Author: Mandakinee

Ruby On Rails Releases Fixes For DoS, XSS Vulnerabilities

Posted on by Mandakinee

In 18th March, Ruby on Rails released four new versions along with fixes for a number of vulnerabilities, which could have lead to denial of service attacks and XSS injections. According to a post in company’s blog a total of 4 vulnerabilities were addressed in version 3.2.13, 3.1.12 and 2.3.18 of Rails. The company wrote “All versions are impacted by one or more of these security issues,”

The patches were released for symbol denial service (DoS) vulnerability (CVE-2013-1854) in ActiveRecord function and for two cross-sites scripting vulnerabilities i.e. sanitize helper (CVE-2013-1857) and sanitize_css method in Action Pack (CVE-2013-1855).

According to one of the warnings, an additional XML parsing vulnerability in JDOM backend of ActiveSupport could have also allowed attackers to perform denial of service attack when using JRuby (CVE-2013-1856) or could have enabled to gain access to files stored in the app server.

The XSS vulnerability could have allowed attackers to embed tag URL, which executes arbitrary JavaScript code.

The XSS vulnerabilities in particular could have allowed an attacker to embed a tag containing a URL that executes arbitrary JavaScript code.

Ruby on rails developer have fixed a number of similar issues in Ruby on Rails last month, which also included a YAML issue in ActiveRecord that lead to remote code execution

Apple Promises To Fix The Security Exploit That Lets People Gain Access

Posted on by Mandakinee

In our previous post we had outlined some of the latest features of iOS 6.1 update, mentioning it to be a fix for its old mistakes. But it turns out that, it does have some security flaws which let the users bypass the locked iPhone devices.

Never miss an update from us. Join 10,000+ marketers and leaders.

This exploit was first spotted by a French user who later uploaded a video to YouTube, by demonstrating the procedure to unlock a pass-code protected iOS device.  Seeing this Apple has promised to release a fast fix to this security issue. In a statement, the company said “Apple takes user security very seriously, we are aware of this issue, and will deliver a fix in a future software update.”  But the company has neither offered a specific timeline for its next update nor any quick fix to the handle issue.

The video depicts a sequence of steps in which the French guy easily hacks the “locked” iPhone, that was running iOS 6.1. The process involved is somewhat weird, such as ending an emergency call, consecutive pressing of home button and etc. Below I have provided the exact steps as posted by the users, to unlock the iPhone.

First Part:

  • Go to emergency call, push down the power button and tap cancel.
  • Dial 112 and tap green and immediately red.
  • Go to lock screen.

Second Part:

  • Go to passcode screen.
  • Keep pushing down the power button …1…2…3…seconds and before showing the slider “turn off”…tap the emergency call button and …voilá!
  • Then without releasing the power button press the home button and ready…

The procedure allows the users to access contacts, photos and to make calls. But it doesn’t offer access to its home screen or any iOS apps that exists on the home screen. The iPhone lock screen hack seems to work on iPhone 4S, iPhone 4 too, if they are running iOS 6.1.

Top 7 Expert Tips And Tricks For IOS 6

Posted on by Mandakinee

iOS 6 is the latest Apple OS that runs on every Apple devices. Its features like friendly user interfaces and the convenience of apps, makes it a smarter operating system.  Perhaps you are an iOS guru. Or maybe a newbie to the operating system, but here we present some tweaks in iOS that you probably never knew. We also hope you love them and enjoy the benefit of this post.

  • Your iPhone Can Read To You:

You can enable the speak option for facilitating the iOS device to read aloud a selected text. You can enable it from the Accessibility option.

Never miss an update from us. Join 10,000+ marketers and leaders.

  • Enable Emoji Keyboard:

Add iconographic symbols in e-mails, messages, tweets and other postings. This feature is shipped with every iOS 6 devise and doesn’t require buying a third-party iPhone application. To get this feature select General, International then Keyboards tab from the settings option.

  • Ask Siri To Find Location By Using The ‘In Transit’ Cue:

You can ask Siri to find you an address by adding some extra word like ‘transit’ in the end of the command. For example “give me the direction to Kennedy International Airport via transit”. iOS will open up the maps apps and display the route.

  • Edit Siri Commands:

Sometimes Siri doesn’t understand your words and might interpret into something else. But you can fix this issue after Siri responds that she doesn’t understand what you’re talking about. Tap the speech bubble where Siri keeps a record of what she interpreted, there find your command, edit it and resubmit the request.

  • Limit The Ad Tracking:

Most users find it annoying to get constant Advertising pop-ups. But iOS allows you limit these accesses as well. Under the General option tap About and then Advertising to Limit the Ad tracking.

  • Take Photos While Shooting Video:

iPhone 5 and iOS 6 allows the users to snap photos and shoot video simultaneously. It appears on the screen in addition to the shutter button.

  • Customize Auto Replies For Rejected Calls:

you can tailor specific messages, explaining the situation why you didn’t answer your calls. By default you will get 3 pre-reserved options. However you can customize these pre-preserved messages too.

I’ve worked with the team at Andolasoft on multiple websites. They are professional, responsive, & easy to work with. I’ve had great experiences & would recommend their services to anyone.

Ruthie Miller, Sr. Mktg. Specialist

Salesforce, Houston, Texas

LEARN MORE

At Andolasoft, our iPhone application developers keep their skills updated with the latest technology and iOS releases to match this competitive market. Here we develop engaging iPhone application to meet our customer’s business requirements.

What Is The Key Points For Successful iOS Development?

Posted on by Mandakinee

After the introduction of iOS platform and the application development possibilities, it has paved new business opportunities for the IT industries as well as individual developers.

With the rapidly growing app industry it has become demanding to keep track of changing technology.

Here we have come up with some major key points which should be kept in mind by the developer at the time of iOS application development.

Never miss an update from us. Join 10,000+ marketers and leaders.

    1. Drive revenue for your business by integrating  ‘Geo-Targeted push Notification’, ‘Geo-Targeted Advertising’
    2. Integrate NFC (near field communication) system to your application.
    3. Use App analytics to monitor the app’s influence on the market. Target your audience and bring market specific features to you app.
    4. Avoid these flaws in your mobile app development
    5. Irrelevant push notification in the app
    6. Sending unnecessary “Rate my app” request to users
    7. Integrating Facebook and other social networking sites unnecessarily
    8. Avoid using full screen ads. Users hate this.
    9. Try to prefer building Native Apps for iPhones to web apps, because some web technologies are still not compatible with the iOS platform.
    10. Design intriguing UI to compel the user to use your app. Take inspiration from other successful Mobile application to generate similar experience for the users.
    11. iOS development supports numerous programming languages other than Objective-C, such as Ruby, JavaScript, Node.js etc. Choose the language you are comfortable with.
    12. Design your app so that it uses minimal battery power. Users are more concerned about the phone battery rather than the app itself.
    13. Develop cross-platform apps, so that it can be released for other mobile operating systems.
    14. Never build iPhone app that mimics the look and feel of other operating system.
    15. Never overdo the application animations and graphics.

I’ve worked with the team at Andolasoft on multiple websites. They are professional, responsive, & easy to work with. I’ve had great experiences & would recommend their services to anyone.

Ruthie Miller, Sr. Mktg. Specialist

Salesforce, Houston, Texas

LEARN MORE

iOS applications are the fastest evolving apps in the app industry.

That’s why at Andolasoft, our iPhone application developers keep their skills updated with the latest technology and latest iOS releases to match the competitive market.

Here we develop engaging iPhone application to meet our customer’s business requirements.

Awesome Project collaboration Tool to Manage Your Project and Team

Posted on by Mandakinee

When project development is in progress, practically each of the members may not meet face to face at a single workplace, neither the communication/documentation be available at the same location.

In order to overcome these hurdles, Andolasoft designed and developed a unique project collaboration tool called ‘Orangescrum’ with lots of facility and flexibility.

It is developed using CakePHP with very simple yet intuitive interfaces with easy-to-use functionalities which distinct it from other similar tools. It efficiently handles projects by maintaining effective communication among the project members with some brilliant features as discussed below

Orangescrum allows you to share files while assigning tasks to the developers for your projects. It is taken care of that the popular format (.doc, .docx, .xls, .html etc) are supported. This is extremely helpful for relating tasks with additional information in the form of documents.

  • Create and track all the task of a milestone from a single page. Milestones can be set as per the project deadline so that the stakeholders are alerted. Also tasks can be streamlined for each milestone and assigned them to concerned project members.
  • It uses a ticketing workflow to create a new task while addressing the issue. These tasks can then be assigned to specific team members in different phases. It facilitates to manage through various phases such as ‘NEW’, ‘WIP’, ‘START’ and ‘CLOSE’
  • It can also be used as a bug tracker or issue tracker. It includes filters and options to make issue tracking easier by assigning it to the concerned project members.
  • You can set email or mobile alerts to anyone involved in a project, which can be prioritized and targeted to concerned individuals. It also facilitates the receiver to reply directly from the web mail which is automatically updated in Orangescrum.
  • It includes the ‘Archive’ facility for safe storage of files and tasks. This feature helps to keep the files and task safe. These contents can later be retrieved at any time, unless it is removed permanently.

To know more about Orangescrum, please visit:  www.orangescrum.com

Why CakePHP is Popular? And The Role Of CakePHP Developer

Posted on by Mandakinee

CakePHP is an open source PHP based rapid development framework. It offers great run-time infrastructure along with abundant set of libraries for CakePHP developers. Cake PHP development is supported by the MVC (Model View and Controller) architecture which differentiates the programming logic from the data presentation layer.

It also features other programming concepts like Front Controller, Association Data Mapping and Active Record. Along with these, there are numerous other features that make CakePHP one of the most preferred web development frameworks among others.

Let’s take a look at some features here

Wide Community:

CakePHP developers are supported by huge peers who make use of this framework. There are many contributors and programmers who share the community. For this reason, using the framework is simpler for development as well as for research.

Never miss an update from us. Join 10,000+ marketers and leaders.

Reusability:

It facilitates the developers in saving a lot of efforts through PHP development. Because the programmer make use of a pre-written code for more than one project. In other words, they can focus on the logical and creative part of application whereas the tedious task of coding could be handled with ease.

Open Source:

The framework is open source, for which the CakePHP developers do not have to spend any amount in the process of development and have complete access to its source code. It also assists the developers in adding robustness and improves performance in web applications.

Some of the roles of CakePHP developers include

    • Manage development efforts and framework efficiently
    • Support product releases
    • Ability to handle lot of projects in less time
    • Overall review of the quality & progress of the work
    • Support stable user growth

Conclusion

Here at Andolasoft we provide our customers with a unique and up-to-date approach towards their Web-app development. We design and develop intriguing web applications using PHP/CakePHP. We follow agile development approach to deliver project on time and within budget to our customer