Category Archives: Mobile Commerce

Verizon PermaCookies Cannot Penetrate ssRwd™ HSTS Security

Verizon PermaCookies Cannot Penetrate ssRwd™ HSTS Security

Some say the deadly Ebola virus is unstoppable and the privacy-killing UID your ISP may be injecting into your web traffic is unblockable but a Miami web development firm just verified its antidote for one of them.

South Florida-based HTML5/CSS3 mobile web app, secure eCommerce/WordPress website design and jQuery/PHP web development firm WebFL.US recently validated and today announced that business website owners interested in protecting their site visitors from privacy invasion and their customer information exchanges and transactions from unauthorized snooping, personal/financial information collection and smartphone/online activity tracking can rely on their trademarked speedy secure responsive web design methodology ssRwd™ to permanently prevent the permacookies and undo the unoptoutability of the unique identifiers that might be injected into their HTTP headers by Verizon, ATT/AT&T and other Internet service providers large and small.

Earlier this week disclosed that “Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.” Soon after revealed that ATT/AT&T and other ISPs are engaging in similar activities, quoting security consultant Kenn White as saying: “In AT&T’s case, the code has four parts; only one part changes… It’s like if you were identified by a birth month, a birth year, a birth day, and a zip code, and they remove one of those things… You’d still be able to reasonably track that person with the other three.”

Using those Unique Identifier Headers (UIDHs), ISPs are able to track and collect detailed information on the mobile, tablet, notebook and desktop online activities of their customers which they can sell to advertisers – or possibly serve up without warrant to government agencies. And with these UIDH “permacookies” Verizon, ATT/AT&T and others can accomplish that even if their Internet access subscribers set their web browsers to block all cookies, even if they opt for private browser sessions, even if they opt-in for “Do Not Track”, and even after they log into their accounts and opt-out of all so-called “relevant advertising” programs. To find out if your ISP is using universal identifiers (UIDs) to track you right now, for example, you can click or tap here:

Is your ISP tracking you?

Like most web pages – and websites pasted into native app wrappers so they can be called “mobile apps” – this test page is being served up unencrypted using standard Hypertext Transfer Protocol (HTTP|RFC 2616). And because the transmission is unencrypted, it is vulnerable to ISP UID(H) injections – as well as a host of other potential privacy invasions, malware insertions and hacker attacks. If instead it had been encrypted and transmitted via Hypertext Transfer Protocol Secure (HTTPS|RFC 2818), the ISP header injection scheme would be defeated because UID permacookies cannot pass through the HTTPS transport layer security envelope.

The ssRwd speedy secure responsive web design and web development methodology offered by WebFL.US delivers transfer protocol security in its most impregnable form which is HTTPS Strict Transport Security or HSTS. HSTS not only shields website visitors and mobile app users from unwanted ISP injections, unappreciated malware insertions, unwarranted government surveillance and unrelenting hacker attacks but also enables SPDY, an open network protocol built on HTTPS which can significantly speed up page content delivery and thereby measurably reduce session as well as shopping cart abandonment. Along with speed and security, ssRwd serves up web pages in a fluid, flexible, mobile-friendly responsive web design format that assures proper presentation and optimal user experience cross-browser and multi-platform from the smallest smartphone screen to the largest desktop monitor.

Every visitor to a website designed and developed with ssRwd by WebFL.US is vaccinated against UID permacookie injections for the length of their session. That’s because on delivery every web page on a WebFL.US ssRwd website passes 15 objective tests of speedy secure responsive web design. How does your website measure up? To find out, you can click or tap here:

Do you have a speedy secure responsive web design?

SS rwd or #ssRwd, It’s All About Performance

SS rwd or #ssRwd, It's All About Performance

The 2014 Chevy SS with rear-wheel drive is all about performance. So is speedy secure responsive web design.

The “Web” and “Mobile Web” are now one and the same. Web pages that cannot accommodate smartphone/tablet as well as notebook/desktop browsers are obsolete. So are mobile website redirects and websites in app wrappers. Especially for small to medium sized businesses, mobile-friendly responsive web design (“RWD”) is now a strategic web development requirement and mandatory for minimizing web applications and maintenance costs, optimizing search visibility and user experience, and maximizing web marketing traffic and conversion ROI.

RWD leverages device-aware and device-agnostic web development technologies to eliminate the need for redundant “full” and “mobile” websites by using flexible grids and fluid formats to optimize content presentation for the screen size and capabilities of the requesting device – regardless of whether it be a desktop PC or Mac, iPad or iPhone, Android smartphone or Windows touch screen tablet. This results in a better user experience for which search engines like Góógle, Bíng, Yáhoo and tracking-free DuckDuckGo reward the web page with better placement.

Page speed (how long it takes a web page to download) is another user experience factor now heavily weighted in major search engine ranking algorithms – and for good reason: On the Web as elsewhere, time is money and knowing when to trade one for the other is how you win. According to GlobalDots research, Shopzilla reduced average page load time by 4.8 seconds and increased sales by 12%; Amazon pockets a 1% revenue increase for every 100ms of page load improvement; and Mozilla got 60 million more Firefox downloads per year after making their pages 2.2 seconds faster.

Today’s web surfers are busy people with short attention spans – and that goes double for our ever-growing base of on-the-go mobile users. Fast-loading pages and streamlined transactions complete favorable search experiences while staring at “Loading…” spinners often ends with the reverse. Consequently, slower sites suffer higher page visit and shopping cart abandonment rates while SPEEDY sites enjoy higher search rankings and more eCommerce/mCommerce sales conversions.

Faster page loads also mean faster searches … which means users have time to run more searches … which means Góógle can run more ads and make more money. This is perhaps the primary reason that Dont’t be Evil Góógle loves speedy websites – so much so that they came up with SPDY. SPDY (pronounced “speedy”) is an open networking protocol that can significantly accelerate website performance by reducing latency. It requires SSL/TLS encryption to avoid incompatibility when communicating across a proxy so to leverage SPDY a website must also be SECURE.

Websites with SSL/TLS enjoy significant operating and marketing advantages – especially if they fully implement HTTPS Strict Transport Security. HSTS not only enables SPDY but also helps protect you and your website visitors from malicious hackers, ISP and other third-party snoopers, and unwarranted government surveillance (#HelloNSA). Concerns over Internet privacy and the confidentiality of personal information are at an all-time high. And with Baby Boomers especially, websites that are proactive about Internet security will be their preferred product vendors and service providers.

SS rwd or #ssRwd, it’s all about PERFORMANCE.

Speedy secure responsive web design is where you need to be. Hop in and let WebFL.US take you there!

Page Speed Optimization: PSO Is The New SEO

Page Speed Optimization: PSO is the new SEO

Page speed optimization (PSO) is the new SEO: Miami App Developer WebFL.US Meets Web Marketing Needs with Responsive Design, Standards, Semantics and SPEED.

As of 1 January 2014 all websites and mobile apps designed, developed or re-engineered by Miami app development firm WebFL.US will be validated against 14 objective tests of Internet technology standards compliance and software engineering quality assurance in order to guarantee maximum returns for their web development clients and optimal user experiences for website visitors and mobile app users. Of the 14 tests, 2 are designed to assess mobile-friendly adaptive and responsive web design, 6 verify W3C/WCAG/Section 508 industry standards compliance, 3 examine semantic optimization of content and metadata, and 3 compare coding architecture and download times to best practices and benchmarks for web and app loading and rendering effectiveness and efficiency:

Responsive Design

According to Walker Sands, Mobile Web traffic accounted for 28% of all web traffic in Q3 2013, a 67% increase over Q3 2012. And for the first time this year, Amazon says over 50% of its holiday shopping traffic came from mobile devices. Walker Sands recommends that businesses “…prioritize mobile and implement strategies that put equal emphasis on mobile and traditional web design” and “…optimize websites across devices to avoid missing out on revenue.” This is exactly what WebRTC School Qualified Developer (WSQD) Bruce Arnold has been advising for years.

While global corporations may have the resources to develop multiple and redundant device-specific web marketing solutions – full websites, mobile websites, native Android apps, Apple iOS apps, Windows Phone apps etc. – for small to medium sized businesses WebFL.US believes that adaptive and responsive web design augmented by hybrid cross-platform HTML5 mobile apps is a far more effective and affordable web marketing strategy. The first test in their suite allows you to actually see how your web page renders across multiple devices – such as smartphones, tablets, notebooks and desktop monitors. The second measures a website’s ability to adapt to mobile devices with limited capabilities – such as the billions of flip-phones and other not-so-smart cellphones shows to still be in use:

Standards Compliance

WebFL.US recognizes that “Web” and “Mobile Web” are essentially marketing differentiators for the same Internet technology and communications platform, and that success thereon is a function of visibility (e.g., can they find your website in search engines?) and accessibility (e.g., will your app run on their smartphone?). HTML5, CSS3 and JavaScript source that is clean and concise (W3C standards compliant and error-free) is crucial to search engine indexing as well as web browser rendering and mobile app functionality, and therefore an absolute must for maximizing visibility and accessibility potentials. To that end the WebFL.US test suite applies 6 validations addressing content, format, accessibility, internationalization, syndication and links:

Semantic Optimization

Góógle Executive Chairman Eric Schmidt recently proclaimed that web pages with author and publisher verification will receive rank preference over those without it, effectively making Structured Data for Góógle Rich Snippets a mandatory addition to web page source. Proficient use of RDF metadata and HTML heading elements can also expand and improve search visibility. The WebFL.US test suite includes 3 tests applied to visualize and assess the impact of these semantic optimization techniques.


Góógle has stated publicly that both full and mobile websites and apps that load slowly or perform poorly will be penalized in search rankings due to the negative impact on user experience – and WebFL.US believes these penalties are increasing. According to Bruce Arnold, “Web pages that take too long to load invite the user to click the Back button. Mobile apps that perform poorly explain why over 50% of all downloaded apps are uninstalled within 30 days and over 95% are deleted within six months. And how a website or app is designed and developed can have more impact on performance than load-balanced servers, unthrottled bandwidth or a CDN.”

The WebFL.US test suite includes 3 tests to determine if a page or app is designed with SPEED in mind:

How much speed does your website or mobile app need?

Click here to find out and call Bruce Arnold at 877-919-5351 to get it!