TT web developer launches people finder for Hurricane hit islands

Above: NOAA’s GOES East satellite captured this infrared image of Hurricane Irma in the Bahamas at 4:45 a.m. EDT on September 09, 2017. Image courtesy NASA/NOAA GOES Project

Coded-Arts, a Caroni based digital company specialising in websites and gaming has created an online resource for people wishing to report their status in Caribbean islands hit by hurricane as well as to check on the status of loved ones.

There are currently three named tropical storms active in the Atlantic, Katia, Jose and Irma.

The site is spartan and direct and loads quickly, providing its information quickly on mobile devices in low bandwidth situations. The Android app will go live by 4 pm today and the website is currently active and receiving information.

Despite adding a CAPTCHA system to repel automated attacks, the site has already weathered two attempts at hacking via SQL injections.

According to Browne, “There have been instances of where hackers have attempted to breach the network. Though they have all failed, what surprises me is the strong desire to do so.”

“These attacks have to be people based. The intention here is to help, and already, people are attempting to hinder that.”

According to a release from Coded-Arts…

“The new website combines a comprehensive listing of user information and there last known whereabouts and a directory of missing/ found individuals.,” said Manuel Browne, Managing Director of Coded Arts.

“The site will be of tremendous value for people seeking information in this fashion. This is a straightforward web app that also is provided on the Android app store (it is still review for iOS distribution). We have prepared the web app and mobile app for heavy loads of traffic and for ease of use, and we’ll be extrapolating on it, with the help of developers volunteering to expand it.”

Updated 09-o9-17, 2:30pm with details about the attacks on the website.

“The first DDOS attacks occured around 10-11pm last night,” Manuel Browne said, “which was partially expected traffic due to the amount of posts, sharing, boosting and activity surrounding it.”

“From around 12-2am  we started to recognize the intentional attacks. as SQL injections. The script is fortunately in the text box, which is already designed to prevent any form of scripting, so it simply shows up as text in the form.”
“After that were XSS (cross-site scripting) attacks that didn’t show up and auto banned the users in the process. We haven’t been attacked since then. Out of the 14 intentionally malicious attacks, four were from the Caribbean, and the remaining 10 were either done under proxy, or through the country of origin via spambots.”
“Two out of the 14 attacks were tests by developers who messaged me shortly after that they were making sure its secure by pointing out the vulnerabilities through 1 directory Traversals to find access to the accounts. We’re using 24 character long passwords now, having upgraded from 12 characters to deter brute force attacks.”