Chelsea Neil - LO2 Understand the factors that influence web performance

What factors influence Website Performance?

WELCOME TO MY BLOG! 

In this blog I will talk about everything you need to know about website performance and all of the small things that can effect it.

What is Website Performance?

Everyone wants the best website performance they can possibly have, Website performance is the knowledge of being able to increase or slow down the speed in which web pages are downloaded and displayed to the user's web browser.


The better your website performance e.g good file types chosen and the correct amount of content, the faster the download speed and general website - meaning it will generally benefit the environment as less power will be used.

There are a variety of different ways in which users can attempt to improve website performance, I will now discuss the various factors that can influence how well a website works.

User side

The user side of a website is things that are down to the user, aka you. If you are having problems viewing a web page, this could be because of something to do with you, these include download speed, web browsers and cache memory.

Download Speed

When visiting a website, the speed of delivery of a new page will be very important to you depending if you are in a rush. The download speed depends on a number of factors down to you - design (e.g. amount of graphics), your bandwidth speed, internet connection and where you live. Faster website download speeds are typically more loyal to the user and give the most satisfaction. Problems caused by poor design can amplify minor problems elsewhere in the chain. The advantages of download speed is that if there is a fast download speed users can access more pages and download/upload more content. The disadvantages of download speed is that if it is slow, this can reduce the amount of pages accessible, the amount the user can stream and more.

Web Browsers

A web browser is something that everyone uses and is a software application which is used to locate, retrieve and display content on the world wide web, this includes videos, music and images. It works by turning the formatting code (HTML) from a web page into a readable form, follows links (or hyper links  and works with a variety of extensions, such as Flash or Java Script. New versions are being made of browsers all the time and certain browsers can be used for different things (Some may allow file types, whereas others do not). Browsers can affect content on websites and some can require certain added apps to help them display specific content e.g Java and Flash, if browsers do not have the right added apps it will mean they will therefore not work and show certain content. The advantages of web browsers is that some allow users to have a faster download speed whereas some may go slower but focus on other issues.

Some common web browsers that you may know are:
- Microsoft Internet Explorer
- Google Chrome
- Apple Safari
- Mozilla Firefox

Cache Memory

One thing you may not be familiar with is Cache memory, this is extremely fast memory which is build into a computers CPU (Central Processing Unit) or located next to it on a separate chip. Cache memory is random access memory (RAM) that a computer microprocessor can access more quickly than it can access regular RAM. The microprocessor looks in the cache memory first as it begins to process data, if it finds data from a previous time it does not have to re do a time-consuming reading of data from larger memory. The CPU uses cache memory to store instructions that are repeatedly required to run programs, this therefore improves users overall system speed. The advantage of cache memory is that it helps boost overall speed of the system as it stores frequently used data, however the disadvantage is that it can be a waste of resources. 
In simple terms, cache memory is storage that is used to memorise previously accessed web pages, this means that if you want to revisit that web page, it will use the storage to load it up quicker.

Server side

The website performance may not lack just because of the user, it may also lack because of the server itself. The server side includes processor speed, web server capacity, files types and scripts.

Web Server Capacity and Processor Speed

A web server helps to deliver web content that can be accessed through the Internet. The most common use of web servers is to host websites but they can be used for gaming, data storage or running enterprise applications. A web server has defined load limits, it can handle a limited number of concurrent client connections (usually between 2 and 80,000, by default between 500 and 1,000) per IP address and it can serve a certain maximum number of requests per second depending on: its own settings, the HTTP request type, whether the content is static or dynamic and more. The disadvantages of web server capacity is that when a web server is near to or over its limits, it becomes unresponsive.

Most computer applications require that a minimum of requirements for the computer system is met in order for the installation to run, one of those requirements is the processor speed. Processor speed measures (in megahertz or gigahertz; MHz or GHz) the number of instructions per second the computer executes. The need for speed is therefore essential for a variety of different things, these could range from web design, animation and graphic design where processor speed is necessary. The advantages of processor speed is that if it is fast it can influence overall performance and can help make it better, however, with a slow processor speed this will reduce overall performance.

File Types

A file type is a term used to describe the format of a particular file and how it is stored. The file and type and size is important in website performance, depending on the files used some will download quicker than others. File types are especially important and should be considered when webpages are created. An advantage of file types is that the user can access a variety of different medias which enhance user interactivity, however, the disadvantages include the website going slow because of the amount of file types. The different file types and what they are best used for are the following:

JPEG/.jpeg (Joint Photographic Experts Group) -
JPEG is commonly used for storing digital photos since the format supports up to 24-bit colour. JPEG is also a common format for publishing Web graphics as the JPEG compression algorithm significantly reduces the file size of images. However, the compression used by JPEG may noticeably reduce the image quality if high amounts of compression are used. JPEG is therefore best for photos if you want to keep a small file size and are not worried about the loss of quality, it is generally not suitable for images with text, large blocks of colour or simple shapes as the lines will blur and colours can shift.

MP3/.mp3 (MPEG-2 Audio Layer III) -
An MP3 is a Music file MPEG Layer 3. MP3 is commonly used to store music files and audio books on a hard drive. MP3's do not have near enough the best sound quality compared to WAV, however because MP3's are so small, they can easily be transferred across the Internet. The MP3 format uses compression which removes data from a song using complicated algorithms, removing this data saves space and makes the file smaller.

WAV/.wav  (Waveform Audio File Format) - 
A WAV allows audio recordings to be saved with different sampling rates and bitrates. They are generally kept as the first digital copy of a file completely uncompressed. This means that WAV files are the best possible quality and have not gone through any digital alterations but output. The downside of this type of compression is the user generally is left with large file sizes. If a user downloads a song the WAV files will be substantially larger than having it on MP3, WAV's are generally more flexible than other file types.

 
GIF/.gif (Graphic Interchange Format) - GIF supports colour and various resolutions and should not be used for colour. It also includes data compression, it is limited to 256 colours and because of this it is therefore more effective for scanned images such as illustrations rather than coloured photos. A GIF should be used for simple Web graphics that have limited colours. Because of the small amount of colours, GIF files make very small, fast-loading graphics for the Web. GIF is great for Web buttons, charts or diagrams, cartoon-like drawing, banners, text headings and small compact Web animations. 

BITMAP/.bmp - 
Bitmap graphics are an uncompressed file format and is widely supported by most web browsers, graphic software, word processors and more. It can display 16,7 mio. of colours (the same as jpeg). As bitmaps are uncompressed there is no quality loss whereas jpeg uses a way of compressing pictures that alters the quality.
The disadvantage of a Bitmap is that file sizes become quite large which would become a problem when emailing them or loading them etc.

Vector - 
Vector images are made up of many individual, scalable objects. These objects are defined by mathematical equations rather than pixels, so they always render at the highest quality. You can increase and decrease the size of vector images to any degree and your lines will remain crisp and sharp, both on screen and in print. Another advantage of vector images is that they're not restricted to a rectangular shape like bitmaps. Vector objects can be placed over other objects, and the object below will show through. Vector images have many advantages, but the primary disadvantage is that they're unsuitable for producing photo-realistic imagery. Vector images are usually made up of solid areas of colour or gradients, but they cannot depict the continuous subtle tones of a photograph. That's why most of the vector images you see tend to have a cartoon-like appearance.  



AVI/.avi (Audio Video Interleave) - 

AVI stands out of other parallel video formats for its high quality picture and compatibility of multi-operating systems. AVI also has disadvantages, it has bulk size and does not have unified standard on compression. AVI files can contain both audio and video data in a file container that allows synchronous audio-with-video playback. Like the DVD video format, AVI files support multiple streaming audio and video, although these features are seldom used. 

 

SWF/.swf (Small Web Format) -  
SWF files can contain video and vector based animations and sound and are designed for efficient delivery over the web. SWF files can be viewed in a web browser using the Flash plug in. 

 

Scripts

Scripts are invisible to the users eye but they are very important within a website as they define how it behaves in response to the user's requests. Apart from the World Wide Web, scripts are also used for the automation of processes on a local computer. Scripts have contributed to making the web such a usable and flexible environment that we use everyday.
Each script represents a text document containing a list of instructions that need to be executed in order for that certain action to be achieved. This prevents and cuts down users having to go through a series of steps in order to reach a set of results while browsing a website or working on their personal computers. The text nature of the scripts allows them to be opened and edited with the help of a basic text editor.

If the script is not compatible with the browser, this will mean that the web page will not load properly or will just not work at all. If the script has not chosen the correct layout of the website, the performance of the website will lack and the user will not get the most out of the website they are viewing.

The advantages of scripts are that it enhances interactivity, however, the disadvantages are that if there are too many scripts, this can therefore mean that the website will go slow.

Website Security

When creating a website, you must be aware of the possible security risks as well as the security mechanisms you can include to prevent any risks to your website:

Security Risks

There are a variety of security risks to a website, below I will discuss some of the most common ones: 

Hacking

Hacking means illegally accessing other people's computer systems in order to destroy, disrupt or carry out something illegal. Hacking is usually carried out remotely, i.e. someone outside a company wants to try to break into the computer system.

Pagejacking

Pagejacking is stealing the contents of a Web Site by copying some of its pages, putting them on a site that appears to be the legitimate site, and then inviting people to the illegal site.

Phishing

Phishing is a form of Internet fraud where criminals try to steal valuable information such as credit cards, social security numbers, user IDs and passwords for bank accounts. They set up a fake website which looks identical to a legitimate company such as a bank or insurance company and then try to trick people into logging into the site and giving their account details and security codes.

Viruses

A computer virus is a piece of program code that makes copies of itself by attaching itself to another program. The virus can waste the host's resources, and sometimes destroy or change files. While viruses are usually malicious - destroying data or crashing network services - many do nothing or are just annoying (for example, displaying a message to the user). Many viruses are made to wait a long time before doing anything, usually destroying data on a certain day, like a holiday. Viruses are usually spread by a computer network, by e-mail, or by removable media, like a floppy disk or memory stick.

Identity theft

Identity theft is where criminals obtain personal information such as your date of birth, bank account numbers, your mother's maiden name, your pet's name and so on. These personal details are often used as questions by companies for you to prove who you are over the telephone. If someone can answer these questions they will most likely succeed in impersonating someone and can therefore buy products, take out loans or money from  accounts.

Website security is very important, below are some common website security questions that I have answered:

What makes a website secure?

Having a secure website is important for many reason, in order to make a particular website secure the following would be needed:
- A secure server
- Firewalls (a barrier to stop them getting into the server area)
- HTTP – protocol that means the website is secure and the data is encrypted
- Back ups
- Strong passwords
- Security questions
- Verifications

Why would a website need to be secure?

Certain parts of a website need to be secure so that:
- It can’t be hacked
- Important information cannot be stolen (Customer records, banking details, shopping online)  

How do you know if a website is secure?

There are a variety of ways to tell that a website is secure, they are:
- Websites will be padlocked
- The URL will turn green

Security Protection Mechanisms

There are a variety of things that can be done in order to help reduce the risk of anything happening to your Website and to keep secure. The mechanisms below all apply to websites that involve log in details, customer details or any personal details that could possibly be stolen and used. Websites without these pieces of data will not need to be secure as there is nothing as valuable to steal.

Digital Certificate

A digital certificate is the attachment to an electronic message used for security purposes, before any transactions are authorised the digital certificate verifies this request and check is the user sending the message is who they say they are. Digital certificates are typically used by commercial organisations, not just anyone can use this mechanism. A digital certificate is issued and signed by the Certification Authority (CA) and typically contains the owners name, expiry date, name of the issuer etc.  

Firewalls

Firewalls are a piece of software that is used to prevent unauthorised Internet users from accessing private networks or computers connected to the Internet. All messages entering or leaving the computer will pass through the firewall, the firewall will examine each message and will block the ones that do need meet a specified security criteria. 

Secure socket layers (SSL)

SSL (Secure Sockets Layer) is the standard piece of security technology for establishing an encrypted link between a web server and a browser. It is used by millions in order to secure transactions of customers - the typical users of these are commercial organisations or anyone that collects personal data.

Use of passwords & usernames

It is crucial to use passwords and usernames, using these will help reduce the risk of hacking. Passwords should be very complex, using hashed passwords could help limit damage as encrypting them isn't possible. 

Legal considerations

Whilst there are things that the user can do in order to make sure their website is secure, there are also legal acts in place that influence website security:

Data Protection Act 1998

The data protect act effects all Individuals and organisations that hold personal information and how they hold personal information. They are required to register the fact that they are handling personal information and on top of that pay a small annual fee. The data protection act would link in to a Website when any visiting customers would need to type in personal details. The data protection act states eight principles that personal information is required to meet:

1. Fairly and lawfully obtained
2. Obtained for specified and lawful purposes
3. Adequate, relevant and not excessive
4. Accurate and up to date
5. Not kept any longer than necessary
6. Processed in accordance with the "data subject’s" (the individual’s) rights
7. Securely kept
8. Not transferred to any other country without adequate protection in situ.

The typical consequences of breaking the data protection acts are the following: 

- Possible loss of business and brand damage

- A penalty from the UK Information Commissioner's Office (ICO)

- Prosecution

- Fines of up to £500,000

- Prison sentences

Privacy and Electronic Communications Regulations 2003

The privacy and electronic communications regulation states that it is illegal in the United Kingdom to send an automated recorded message for direct marketing purposes by all electronic communication (SMS, Email, Telephone etc.) 

Computer Misuse Act 1990

This act came into place in an attempt to resolve a surge in criminal activity surrounding computers and their use – primarily the increase of computer hacking. The Computer Misuse Act recognises three key offences:

1. Unauthorised access to computer material
2. Unauthorised access with intent to commit or facilitate commission of further offence
3. Unauthorised acts with intent to impair the operation of computer

The typical consequences of breaking the computer misuse act are the following:

Offence 1 - Up to 6 months in prison and/or a hefty fine
Offence 2 - Up to a 5 year prison sentence and/or a hefty fine
Offence 3 - Up to a 5 year prison sentence and/or a hefty fine
Offence 3a -  Up to a 5 year prison sentence and/or an unlimited fine

Impact that cases of website security breaches have had on society:

Jonathon James - Hacking

What happened?

Jonathon James also known as 'c0mrade' on the Internet became the first juvenile to be sent to prison for hacking at just fifteen years of age. James' major intrusions targeted high-profile organisations, he installed a backdoor into a Defence Threat Reduction Agency Server. The DTRA is an agency of the Department of Defence charged with reducing the threat to the U.S. and its allies from nuclear, biological, chemical, conventional and special weapons. The backdoor he created enabled him to view sensitive emails and capture employee usernames and passwords.  James hacked into NASA’s network and downloaded enough source code to learn how the International Space Station worked. The total value of the software he stole and downloaded was estimated at $1.7 million. Not only this, but NASA was forced to shut down it's computer systems resulting in a $41,000 cost. If James had been an adult it would of been likely that he would of served 10 years in prison, however because he was only fifteen he was banned from recreational computer use and was slated to serve a six-month sentence under house arrest with probation.


Impact on society?

• After this breach, society would be anxious, worried and feel unsafe
• A lot of sensitive data would have been accessed
• There would be a breach of national security
• For the companies involved, there would be a large loss of revenue
• It would result in the shut down of computer systems
• For all the companies involved, there would be disruption
• After this breach, there would be a need to invest in tighter security systems

How was it resolved?

• The hacking case was resolved by banning him from recreational computer use and having him serve a six month sentence under house arrest
• All of the companies involved would of had to improved their security in order to make sure that this does not happen again

Abraham Abdallah - Identity Theft

What happened?

Abraham Abdallah, 32 years old worked at a New York Restaurant and stole the identities of some of America's richest. Abdallah used the internet and a magazine rich list to get personal data about more than 200 people, including film director Steven Spielberg and chat show host Oprah Winfrey. He tried to steal more than $22m (£14m) but was largely unsuccessful and pleaded guilty to wire fraud, credit card fraud and identity theft. Abdallah used mail boxes, voice mail accounts and the internet to gather social security numbers, addresses, birth dates and even mothers' maiden names. Next to the biographies of the rich and famous in Forbes list of America's 400 richest people, Abdullah scribbled personal information. He then attempted to raid the bank accounts of the super rich, including Star Wars director George Lucas, former presidential candidate Ross Perot and CNN founder Ted Turner. Abdallah was discovered when he made an e-mail request to transfer $10m (£6.99m) from a Merrill Lynch account belonging to Thomas Siebel, founder of Siebel Systems.

Impact on society?

• Identities from more than 200 people were stolen
• Personal data, including that of rich list were breached
• Personal bank accounts were raided and attempted to steal money
• Personal money stolen by an email request
• Society would get the general feeling of worry and anxiety

How is was resolved?

• Abraham Abdallah pleaded guilty to wire fraud, credit card fraud and identity theft
• This breach led to the prosecution of Abdallah
• In order to resolve this issue, better security measures were taken for the people involved

ILOVEYOU - Virus

What happened?

The ILOVEYOU virus was a computer virus that carried the message "ILOVEYOU" and disabled networks across the UK. It was estimated that up to 10% of UK businesses had been hit by the bug, being transmitted across the world - This virus worked it's way into the entire world because of the way it was transmitted. The e-mails raced across the country, reaching the NHS, universities, City of London institutions, and many large and small companies. BT, Vodafone, Barclay's, Scottish Power and Ford UK were among the giant firms affected. The House of Commons was cut off from electronic communication with the outside world, as the network was shut down to prevent the bug spreading.   It was believed the virus is programmed to delete some computer files, including MP3 music files and images, as well as raiding email addresses to multiply itself and send itself and other e-mails on wards  The subject of the e-mail said that the message was a love letter from a secret admirer. An attachment in the e-mail was what caused all the trouble. The original worm had the file name of LOVE-LETTER-FOR-YOU.TXT.vbs.  The virus seemed to only attack computers running Microsoft Windows and the popular 'Outlook' email software. The "ILOVEYOU" bug reportedly first hit Asian firms before reaching the US, the UK and other European countries, spreading even more rapidly than the Melissa virus that plagued companies last year. According to anti-virus software producer McAfee, the ILOVEYOU virus had a wide range of attacks:

• It copied itself several times and hid the copies in several folders on the victim's hard drive.
• It added new files to the victim's registry keys.
• It replaced several different kinds of files with copies of itself.
• It sent itself through Internet Relay Chat clients as well as e-mail.
• It downloaded a file called WIN-BUGSFIX.EXE from the Internet and executed it. Rather than fix bugs, this program was a password-stealing application that e-mailed secret information to hacker's e-mail address.

This virus managed to infect an estimated 1,200 people in the first three hours. According to some estimates, the ILOVEYOU virus caused $10 billion in damages by just one click of opening up the email.

Impact on society?

• Thousands of people would no longer trust eMail
• Multiple business' were shut down
• The House of Commons was cut off due to this virus 
• The virus resulted in deleted computer files
• Thousands of computers were attacked
• After the email was opened, it created $10 billion worth in damage

How was it resolved? 

• As a result of this virus, tighter anti-virus software was created in order to stop this virus from ever happening

Melissa - Virus

What happened?

David Smith, aged 34 developed the Melissa virus in March 1999. The virus is believed to have been named after a Florida stripper its creator knew and caused more than $80m in damage after it was launched. Computers became infected when users received a particular e-mail and opened a Word document attached to it. It did comparatively little damage to individual computers, unlike later viruses. But it had graver implications for company and web servers carrying the huge volumes of e-mail being created. When the document attachment was launched, a program was created which replicated the e-mail and sent it to the first 50 addresses in the Global Address Book of users running Microsoft's Outlook personal organiser. Because of the Melissa Virus made by David Smith, millions of pounds worth of damage was created all because of an email sent out by the virus.
Microsoft, Network Associates and other anti-virus and computer security companies issued warnings and supplied fixes to counteract Melissa. It has been estimated that the virus infected more than a million computers. Smith pleaded guilty and was sent to a 20 month long prison sentence. 

Impact on society?

• Thousands of computers infected
• There was bulk emails sent from people they knew
• The virus led to millions of pounds worth of damage
• A general feeling of fear of emails

How was it resolved?

• As a result, David Smith, developer of the virus was sent to a 20 month prison sentence
• All anti-virus software supplied fixes and gave out warnings to users

Albert Gonzales - Hacker/Identity Theft

What happened?

Albert Gonzales, aged 28, was jailed for 20 years in the US for his part in stealing the details of more than 130m credit and debit cards. Gonzalez was accused along with two Russian co-conspirators, of hacking into the payment systems of retailers. They targeted more than 250 US companies including payment processor Heartland Payment Systems, food and drink store 7-Eleven and American supermarket Hannaford Brothers Co. Gonzalez was found to have used SQL injection attacks to exploit weaknesses in payment software programs and access data, stealing millions of customer card details. 
Albert Gonzales and two others 'curiosity' cost millions of people their credit card and debit cards details, this potentially lost thousands of pounds but also made society of just how easy a persons identity can be stolen and used against them.
He blamed "curiosity and addiction" for his crimes and was sent to prison for 20 years.
 
Impact on society?

• Thousands of personal details stolen
• Thousands of pounds lost from society
• A general feeling of society being anxious and scared
• The discovery of certain weaknesses attacked in software programs
• Thousands of stolen customer credit card details being stolen
• Hundreds of businesses targeted and their employees no longer trusting them with personal information

How was it resolved?

• As a result, Gonzales faced imprisonment for 20 years
• This case of identity theft is resolved by tighter security measures

What impact have cases of website security breaches had on society?

Because society is so aware of how many real life cases there have been, people tend to be a lot more wary and because of this they seem to use the internet a lot less and certain websites online in order to prevent themselves from getting into a situation similar to one in the past.

The more aware people are becoming, the more people want to stop what has happened and because of this people tend to try and protect themselves against it, this means that they will buy the relevant software, keep anti virus up to date, choose sensible passwords and make sure they check that the website they are using is secure. Not only this, but people are not a lot more cautious about using certain websites, this would therefore cut down the risk of certain people. In the past, if they had gotten a phishing email or a text saying they are ‘owed £3000’ they probably would of clicked on the link and typed in their details, however, because society is so aware of what is happening, most would think twice about this email and delete it straight away.

Lastly, if criminals are finding ways to hack, they are always thinking of new ways. This therefore means that places like Halifax or Barclays would employ a team in order to find new ways to prevent a future possibility of the company being hacked. With new teams comes a department and new jobs for society.

Key Words Definitions

(User) PC Memory: Required for data storage and processing.

(Server) Server Storage Space: The amount of space available for storage and processing.

(User) Browser: A software application for retrieving, presenting and traversing information resources on the World Wide Web.

(User) Error: "The page you have requested cannot be found."

(User) Connection speed: Indicates how fast you will be able to transfer information from the Internet to your computer.

(Server) Website Performance: How well a website can be accessed or how well it deals with user requests to view website content.

(Server) Upload Time: How fast a computer can push data out.

(Server) Web Statistics: A log of user visits to a website.

(Server) Script: A programming language that is interpreted by another program at run time rather than compiled by the other computer’s processor as other programming languages. The more scripts there are, the slower it will run/load.

(User) Bandwidth: Data transfer rate, the amount of data that can be carried from one point to another in a given time period (usually a second).

(Server) Website content: Databases, file formats used for images, sound, video, animation, additional technologies such as AJAX and ActiveX.

(Server) Broken link: Stops you from accessing a web page.

(User) Download speed: How quickly a file can be accessed from the network/Internet.

(Server) Server availability: When the server is operational (able to be used).

Sources:

http://www.volresource.org.uk/swit/webterm.htm
http://www.wisegeek.org/what-is-cache-memory.htm
http://www.statcan.gc.ca/pub/81-004-x/def/4068725-eng.htm