What is cloud computing ? Top free cloud computing services.

Cloud computing is a technology which combines computer an internet together to manage as well as share data and various computer softwares remotely. The cloud computing technology provides centralized storage, memory, processing and bandwidth without requiring the users to know the location and other details of the computing infrastructure. Cloud computing is the term which has become very famous in the IT sector because this is one of the best ways to increase the capability without investing much on infrastructure or hardware cost.
The users can access the cloud based application through their browsers or light weighted apps and other company softwares and manage data stored on the remote computer. Cloud computing manages services as if they are installed locally on the end user machine.
The term cloud is used as a metaphor for internet as in the past the clouds were used as a representation for the telephony network, later clouds were used to depict the internet in the computer network. In case of cloud computing there is a significant load shift on a single machine. Local computers need to have application installed into them. Only a single computer thats make up the cloud needs to have the application installed into it. The hardware and the software cost is reduced at the user side.
Most of us have directly or indirectly have experienced cloud computing in some way. If you have used the email clients like gmail, yahoo or hotmail then these are some of the simpler form of cloud computing.
Also read : Top 10 online data backup companies

Top free cloud computing services

1) Data Backup through cloud computing

• Windows Skydrive > It is the one of the best cloud computing service for windows users. Best in the sense because most of the latest windows based applications like Microsoft office 2010, windows live movie maker and many other softwares come integrated with Skydrive and you can store your files directly on to skydive cloud based storage system. Not only this Windows skydive is integrated with online version of Microsoft office so you can edit your documents online also Even when you are out and do not have your system with you.  Windows Skydive provides 25GB of free storage with the maximum file size of 25MB but you can bypass this limit by switching to their premium plan.
• Dropbox > Drop box is one of the most popular cloud based storage software. Drop box if a free service which makes it easy for you to share photos, docs, and videos anywhere. Dropbox is the easiest way to share your files on your different gadgets that are having different OS. You need to just put up the file in the dropbox folder and it will automatically get synchronized into the devicer or gadgets in which you have dropbox application installed. Dropbox is one of the most use cloud computing based application.
• mypcbackup.com > mypcbackup is one another free cloud computing based application that helps you to take backups of your computer. Just buy applying three single steps you can backup your computer files in this cloud storage system. Register at their website download their PC application, set it and forget it, let MyPCBackup do the rest. This is the power of cloud computing technology, you can keep your data safely and access it from any where.

2. Managing documents and files through cloud computing

• Google Docs > Google docs is a free cloud based document managing system. With google docs you can directly create or upload files from your computer and share the files with the people you want and can even authorize the people who can edit your files. The type of files for which the google docs work are document, presentation, spreadsheet, form, drawing and tables.
• Box.net > Box.net features some great features and file compatibility this cloud management system supports files including Microsoft Office files, image and mp3 files,  Photoshop, flash video and Illustrator and more. For free users the maximum limit is  25 GB and can upload a file of max size 25 MB. Box.et is counted among the top cloud computing .

3. Cloud computing based video editing free services

• You tube video editor > youtube video editor lets you quick edit your uploaded video. This is one of the many cloud computing based video editor which is integrated with youtube. The other cloud computing video editing tool that Google’s online service integrated within youtube  are  Goanimate, Vlix, Stupeflix, Xtranormal etc. Every editor provides some unique features. The editing tool are provided directly on YouTube itself at YouTube.com/create.
• Google Movie Studio > Its the latest cloud computing based video editor announced by google on 15 February for android devices.  This video editor will provide you the power of cloud to edit video, stills, music and effects on the video and upload it directly to youtube by just a push of a button. Earlier same kind of cloud based video editor app was launched by apple called iMovie app for iOS 4 devices.

4. Cloud computing based image editors

• pixlr.com > Pixlr is a website that provides a cloud computing online image editor. The speciality of this image editor is that its super fast dosen’t take any time to load and is very similar to photoshop. Its just like as if you are using photoshop online. To get full detail about this image editor refer this link : Try Photoshop online
• Picnik >  Picnik is a popular image editor purchased by google based on the concept of cloud computing you can crop, resize, rotate image and add special effects. The premium version of picnic is available for $24/year with advanced features.

5. Online cloud based file storage

• Mediafire > Mediafire is the top file storage site. You can also share your files including , images, documents, presentations, videos . It provides unlimited file storage space .The only limit for the free version is maximum file size allowed is 200 MB. You can arrange your files in folders.
• Megaupload > Megaupload is another Cloud computing based popular website for file storage. It provides 200GB of disk space and uploading file size limit is 2GB. The interface is very easy and the features are mostly similar to Mediafire.
• 4shared > 4shared is another file sharing website with the maximum file size limit of 200 MB and disk space of 10 GB
• There are many other popular cloud computing file storage sites which are  hotfile, rapidshare, zshare, nowDownloadall, yourfilehost, uploading etc.

6) Cloud computing based antivirus

• Panda Cloud antivirus >  This antivirus is build by Spanish company which works on the concept of cloud computing. This is rated as the best free antivirus by PCworld. The antivirus can be downloaded on to the computer and it sends the information about the file to the data center on the cloud and checks for the malware.

7) Cloud computing based online converters

• Online-converter.com >  Online-converter is another cloud computing based application that can convert any thing online from video to mp3 or from docs to pdf, png to jpeg etc. There are 50+ conversions available at this site. To know more about this converter visit  Free online converter convert any thing online for free

Some other Cloud computing services

• Maps > Some free maps cloud based online maps services include Google Maps, Yahoo Maps and mapquest.
• image albums > popular cloud computing image albums include  flickr,  photobucket, webshots, Fotolog, imagebam and ziddu.
• Digital video > Hulu,  youtube, Google Video,  WatchMoviesOnline and  break.com .
• image sharing > tinypics, flickr.

Preventing SQL Injection

You can not test your application with all possible combination of input parameter. It is hard to make application which is unbreakable by the professional hacker. However you can take some precaution to make your application resistant against SQL Injection.

These are the common technique used today to prevent SQL Injection.

Sanitize the input, Escape/Quote safe the input, bound parameters, Limit database permissions and segregate users, Use stored procedures for database access, Isolate the webserver, Configure error reporting.

       

1. Sanitize and limit the Input

There are two way to limit the user input for a filed. First approach would be create a list of characters which should not allowed. This approach will not work because you are not sure what character user entered as input. You can not validated all the character because in web many character can be represent by alternative way. Second approach would be create a list which should allowed for a field. For example for a valid email id only this characters are allowed.

 Alphabet Lower Case  abcdefghijklmnopqrstuvwxyz

 Alphabet Upper Case  ABCDEFGHIJKLMNOPQRSTUVWXYZ

 Number               0123456789

 Special Chars        @.-_+

You can create a validation routine to check character by character, any thing not in list is invalid character, warn user for that.

Dim ValidString As String

ValidString = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789@.-_+"

Dim i As Integer

For i = 1 To Len(TxtEmailID.Text)

     If InStr(ValidString, Mid(TxtEmailID.Text, i, 1)) <= 0 Then

          MsgBox("Invalid character found in email id.", MsgBoxStyle.Exclamation)

          Exit For

      End If

Next

2. Escape/Quote safe the input

Check the escape character like "\" and remove it from the input data. Filter out character like single quote, double quote, slash, back slash, semi colon, extended character like NULL, carry return, new line,

For numeric value, convert it to an integer before parsing it into SQL statement. Or using ISNUMERIC to make sure it is an integer.

3. Limit database permissions and segregate users

The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table. Even a "successful" SQL injection attack is going to have much more limited success. So hacker not have been able to do the UPDATE, DELETE request that ate user don't have the permission, Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights. It should go almost without saying that sa rights should never be used for any web-based application. If a hacker is get rights of sa that is System Administrator then he can able to do anything with your database.

4. Use stored procedures for database access

When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely. By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced. For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain.

Note: it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection.

All database supports parameter passing mechanism, Its helpful to pass parameter to the database stored procedure to prevent SQL Injection.

5. Isolate the webserver

Even having taken all these mitigation and prevention steps, it's nevertheless still possible to miss something and leave the server open to compromise with the attacker. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. This won't stop everything, of course, but it makes it a lot harder.

6. Configure error reporting

The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. I saw so many commercial web site make this silly mistake by not configure web server to show custom error message. Professional attacker easily understand so many useful information. This information is useful to developers, but it should be restricted - if possible - to just internal users.

7. Run SQL Server in Low privileges

Change "Startup and run SQL Server" using low privilege user in SQL Server Security tab. Delete stored procedures that you are not using like:

master..Xp_cmdshell, xp_startmail, xp_sendmail, sp_makewebtask

8. Preventing multi-statement attacks

All commercial database server support multiple statement execution. Look following query.

    select * from user_master where user_name='ANYUSER' and

    user_password ='ANYPASS' ; drop table user_master -- '

Its execute two query first query lookup for the User Table and Second query will delete the user_master table from the database. Attacker create and used multi query statement to perform SQL Injection. Used database option to prevent multi-statement query.

Information Source by - http://www.programmer2programmer.net