ending war on ACTA.

Prophons usual content was of course, “suspended” by Anonymous.  The group stated on Prophons redesigned homepage that “This domain has been seized by Anonymous under section #14 of the rules of the Internet”.

Despite, in the past week, security experts saying they could defend attacks from Anonymous with relative ease, they were only taking into account automated attacks using the groups LOIC (Low Orbit Ion Cannon) software.  Individual or co-ordinated manual attacks seem to be all but impossible for governments and businesses worldwide to prevent against given the recent flurry of attacks on numerous servers, tapping into conferences and theft and publication of personal and sensitive data.

A screenshot of the Prophons homepage, designed by Anonymous, is displayed below, showing their full message.

DPS Computing can confirm that Prophon have since restored their website to it’s original content.

The hacktivist group known as Anonymous has definitely been very busy this weekend.

There activities have included successfully attacking the Greek and Swedish governments websites and servers in response to their acceptance of ACTA.  Then there was the embarrassing hack of a conference call between the Federal Bureau of Investigation and Scotland Yard where a cyber crime case was being discussed (rather ironic, don’t you think?!).

And now, now we have Anonymous fighting racism the world over.  The group targeted several websites affiliated with the white supremacist movement and stole personal information of customers and registered users of this website.

Having done so, by what the group claims is an effort to combat racism, they released all of the personal details of these people so that they were freely accessible on the Internet.

Full details on exactly what personal details were released are not yet confirmed but it is know that the names, addresses and telephone numbers of the individuals concerned have been published on the Internet which, unsurprisingly, has made them very angry and vocal on the issue.

This comes after a similar breach a couple of years ago where an insider leaked a list of British National Party members on the Internet, complete with their personal details.  Several of the people identified on this list were later dismissed from their jobs including a teacher and a police officer.  Police Officers in the UK are forbidden to be members of the British National Party.  After this leak, many people on the lists complained of receiving unwanted visits at their homes, threats through the post and nuisance phone calls.

Criticism has however been levelled at Anonymous by people who previously broadly support their cause.  They claim that some people have been included on the lists who are not white supremacists and have simply ‘possibly used some of these websites to have a look’.  These comments are however hard to believe as for their personal information such as name, address and telephone number to be stored on a server linked to these organisations, at the very least they must have ordered something or registered with the website.

Some civil liberties groups have claimed that it is a form of vigilante justice and should be discouraged.

In addition to the latest attacks on the Swedish and Greek governments that we have reported on over the weekend, Anonymous have also continued along with their other missions.

Puckett & Faraj, a law firm representing a US marine who was formally charged with the murder of over 20 Iraqi civilians, but who ended up being charged with negligent dereliction of duty after the law firms intervention.  The marine also managed to keep his military career alive, but has had to take a pay cut and demotion.

After the news was released regarding the change in charges and the result of the case, Anonymous set their sites on the website of Puckett & Faraj and proceed to deface the site.  Along with defacing the site they also appear to have deleted most of it’s original content as well as claiming the destruction of gigabytes of personal data stored on the server, mainly e-mails.

Anonymous placed the following message on the homepage of the law firm:

“As part of our ongoing efforts to expose the corruption of the court systems and the brutality of US imperialism, we want to bring attention to USMC SSgt Frank Wuterich who along with his squad murdered dozens of unarmed civilians during the Iraqi Occupation.”

“We went ahead and fired off some shots of our own – at the servers and personal email accounts of Puckett & Faraj. We defaced their website and dumped nearly 3GB of private email messages belonging to Neal Puckett and Haytham Faraj,”.

There has been no comment yet from the US based law firm, however DPS Computing can confirm that currently the site is completely down, with a blank home page and most other content seemingly wiped from the server.

The “Reign Of Terror” that seems to be sweeping the globe continues as Sweden becomes the latest victim to Anonymous.

Although, currently, it has not been officially confirmed by Anonymous, a group linked to the cyber activism group has claimed responsibility for the attacks on Twitter.

Yesterday, we reported on the attacks on Greek government websites in response to the signing of ACTA by 22 EU member states, of which Greece was one.

Now Sweden has been targeted in a effort to make their government think again about ACTA.  The attack is said to have caused widespread disruption to a central Swedish government website which is used by all departments of the Swedish central government.

Officials would not specifically comment on the issue other than to say that “some disruption” had been caused on their servers but that they were not able to comment further as “the government doesn’t comment on security issues”.

With Anonymous stepping up their game, pressure is going to continue to mount on EU governments that have become ACTA signatories and no doubt Anonymous has numerous more attacks planned before the treaty is due to be ratified by the European Parliament in the Summer 2012.

ACTA, the Anti Counterfeiting Trade Agreement, which now has over 30 signatories could seriously harm your health according to experts.

ACTA, by it’s definition, would effectively make all generic medication illegal – due to it being classed as counterfeit. This issue was first raised all the way back in 2009 but has come to the forefront again as more signatories sign up to the controversial international agreement – which recently saw 22 of 27 EU member states sign up.

The effects of ACTA making generic medication illegal produce could well be devastating, both at home and abroad.  Developing countries rely heavily on generic medications to control pandemics, such as AIDS, in countries where the patented medicines cannot be purchased due to the massive price tag.

Closer to home, ACTA could well be one of the final nails in the coffin for the National Health Service.  The NHS relies on buying generic

medications (where the 25 year patent has expired) to reduce the costs of fulfilling prescriptions and treating patients.  The effect of ACTA could lead to an unbearable, additional, financial strain being put on the NHS as the organisation is already going through one of the toughest periods in its history.

Supporters of ACTA have stated that the agreement is not designed to target pharmaceuticals but is to target issues such as Internet piracy.  However, whether or not it is designed for one thing or the other, one fact remains clear.  ACTA will allow companies to forbid other companies of making generic forms of their medication.  As to whether this was an intention, or just a byproduct of the agreement is unknown, but either way it could be absolutely devastating to the health of people the world over.

DPS Computing opposes ACTA as the legislation is not fit for purpose.  We urge you to contact your local government representative to express your concerns over ACTA and why it should not be brought into law.

Following the recent announcement of 22 of 27 EU member states signing up to the Anti Counterfeiting Trade Agreement, the cyber hacktivist group Anonymous have turned their attention to Greece.

Yesterday morning, the Greek Ministry of Justices website was taken down a replaced with a video and a message instructing the government to “stop ACTA [Anti-Counterfeiting Trade Agreement] in Greece” within a fortnight.

This is the latest in a string of attacks by the group Anonymous targeting different nations government websites who have agreed and signed ACTA.

Anonymous are believed to have committed the attack at around 05:21 yesterday and the defaced website was not taken down for many hours after this.

Anonymous warn the Greek government that failure to comply with their demands will result in them targeting over 300 greek websites, mainly government and media websites.  They also claim that they already have the credentials to access the sites that they are targeting.

Anonymous are reported to be continuing growing in support and numbers but true figures on this cannot be accurately obtained due to the secrecy and decentralisation of the group.  However it is evident that the group has a lot of power on the Internet based on the ever increasing frequency of attacks.

All servers from private business to government owned seem to have inadequate protection to defend against these attacks.  This is despite several security experts suggesting that many of the attacks could be “easily prevented”.

Numerous Anonymous led attacks encourage supporters to download their own custom made tool – LOIC.  LOIC stands for Low Orbit Ion Cannon. Many of you will recognise the “Ion Cannon” phrase from the Westwood Studios (and later Electronic Arts) hit warfare game, Command & Conquer.  The Ion Cannon in the game series was a weapon deployed from a satellite which focused huge amounts of energy into a small area and shot it to the ground, causing mass destruction at the point of impact.

The LOIC works in a equivalent “cyber” way as it harnesses the power of thousands of computers and directs it all at a single target at the same time – producing a similar cyber destructive event.

Although the criminal acts and cyber terrorism that Anonymous has participated it are without doubt wrong (and in most places illegal), we can see how many of these recent attacks could have been prevented if such unfair and unjust legislation was not rushed through in such an undemocratic manner.

DPS Computing continues to oppose ACTA/SOPA/PIPA, not because the goals are all necessarily bad, but these pieces of legislation are not fit for purpose.  We encourage you to contact your local government representatives and urge them to put pressure on the central government to not sign / repeal these pieces of legislation.

A picture of the defaced website of the Greek Ministry of Justice is displayed below:

A while ago, Google created a little easter egg in it’s search engine.  The ‘Barrel Roll’ easter egg spins the page around if you use the search engine to search for “do a barrel roll”.

Sounds fun, right?  Wrong!  As the craze has gradually spread over the Internet, Googles “do a barrel roll” search now appears as the top result after you type “do ” in it’s autocomplete function.  The effect of this is that now when you start any search query in Google with “do ” your page starts spinning around.

The first time it might be slightly amusing and scary, by the second time it’s most definitely boring!

One concern is that it may confuse some users of the popular search engine that their browser has been hijacked or that they have been infected with malicious software.  To the users that it doesn’t confuse, it most definitely does annoy.

What do you think of Google’s ‘Barrel Roll’.  Love it or loathe it?  Let us know in the comments section.