Tag: desktop

How to manage page caching to serve different AdSense units for Mobile and Desktop

I’m trying to cache the pages of my website, which are responsive and show the same contents for Desktop and for Mobile, with the exception of the location of the AdSense units if the visit is from Desktop or from Mobile:

  • for Desktop, I place the first ad (a 728×90 banner) just under the page title
  • for Mobile, the first ad is a below-the-fold 300×250 unit

The rest of the HTML contents are identical, except the AdSense code for the first ad. So I cannot cache the pages and I must query the database with the consequent load increment.

I wondered if any of you had similar experiences. Would you place the same AdSense code (e.g. responsive units) for the first ad (for both Desktop and Mobile), just in the below-the-fold of the mobile pages?

Remove widgets on mobile front page without affecting desktop

I customized my desktop page with widgets so that the articles are arranged into different aesthetically pleasing sections… but on my mobile page, I’d like all the articles to just show up by order of last published without being arranged into sections.

Is it possible to not have the widgets on the mobile page separately… while still having widgets on desktop?

I saw a lot of answers that mentioned CSS media queries, but it looks like that’s just adjusting header/stylistic things. I also saw a thing about redirecting, but I would prefer for the mobile to have the same link as the desktop. Is this possible?

Thank you so much.

Edit: I would also like to be able to add back the function of having the latest posts on mobile, as I had to remove it from desktop.

Is there a desktop browser that doesn’t give out your ip?

I have noticed that since about a year, Firefox is yielding enough informations so that website you connect to know your ip, no matter the fact that you would be using a vpn.
I know there are some heuristics from google that are powerful and use deep learning. But one way or another, there must be a way to avoid ip detection.
The ONLY browser that works in correlation with a vpn is Duckduckgo browser on Android. Don’t be fooled by the tests of dns leak as they will just confirm that there is no dnsleak, the issue is that there is a direct host IP leak. You can check it on the website whatismyipaddress.com. I wish to know how to disable whichever feature is causing this trouble, or if there is another browser available which is trusted.

Remote desktop user minwinPC altering security privileges while computer was ‘off’

Is it possible for windows to start the computer while it’s off? I installed a fresh copy of windows and was looking at the security event logger. It logged 5.2k security audits while I was asleep and when the computer was off (I checked it before going to sleep because of strange behavior).

The name is MINWINPC and its target is the built in domain using remote desktop users. TargetSID is S-1-5-32-555. Subject user ID is S-1-5-18. Security logs show altering stack tracing and escalation of privileges.

Account domain is included in WORKGROUP but all network discovery is off. NETSH shows no domain of WORKGROUP exist but event logger records active SYSTEM manipulations. User account shows N/A

Why does Google Search Console’s “Core Web Vitals” say a subset of my pages are all good on Mobile and all bad on Desktop?

Google Search Console’s “Core Web Vitals” is showing these two graphs.

Notice that the number of “good” URLs in one graph exactly match the number of “bad” URLs in the other. Each day always has the same number on each graph, so it’s not likely a random coincidence.

The reports provide only one example, and it is the same URL in both cases (https://rbutterworth.nfshost.com/Tables/compose/). The page is static, with no scripts or forms.

The site has hundreds of other pages (all also static without forms), so what is so special about these reported pages that every one of them would be good in one context and bad in the other?

Graphs of Mobile and Desktop URLs, with the good in Mobile exactly matching the bad in Desktop

Was I hacked? Does the Apple Mail App on Desktop trigger a Google “signed-in device”?

Several of my personal accounts were hacked by my former employer (files were altered). I confronted them, mentioned the platforms but only sent them evidence of my Google account being hacked knowing that they might try to sweep it under the rug.

They conducted an “internal investigation” and concluded that the Apple Mail on my work device triggered those sign-ins. Besides the fact that their explanation doesn’t explain why my other accounts were hacked, I tested their theory and couldn’t replicate it. I looked it up and some people said that pull requests from Apple Mail don’t trigger logins. Can anyone confirm?

In addition, I did more digging and downloaded my Facebook data and this is what I found. It shows everything including the browser used, which a third-party app is not.

The hacks coincide with both a complaint I submitted to IT about their questionable practices and false allegations (made by IT a week after my complaint) that led to my dismissal.

Website not showing mobile version properly – randomly shows desktop version!

Our website here does not show properly on mobile phones much of the time. I have spent many hours trying to fix the issue to no avail.

We’re using a plugin called WPtouch to show a responsive mobile version of the blog. It used to work fine for years. However, in recent months, quite often when I visit the blog on a mobile device it shows the desktop version. This is very detrimental as the text on the site is miniscule and impossible to read.

We’re also using Cloudflare CDN and Swift Performance Lite to try to speed up the site. We’ve tried to clear / purge this CDN and cache regularly, as well as that of the browsers we use on the mobiles we test on. Quite often after we do it starts to show the mobile version of the site, but then reverts to showing the desktop version even on mobiles.

The thing that’s making me tear my hair out is it switches between the mobile and desktop versions on the same mobile phone in the same browser while surfing the site seemingly randomly (which leads me to believe it’s probably not a CDN or cache issue).

Is there anything I may do to finally fix this confusing issue please?

Thanks in advance!

What are the general security implications behind using a web app vs its equivalent desktop app?

In 2020, there are a lot of applications which have a web interface as well as “desktop apps.” Such applications are either the same in functionality or very close. Three examples of this situation are the Slack, Discord, and Keeper Security applications. As a user, I am often left with a choice: Do I use the webapp in the browser, or do I download and install the desktop app?

In order to not be too vague, I’m not going to ask the question “which is more secure?” As this may not be possible to answer without a specific reference. However, there is truth to the fact that many of these applications are running on top of runtimes like Chrome, V8, Electron, Mono, etc…. For the purposes of this question, please assume that the app is of this style and not a “fully native” compiled app written directly in C or C++.

Ignoring any functionality differences (such as, I need the desktop app in order to do livestreaming), please list the general security implications of using the browser app vs desktop app.

For security reasons, why might I prefer to run the web in-browser version of the app rather than the desktop app and vice versa? One such implication could be, “exploitation in a browser-run web app would be limited to the tab’s process, whereas in a desktop app, it could potentially access a greater scope” for example.

Best practices for storing long-term access credentials locally in a desktop application?

I’m wondering how applications like Skype and Dropbox store access credentials securely on a user’s computer. I imagine the flow for doing this would look something like this:

  1. Prompt the user for a username/password if its the first time
  2. Acquire an access token using the user provided credentials
  3. Encrypt the token using a key which is just really a complex combination of some static parameters that the desktop application can generate deterministically. For example something like:
value = encrypt(data=token, key=[os_version]+[machine_uuid]+[username]+...)
  1. Store value in the keychain on OSX or Credential Manager on Windows.
  2. Decrypt the token when the application needs it by generating the key

So two questions:

  1. Is what I described remotely close to what a typical desktop application that needs to store user access tokens long term does?
  2. How can a scheme like this be secure? Presumably, any combination of parameters we use to generate the the key can also be generated by a piece of malware on the user’s computer. Do most applications just try to make this key as hard to generate as possible and keep their fingers crossed that no one guesses how it is generated?