Technically speaking: Domain Name

When we type in "www.google.com" in the browser, we see a page with a big Google logo. One thing to know, every website that we can see today, owns a specific Public IP Address. For example, "www.google.com" has 173.194.126.105. You can type exactly the same number into the URL bar in your browser, and you get the same website, and see the big Google logo again!

 

So, it is actually 173.194.126.105 = www.google.com, or other way round.

Take note that, Google has many many servers (or we can just call them computers), which are hosting the website. So, it's actually a range of IP addresses, not just one. (Each server has one IP address, just like your computer as well.)

So, how does domain work?

You may heard of DNS (Domain Name System). DNS is like the Yellow Pages, relates each domain name to the specific IP address. So, when we type in "www.google.com", the DNS will look through its "Yellow Pages", checking for the IP address of the domain you just entered. Then, the DNS will route your request to the respective IP address.

There have been several times when www.google.com.my got attacked. When you type "www.google.com.my", instead of routing to the actual google page, it loads the hacker's website.

Why does this happen? Google company server got attacked? Not really. It's actually a DNS hacking. It's not directly related to Google's own servers. But, it's DNS service provided in Malaysia, where the hacker just "alternate" the routing IP address, by routing it from the Google's IP address to the hacker's IP address.

How does hacker hacks? No idea, you ask them lo...

Understanding Domain Name - Protect Yourself from Hackers

Are you able to tell the difference between the two? If someone send you a link like the bottom one, with some 'convincing' images, would you click it?

I hope you can. And it is quite obvious. Let's understand what is domain name.

"A domain name is a unique name that identifies an internet resource such as a website." - Wikipedia.org

Let's make it simpler to understand. When we go to Facebook or Google, we type "facebook.com" or "google.com", or this blogspot in "blogspot.com". These are all domain name, which identifies the website. When you type "google.com" on the URL bar and hit enter, the next thing you will see is only the Google logo, with a search bar, and some buttons that you always see. You can't go anywhere else.

That's how domain name works, it will only bring us to one specific website. Let's see the more detail part.

We split the URL into three parts.

|www|.whatsapp|.com|

We can think of URL as a filesystem. When we go into C: drive, and navigate to "Documents/My Pictures", our address bar would show "C:/Documents/My Pictures/". Same thing for URL, but it is read in reverse way. It's read from behind, where .com is the top-level domain, and .whatsapp is the domain name that uniquely identifies the website, that is inside .com "folder". Lastly, we come to www, which is the abbreviation of World-Wide-Web. In our article, we just treat it as a "general folder" which contain all the files inside the "whatsapp".

So, what is the "whatsapp.dovelane.com" thing? Let's split it up again:

|whatsapp|.dovelane|.com|

What you see here is the domain name, instead of ".whatsapp", it is ".dovelane". See the thing here? You are not in the real whatsapp website! Unless you know who creates this "dovelane.com", don't simply go inside and click anything!

But, what's the "whatsapp" thing in the URL? As like in the filesystem, this "whatsapp" is a sub-domain, or "sub-folder" of dovelane.com. It is potentially a fraudulent website, which is trying to fool people around.

P/S: The reason I take "whatsapp" as an example in this article is due to the fraud happened. Read my post on Whatsapp Update Scam!

Please stay tune, I will talk more technical thing about domain name in future.

[Misleading] 5 million Google Accounts Got Leaked!

Img src: http://thehackernews.com/2013/11/hacking-Gmail-accounts-password-hack-vulnerability.html

There're several articles/news reporting that one Google database in Russia is compromised, which contains 5 million Google accounts and username and password being listed in a text file, and being posted on Bitcoin forum.

The news could be from:
http://time.com/3318853/google-user-logins-bitcoin/

http://www.techtimes.com/articles/15308/20140910/5-million-gmail-passwords-leaked-onto-the-web-in-another-russian-hack.htm

http://freedomhacker.net/five-million-gmail-usernames-passwords-leaked/

Fact: Your account are leaked because you are using the same password everywhere, including those weak-security website!

Please read this comment:
http://www.reddit.com/r/technology/comments/2fzrdt/5_million_gmail_usernames_and_passwords_leaked/

What actually happen is you might be using the same password for your Google Account in many website, including those with weak security. Those website are tend to be hacked, and password are retrieved from there. Hackers will try to use the same password accessing your Google Account. If it is the same, Bingo!

"Check whether your Google Account is leaked here..."- unknown website
Many times, when this kind of news is wide-spreading, many unknown websites take this chance to let you "check" your account, asking you to key in username and password.

Note: Never try any external website checker that is asking for your password.

However, you may try this one, which never asks you to provide your password:
https://isleaked.com/en

I just checked mine, no problem! How about yours?

Whatsapp Update Scam!

Just recently, another scam was found. The scam was asking you to upgrade your Whatsapp to a newer available version. Please read the pictures below.

 

What is happening was while using Facebook on the mobile, you get this pop-up message suddenly, and bringing you into a new page.

Let's be detective

 Look closely to the address bar again. We always check the Domain name. Domain name for this page is "dovelane.com", rather than the proper one "whatsapp.com". What is dovelane? If you do not know the source, do not anyhow click on the request they sent to you.

So, this is what happen when you click on something from an unknown source to you. 

Thanks for Facebook friend Leslie Chin, for sharing his personal story.

The following is the real and true official Whatsapp page that you should look into. "www.whatsapp.com".

Additional notes

You may be curious to know, if it is not from the real Whatsapp, why is there "whatsapp.dovelane.com" in the address bar?

That is what we called as sub-domain, apart from domain name itself. When we create a website, we need to register a domain name which is handled by ICANN, Registration of domain name has certain cost and charges.

However, subdomain is free. Once we have a domain name, we can have many different subdomain. For example like what you should have seen before, m.facebook.com, touch.facebook.com, and any name you can think of!

That's why, do not trust any website which its domain name is unknown!

Yup, that's simple as that:

1. Always check the domain name.
2. Never believe of what you see as the sub-domain. It can be any name.

Let's make the internet a safe place together. Happy surfing!

Facebook Hacker!

Do you know how a hacker hack your Facebook account?

It is simple: Ask your password directly from YOU.

Yes. YOU are the only ONE who can let the hacker hacks you, and YOU are also the only one who can stop them.

Here, I will just show you one of the example of how hacker actually "ask the password from you".

"我們從其他Facebook用戶收到的報告，在您的帳戶有任何可疑的活動。 您的帳戶涉及網絡釣魚或垃圾郵件, 冒充其他人, 使用捏造姓名。 您的帳戶將被停用。 如果該報告是不正確的，遵循下面的鏈接以驗證您的帳戶： https://apps.facebook.com/fb-system-security/?fb_suorce=facebook-security-system 如果3天之内您不验证您的帐户。我们很抱歉，您的帐户从系统中删除的Facebook。 很抱歉給您帶來不便。 謝謝， Facebook的安全團隊"

Sorry for the mandarin. Here's the translation:

"Your Facebook account has been reported by other users, claiming that you have carried out some suspicous activities. Your account has been used to send phishing websites and junk mails, and using fake sender name. Your account will be shut down. If the report is not true, please click the following link to verify your account: https://apps.facebook.com/fb-system-security/?fb_suorce=facebook-security-system If you never verify your account within 3 days, we are sorry, your account will be deleted from Facebook. We apologize for your inconvenience. Thank you. - Facebook Safety Team"

 Let's be detective now B-)
First, don't simply click any link sent by unknown user. Any link that you would like to click, hover over it first (put your mouse on the link but not clicking), and the "real address" will be there:

So you see a link, which is from "https://apps.facebook.com/.......". So far, everything seems to be normal.

Once you click it, this page occur:

 Beware! Look at the address bar. Once you click the link, you are redirected to this page: "interrogation-fb-problems.bugs3.com/...." Be careful, you are now NO LONGER within the Facebook. Because, Facebook will always have the domain name 'facebook.com', not "bugs3.com".

So far you are still safe, as long as you don't further proceed with anything. You are 'required' to type in your login email and password for your facebook. And, what's more, it asked you to choose the security question. Remember, DO NOT KEY IN ANY PASSWORD from here and on. Once you key in your correct password and click next, Oops! Your Facebook account will be gone, unless you are able to change your password before they make use of your account.

Yup, that's as simple as that. 2 steps to detect whether it is phishing website:

1. Check the 'real address' at the bottom of your browser by hovering on the link, before you click the link.
2. Once you clicked the link, check the address bar to see whether you are still in the same page.

 So, please be careful, Facebook users. Have a nice day!

P/S: Facebook will never use chatbox to ask your verification. If you are being reported, you will be notified by Notification rather than Message.

Welcome to SASWeber!

Hi all! Welcome to SASWeber! I am Kenny, the founder of SASWeber.

First of all, thanks for dropping by. The objectives of creating this blogspot are, besides promoting my business SASWeber Web Design & Services, I would like to take the chance sharing my personal opinions about the internet usage in this era, as well as sharing some others' opinions through this blogs to you.

The Big Bang of the internet era has totally transformed the whole world, in term of information, business, education, and everything. Almost everything can be related to the internet. From a bigger vision, we hope to see the world would one day become 'Internet of Things', where everything is internet-linked, or WiFi linked. Everything around us can be controlled over our mouse click.

However, we need to understand, apart of the freedom of sharing information through the internet, we need to beware of the leakage of personal privacy. This is my main objective of creating this blogspot - to raise the awareness on the importance of personal privacy for internet users, at every level.

As time goes on, I will continue sharing my personal views, as well as some worth-sharing articles to all. Hope you all enjoy this blog!

P/S: Don't forget to view other pages in this blog, and let us know if you are interested to create a website or have a cool blogspot/wordpress like this. Also check out other services we provide!

Best wishes and regards,
Kenny Saw
Founder of SASWeber