Tag

internet

Browsing

This article aims at addressing the age-old question: What happens after you type a URL into a web browser? The use case entails the background details of typing “google” in the address bar. Before we begin, it is ideal to note that ignoring the website’s downtime, the average load time of any webpage is less than 2.9 seconds, leaving each of the processes highlighted below occurring in nanoseconds or less. This article covers an in-depth analysis of behind-the-scene activities from the point a user presses the “g” button up until a result displays on the screen.

User presses letter “g”
The moment the first letter in google (letter G) is pushed, the browser receives the input entry event, and an auto-complete function immediately kicks in. Depending on your browser’s algorithm, various suggestions are presented to the end-user in the dropdown below the URL bar, varying from recently entered, web browser type, recently trending to most entered inputs. In this case, the auto-complete function completes the query to google.com.

The “enter” key bottoms up
Taking the point at which the “Enter” key on the keyboard hits the bottom of its range (called bounce) and debounce, an electrical circuit specific to the enter key is directly or capacitively closed. This closed-circuit allows the flow of minute current into the keyboard’s logic circuit, which then scans the state of each key switch by debouncing the unique electrical noise generated from the switch’s rapid intermittent closure. The electrical noise is converted into a keycode integer (in this case, 13), which is encoded by the keyboard controller for transport between the keyboard and the computer. The transmission channel, generally over a Universal Serial Bus (USB), can also be a Bluetooth connection, or legacy connectivity like PS/2 or ADB

enter key

IRQ signal
The moment the processor finds a closed circuit, it compares the location of the most recently closed circuit on the key matrix to the character map in its read-only memory (ROM). A character map, being a comparison chart or lookup table for each key encoding (UTF, ASCII…), signals the processor the position of each key in the matrix and what each keystroke or combination of keystrokes represents. The keyboard, exclusively reserved for interrupt request line (IRQ 1) sends signals on its IRQ, which maps to an interrupt vector by an interrupt controller. The computer then maps out the interrupt vectors to functions uses the Interrupt Descriptor Table (IDT) provisioned by the kernel. As the interrupt arrives, the kernel inputs when the CPU indexes the IDT with the interrupt vector and runs the appropriate handler.

IRQ1

CPU message relay
The keyboard’s switch contacts are wired to a microprocessor arranged in an X-Y matrix, constantly beaconing to notice the updated values of the currently opened or closed keys. When it senses the enter key down, it sends a serial code to the PC (single byte for most keys). When it senses a key released that was previously down, the same code with an additional “0xF0” byte is received. The host PC captures these incoming codes and uses them to maintain its map of which keys are up and down. The PC then writes the ASCII code for each new ‘down’ key into a volatile memory buffer where any running application can retrieve it.
For example; ‘A’ – make code 0x1C; break code oxF0,0x1C

cpuBrowser input Logic
The browser, being equipped with the ability to decipher outputs based on predefined inputs, can process the logic to interpret “https” as HyperText Transfer Protocol (Secure), “/” as slash notation, “@” as email predecessor. In the case where no protocol or valid domain name is specified, the browser then feeds the text entered in the address bar to the browser’s default web search engine (Google, Baidu, Bing). The URL is usually appended with unique texts to notify the search engine of its origination, which in this case, is from a specific browser’s URL bar for a browser-specific rendering during output.

chrome, mozilla, safari, explorer

Check non-ASCII Unicode Characters
In the world of Multilingual Web Addressing, where non-ASCII characters are now added to Web addresses, browsers are now able to detect and convert non-ASCII Unicode characters ( a-z, A-Z, 0-9, -,) in hostnames. Since the hostname is google.com here, the Punycode is resolved by the domain name server into a numeric IP address. For encoding, If the string representing the domain name contains non-Unicode characters, the string is converted to Unicode by the user agent (UA). Normalization functions are then performed on the string to remove mismatch. This can include converting uppercase characters to lowercase, reducing alternative representations, and eliminating prohibited characters (whitespaces). Next, UA converts each of the labels (pieces of text between dots) in the Unicode string to a Punycode representation. To differentiate original ASCII labels from non-original labels, a unique marker (‘xn--‘) is prefixed for each label containing non-ASCII characters.

non-ASCII Unicode Characters

HSTS Validation
The browser then performs a lookup on its internal list of websites that have requested to be contacted via HTTPS only called “preloaded HSTS (HTTP Strict Transport Security)” list. If the list contains the website (google), the browser sends its request via HTTPS instead of HTTP, automatically appending the “s” at the suffix of the HTTP after the certificate authority (CA) is initialized and verified. Alternatively, the initial request is sent via HTTP. However, a website can use the HSTS policy without being in the browser’s HSTS list. This is established when the user’s first HTTP request to the website receive a response that the user only send HTTPS requests, this then forces the browser to establish communications only in HTTPS going forward.

HSTS checkDNS lookup
The browser then checks if the domain exists in its local cache. If the domain exists, the most recent record is first pushed into the memory before comparing the variation with the live record. If the domain is not found in the local cache, the browser calls an OS-specific library function to invoke a lookup. This library function (gethostbyname in widows) initially checks if the hostname is resolvable by referencing the local host file then attempts to resolve the hostname via DNS. In a situation where the library function is unable to find a cached version or the hosts file, a request is made to the default DNS server, which is usually the local router or the ISP‘s caching DNS server in other instances.

domain name system (DNS)

ARP Initialization
The target IP address is required by the network stack library to initiate an ARP (Address Resolution Protocol) broadcast, while the MAC address of the interface is required to send out the initializing ARP broadcast. The ARP cache is then looked up for an ARP entry for the target IP address. If an entry is found, a “Target IP = MAC” is returned. If the ARP entry is not in the cache, the routing table is looked up to check if the target IP is on any subnets on the local routing table. If a matching entry is found, the interface associated with that subnet is used by the library, else, the interface containing the subnet of the default gateway is utilized. The unique 48 bit MAC address of the NIC (Network Interface Card) is looked up. The network library sends an L2 (datalink) ARP request in the format:
Sender MAC (source): MM:MM:MM:SS:SS:SS
Sender IP address (source): #.#.#.#
Target MAC (dest): FF:FF:FF:FF:FF:FF (Broadcast)
Target IP address (dest): #.#.#.#

ARP Initialization

Computer Network Connectivity
Considering how devices can join the network via wired or wireless connectivity, the process of establishing the ARP request varies depending on what technology exists between the computer and the router, being the path to the internet. If the computer is DC (Directly connected) to the router, the router instantly responds with an ARP reply. If a hub (deprecated) is serially between the computer and the router, the hub sends broadcasts containing the ARP request out all other ports irrespective of their current status, establishing connectivity for the router based on serial topology. If the computer is DC to a switch, the switch then checks its local CAM/MAC table in an attempt to match a corresponding port with the MAC address in question. If no entry is found, the ARP request is rebroadcasted to all other ports.

Wired or Wireless

Opening of a socket
Since the network library now has the IP address of either the DNS server or the default gateway, the initial DNS process is resumed. If the response size exceeds the required size, TCP port 53 is opened to send a request to the DNS server, else, UDP is used. The browser then collates the IP address and port number of the destination server from the URL, makes a call to the system library function using the default port numbers depending on the protocols used (the HTTP: 80, HTTPS: 443), and requests a TCP socket stream named AF_INET/AF_INET6 (for IPv4 and IPv6 respectively)and SOCK_STREAM. This request first hits L4 (Transport Layer), where a TCP segment is created. The source port is chosen from within the kernel’s dynamic port range while the destination port is added to the header.

IP

OSI Model downstream
The segment is sent to L3 (Network Layer) of the OSI model, which adds an IP header to the first segment. The destination server and the current machine IP address and is then converged to make up a packet. Next, the packet arrives at layer 2 (datalink Layer), alongside an additional frame header, which includes the MAC address of the machine’s NIC and the MAC address of the default gateway (local router). As previously addressed, if the know the MAC address of the gateway is unknown to the kernel, the kernel must broadcast another ARP query to find it.
At this stage, the packet is acknowledged and ready to be transmitted using most traditional media, including wifi(wireless), Ethernet cable(wired), or Cellular data network (wireless mobile devices).

OSI-Model

LAN setup
Most SOHO (Small Office Home Office)or personal Internet connections involve packet movement from a computer, through a local network, and a modem (MOdulator/DEModulator), which converts binaries to an analog signal suitable for transmission via telephone (deprecated), cable, or wireless connections. On the ISP’s end of this connection is a similar modem reverses the analog signals back into digital data to be reprocessed by the next network node where the “from” and “to” addresses are further examined. If fiber optic or direct Ethernet connectivity is used, the data remains unchanged and is passed directly to the next network node for further examination.LANDataflow
When the packet reaches the router managing the local subnet, it continues to travel to a collection of one or more IP prefixes run by one or more network operators that maintain a single, clearly-defined routing policy known as Autonomous Systems (AS). Each router on this path then extracts the destination address from the IP header and routes the traffic to the next appropriate hop. The TTL ( Time To Live) field embedded in the IP header continues to reduce by 1 for each router that successfully passes through. In the case of network congestion, where the current router has no space in its queue, or the TTL field reaches zero, the packet is dropped.

data flow on the network

3-Way handshake
Following the TCP connection flow, the 3-way handshake is initialized. This involves the process of a client choosing an initial sequence number (ISN) and sending the packet to the server with the synchronize (SYN) sets. The server then receives the SYN request by choosing its ISN, Notifies SYN of this update, then copying the client ISN +1 to its ACK field with the addition of an ACK flag acknowledging the receipt of the initial packet. The client then acknowledges the connection by sending a packet containing an increased sequence and receiver acknowledgment number. On the source, SEQ is increased by the same number of data bytes. The recipient then sends an ACK packet, which is equal to the last received sequence from the source packet.
To close the current connection, the closing terminal sends a FIN packet while the recipient ACKs the FIN with its FIN, the closing terminal then ACKs the recipient’s FIN with its own ACK

3 way handshake

CA (Certificate Authority)
The client computer sends a “ClientHello” plus its TLS version number to the server, the server then replies with a “ServerHello” message to the client with its TLS version, cipher mode, compression methods and the public certificate of the server, signed by a verifiable CA (Certificate Authority). In this certificate is a public key which the client uses to encrypt other unencrypted portion of the handshake before a mutual symmetric key is selected for use. The client then runs a verification of the server’s digital certificates against its list of trusted CAs. If trust is established, the client continues to generate a string of pseudo-random data encrypted with the server’s public key, which is used to determine the symmetric key type.

CA

Key Infrastructure
The server then decrypts the random bytes using its private key. Next, it uses this data to generate a localized copy of the symmetric master key. At this point, the client sends an “end-of-message” notification to the server and encrypts the transmission with a symmetric key. The server accepts this message, generates its localized hash, decrypts the incoming hash from the client, and verifies a match with both hashes. If the hashes match, the server sends a finished message encrypted with the symmetric key to the client. If the hashes do not match, a certificate validity error is logged. The TLS session is then established for the transmission of encrypted application data using a chosen symmetric key algorithm (3DES, RC4, IDEA, CAST5…)

Certificate Authority

HTTP protocol
In the case where the web browser used was written by Google (Google Chrome), a negotiation request is sent to the server to upgrade the regular HTTP protocol to SPDY (pronounced speedy), as opposed to sending a usual HTTP request to retrieve the page. This is usually a GET /HTTP/1.1 request containing host: google.com and connection: close [other headers] where other headers comprise of single new lines of colon-separated series of key-value pairs in the format of the HTTP specification. HTTP/1.1 here is the signal showing that the connection closes as soon as the response completes.

HTTPS Digital certificate

Server Transaction
Upon fulfilling these deliverables, the server then receives a single blank new line from the web browser, which indicates a completion of the request. Next, the server replies with a response code stating the status of the request and corresponding response code, in this case, 200 OK. The server then decides to close the connection or keep it open
for more requests depending on whether the client’s header requested this information. After the HTML portion is parsed, this process is repeated for every other resource that is referenced within the HTML, which includes CSS, JS, image, and media. In this case, instead of GET / HTTP1.1, the request becomes GET /$(URL)HTTP/1.1. In some cases, the HTML can reference a resource hosted on another domain, then the browser repeats the process involving DNS modification of the hostname.

200-OK-Status-Code-HTTP

HTTP Server Request Handle
On the server-side, the HTTPD server or HTTP Daemon (which can be Apache or Nginx for Linux and IIS for Windows) handles all requests or responses from the client. As soon as the HTTPD receives the request,
The server breaks down the incoming request into three parameters;
HTTP Request Method (GET), Domain (google.com) and requested path (index, since no path/page is specified after “/”). The servers then verify the availability of a remote virtual host configured to resolve to google.com and verifies that the domain can accept GET requests. If the server is configured to use a rewrite module (URL Rewrite in IIS or mod_rewrite in Apache), the existing rewrite rule in the module is utilized, else, the server continues to pull content housed in the index folder, treating the URL as https://www.google.com/. The server then parses the content of this file and interprets the content of the index file to a process that outputs a user-readable format of the content.

HTTP Daemon

Browser rendering
The browser’s main functionality is requesting web resources from servers and presenting the output in an appropriate format, specified by the URI (Uniform Resource Identifier). Behind the scene, the server supplies the resources, including CSS, HTML, and media to the browser. The browser further refines these data by parsing the language/scripts, rendering the data by constructing a DOM (Document Object Model) tree, and eventually painting the render tree. HTML and CSS (maintained by the W3C ) specifies the way the browser interprets and displays HTML. Structurally, the web browser major comprises of the UI (User Interface), UI backend browser engine, render engine, Networking, Javascript engine, Data storage capability.

CSS3, HTML, UI layout

HTML parsing
The HTML parser, using built-in rendering capability, audits the HTML markup into a parse tree, which is a tree of DOM element attribute nodes. Because HTML cannot be parsed chronologically, the browser is forced to use a custom HTML parsing technique whose algorithm is determined by the HTML5 specification.
After these deliverables are met, the web browser begins the process of fetching external resources linked to the page, in the form of the layout (CSS), embedded scripts (Ajax, JS), and media (visuals). This raw file is marked as “in-progress” and parsing scripts are marked as “deferred”, which are resources awaiting execution after parsing is complete. When the document load state is complete, a load event is fired. In a situation where the browser encounters an error while loading an invalid content, the error state is logged in browser console but not directly visible to the end-user.

CSS3, HTML, UI layout, HTML5

CSS interpretation and Page rendering
Using standard CSS lexicon and syntax containing CSS rules with selectors and objects, resources are parsed into a stylesheet object. This is a stateless activity as CSS parsers operate top-down or bottom-up, depending on the parser generator in use. The browser renders the page by creating a ‘Frame Tree’ and calculating the CSS style values for each node. Furthermore, the browser then calculates the preferred width, actual width, height, coordinates, textures, wrapping, margins, borders, and padding of each node in the ‘Frame Tree’ bottom-up using the standard CSS set rules. Next, it creates layers that describe what parts of the page can be logically grouped for animation without being re-rasterized. The CPU can either rasterize the transversed render objects for each layer or drawn on the GPU directly, using D2D/SkiaGL for rendering on the backend.

Page rendering, CSS3, HTML, UI layout, HTML5

GPU Rendering
During rendering, the graphical computing layers either make use of a general-purpose CPU or the graphical processor’s GPU for advanced rendering. In cases where a refresh or reload command is triggered, the pre-existing values are used, excluding complex web applications where interactive user fields are present. The browser then refines the output using logical composite commands, which are enforced using hardware acceleration drivers like Direct3D/OpenGL. The GPU command buffer flushes for asynchronous rendering, and the frame is forwarded. After rendering, the browser finally executes other applicable scripts, including Flash (deprecated), interactive hardware plugins, and the requested query displays.

google.com loaded

Other websites involving a process excerpt from the CIA (confidentiality, Integrity, Availability) triad including extended input parsing, language translation, form submission, password authentication, proxy/firewall network, and web application integration require a more sophisticated approach.

Just as 4G networks led to the ubiquity of the smartphone and other smart devices, 5G networks will lead to the rise of billions of new devices connected to the Internet, all talking with one another at incredibly fast speeds with remarkably low latency. This will open up vast new possibilities for consumers, businesses and society as a whole – everything from self-driving cars on the road to the ability for doctors to conduct remote surgery from anyplace in the world.

Verizon 5G keynote at CES

At the 2019 CES in Las Vegas, for example, Verizon CEO Hans Vestberg laid out a compelling vision for 5G, noting that it would help to bring about “the Fourth Industrial Revolution.” There are many technologies today powering this Fourth Industrial Revolution – everything from artificial intelligence and robotics to the Internet of Things (IoT) and virtual reality – and all of them are being given a push forward by 5G. AI, for example, is making it possible to create self-driving cars, while the IoT is making it possible for smart devices to become ubiquitous, both in the home and within the enterprise.

To highlight the various ways that Verizon is already starting to make this 5G future a reality, Vestberg invited a number of key technology partners on stage with himself, including top executives from the New York Times, Walt Disney Studios, and drone company Skyward to showcase some of their best 5G projects. The New York Times, for example, is the middle of creating a new 5G journalism lab to support data-intensive technologies such as VR and AR, while Skyward is making it possible to control as many as one million drones from anywhere in the world. (And, indeed, during his CES keynote, Vestberg piloted a drone based in Los Angeles while on stage in Las Vegas)

Cybersecurity concerns in the 5G world

And, yet, this exciting new 5G world will encounter its own share of cybersecurity challenges. Hackers and cybercriminals in the world will still look for ways to access user data and profit from it. With billions of devices connected to the Internet, they will have an incredibly large attack surface in which it will be much easier to find the proverbial “weakest link” in the security chain. Geoffrey R. Morgan, Founding Partner at Fairchild Morgan Law, suggests that, “The exponential increase in speed, density and efficiency afforded by 5G technology will cause a dramatic rise in cybersecurity concerns, particularly by those industries that are among the first to utilize it.”

Moreover, the ability of hackers to cause harm and destruction will also mount exponentially. In today’s 4G world, a huge botnet formed by hacking into user devices in the home could be used to mount large-scale DDOS attacks on websites; in tomorrow’s 5G world, that same botnet could be used to take out an entire network of self-driving cars in a single city, leading to mayhem on the roads.

Obviously, then, cybersecurity is just as much a concern in the 5G world as it is in the 4G world – and perhaps more so. Vast amounts of remote sensors and smart devices hooked up to global supply chains, for example, will radically increase the complexity of securing corporate networks from intruders and cyber criminals. And the sheer amount of data being created by 5G networks will make it much more difficult to spot anomalies in user behavior resulting from hackers. According to one estimate, for example, the data output of a single autonomous vehicle in one day will equal the daily output of 3,000 people.

The 8 currencies of 5G

The good news is that 5G is still so new that there is time to make security a priority. That, says Verizon CEO Hans Vestberg, is one reason why the company has come up with the idea of 8 “currencies” for 5G. These currencies – peak data rate, mobile data volume, mobility, connected devices, energy efficiency, service deployment, reliability and latency – all represent key features of the Verizon 5G network that make it completely unlike anything we’ve seen before. For example, “peak data rate” refers to the ability to generate speeds of up to 10 Gbps, while “mobility” refers to the ability to stay connected while moving at speeds of up to 500 km/hour.

In the 3G and 4G world, the way that companies thought about their networks was in terms of two simple currencies: speed and throughput. In other words, how fast can you make uploads and downloads, and how much volume can your network handle at any point in time? But in a 5G world, companies need to expand their thinking from two currencies to eight currencies. Doctors and healthcare professionals, for example, place a tremendous value on “latency”: when they are doing remote surgeries, it is absolutely critical that end-to-end latency is as close to zero as possible. And, given the challenges posed by climate change, enterprises are much more aware of the value of the “energy efficiency” currency when it comes to 5G networks.

Using the 8 currencies of 5G to power future cybersecurity innovations

By taking this big picture view, it is possible to consider how the 8 currencies of 5G will have a positive impact on how we address cybersecurity issues in the future. Since 5G is not simply a faster version of 4G, but rather, an entirely new network architecture, it opens the door to entirely new security models for user privacy, identity management, and threat detection. For example, Hed Kovetz, CEO & Co-founder at Silverfort, notes that, “The 5G system incorporates secure identity management for identifying and authenticating users to ensure that only the genuine user can access services. Its new authentication framework enables mobile operators to choose authentication credentials, identifier formats and authentication methods for users and IoT devices.”

Moreover, the “mobility” currency, or the ability to stay connected while traveling at very fast speeds, means that it might be possible to create virtual security environments that travel with us as we move from point to point, regardless of which device we use, through the use of virtualization and cloud technologies. In fact, Robert Arandjelovic, Director of Product Marketing (Americas) at Symantec, suggests that, “A transition to 5G could lead to the complete obsolescence of the network perimeter. With the growth in cloud services and applications, the erosion of that perimeter has already begun… In a hyper-connected, non-perimeter world, the cloud and the endpoint become the new place where security technologies can be deployed to keep people safe.”

The “mobile data volume” currency means that emerging technologies that rely on vast amounts of data – such as machine learning and artificial intelligence – can now be deployed to create new AI-powered cybersecurity solutions. One idea that is gaining traction, for example, is using AI to spot anomalies in user and system behavior. This acts as a form of automated threat detection and mitigation, and helps to reduce the current dependence of 4G networks on user names and passwords as a way to keep users safe.

In many ways, AI cybersecurity solutions would benefit greatly from 5G. Aaron Bugal, Global Solutions Engineer at Sophos, notes that, “5G connectivity could help the way in which information integral to making a security decision is transported to the automated processes and people who need it. An example of this would be the ongoing benefit to artificial intelligence platforms that will only work best when they have as much information as possible to digest and learn from. Especially when they’re tasked with identifying unusual behavior across an organization, most of these platforms feed off data local to them, with devices that are remote or mobile unable to properly feed (upload) to these systems and typically exposing a short fall in awareness. 5G could unlock more data to get to an AI security platform in a shorter time and allow for best understanding of the organization and faster and accurate prediction of a security event.”

Cybersecurity and Verizon’s “Built on 5G” challenge

To help innovators come up with new 5G cybersecurity solutions, Verizon has launched a “Built on 5G Challenge” that offers a $1 million prize for a truly unique idea that builds on top of the 8 currencies of 5G. The “Built on 5G Challenge” will begin accepting submissions in April, with the winning team announced during Mobile World Congress Americas in October. For security researchers around the world, this could become a unique opportunity to make cybersecurity an enabling technology, rather than simply a “tax” on innovation. If the New York Times and Walt Disney Studios are creating their own showcase 5G labs, why can’t cybersecurity researchers also create their own 5G labs and launch innovative new products that use 5G?

Clearly, there is enormous potential for 5G to change how we address cybersecurity issues in the future. Many of the best technologies today – especially artificial intelligence – can be fully leveraged on these super-fast, low-latency 5G networks. As Verizon CEO Hans Vestberg noted at CES, “5G will change everything.” And that, of course, includes cybersecurity.

Thank you to Verizon Wireless for sponsoring this post

Sign up to see when 5G is coming to you!
Source: CPO Magazine

A British hacker whose cyberattacks took the nation of Liberia offline has been jailed for almost three years.

Daniel Kaye launched a series of attacks on Liberian cell phone operator Lonestar in October 2015, which became so powerful they knocked out the west African country’s internet the following year.
Kaye, 30, had been hired to carry out the attacks by a senior employee at rival operator Cellcom, Britain’s National Crime Agency said in a statement, although there is no suggestion that Cellcom was aware of the activity.
He pleaded guilty to creating and using a botnet, a series of computers connected in order to attack systems, and possessing criminal property last month. Kaye was sentenced on Friday at Blackfriars Crown Court in central London to two years and eight months in prison.
While living in Cyprus, Kaye used a botnet he had created to trigger repeated distributed denial of service (DDoS) requests on Lonestar, causing the company to spend around $600,000 in remedial action.
The additional impact of customers leaving the network caused the company to lose tens of millions of dollars in lost revenue, the NCA added.
Following his arrest in February 2017, Kaye was extradited to Germany, where he also admitted to attacks on Deutsche Telekom that affected around 1 million customers in November 2016.
“Daniel Kaye was operating as a highly skilled and capable hacker-for-hire,” Mike Hulett, Head of Operations at the NCA’s National Cyber Crime Unit, said.
“His activities inflicted substantial damage on numerous businesses in countries around the world, demonstrating the borderless nature of cyber crime,” he added. “The victims in this instance suffered losses of tens of millions of dollars and had to spend a large amount on mitigating action.”
Source: CNN

The internet is indeed an e-world of its own. As of 2012, a survey by Netcraft, a provider of cybercrime disruption services across a wide range of industries based in the UK showed that a total number of 144,000 websites launched daily, which amounts to over 51 million annually.

As of January 2018, (6 years later) the figure stood at 1,805,260,010 (over 1.8 billion) websites. Some of these websites grow big enough to rank among the world wide web’s top 500. Sadly, the rest of these websites get almost no visitors and rank lower not because they suck that bad, but just because the top can only fit too many at a time.

Below is a carefully researched, compiled and comprehensive list of 10 useful websites you wish you knew earlier.

1. The Internet Map
If not the coolest website on the internet right now, the internet map, designed by Ruslan Enikeev for a personal non-commercial project just as the name implies is indeed a map of the internet.

The internet map

The designer claims that this website continuously archives all other sites on the internet, representing them in dots. The sizes of the dots depict the ranking of the websites according to Alexa (Website ranking Algorithm by Amazon) making Google, Facebook among others a distinct turquoise sphere among the rest.

2. Radio Garden
Ever been curious enough to imagine how listening to radio stations from other countries sound? The user interface is quite intuitive, featuring a dynamic world map of live radio across the globe. It has navigation similar to google earth and unique features including Add favorite stations, history lookup, jingle mode, RDS, and mute mode guaranteed to make you want to bookmark this website immediately.

Radio Garden

Asides most social media websites, Radio Garden is ranked as one of the very few controversial sites where users get payable contents for free. The Radio Garden has a similar working concept as radiooooo.com asides the fact that radiooooo lets you choose your desired year and genre of radio.

3. Internet’s first website
The http://info.cern.ch/hypertext/WWW/TheProject.html created by Tim Berners-Lee is the home of the first website. Considering how there are over 1.8 billion websites in 2018, there was none 27 years ago. This first web page of the internet, published on August 6, 1991, was landmark informing the World of the world wide web project and ran on a NeXT computer at the European Organization for Nuclear Research, CERN. It comprises steps on how to create Web pages and explained the meaning of a hypertext.

first website

In the absence of CSS, and simplified website builders including Dreamweaver, Elementor, Divi, and Envato, you should prepare your mind for something ‘amazing,’ especially before attempting to open this website.

4. Web Oasis
Most times, it gets boring staring at that static google.com home page right? How about making https://weboas.is/ your homepage instead?
Asides the cool hacking theme, Web Oasis has prebuilt bookmarks of most websites across the internet with clear navigation links which unveil on mouse hover plus a fully customizable user interface/elements, an add-on for everyday use including News, Tech, Radio, Crypto, quick notepad editor, Weather, Finance, a secure password generator, and even an arcade game.
Web Oasis

It also has an embedded chat room, a 2-character shortcut search engine mode, and a section on the screen’s top right corner showing your local system information. Now, this is the real Google, literally housing all of your wants on a single website.

5. Cymath
If Cymath was available decades earlier than 2013, then the internet would have been a better place, especially for students looking for a step-by-step approach towards the solution to their mathematics problems. Cymaths is every student’s dream plus you can have all your assignments done, be it graphs or equations.
Cymath
It’s inventors believe in the ideology of open education, and that every student deserves math help that is reliable and accessible, powered by a combination of artificial intelligence and heuristics, so that it solves math problems step-by-step like a teacher would.

6. Konboot 
The fact this that this website is available on the surface web is amusing. Konboot prides themselves as the world’s best remedy for forgotten passwords for a simple reason – it bypasses the authentication process of your (or probably not your) operating system without overwriting your old password or leaving a digital footprint.
KonbootTechnically, this website lets you log in to any Windows or Mac Operating system with full rights without prior knowledge of the machine’s password. Konboot is designed primarily for tech repairs, forensic teams, and security audit reasons. Piotr Bania is the mastermind behind this rare tool.

7. User testing
Finally, a freebie on the internet that isn’t a hoax? Except for the fact that this isn’t free money, you earn it. User Testing or usability testing pays between $10 – $30 for every website you test. The goal of user testing is the get a digital product in front of a customer as early as possible.
User testingUsers are asked to perform a specific task that simulates real-world usage of usually a website. These tasks can be as easy as opening multiple pages across a selected website while having a voice and screen capture, A/B tests, preference tests and eventually taking a UI/UX review questionnaire afterward. These tests take less than 10 minutes to complete, no experience is required, and the is no cap on the number of tests a user can take per day.

8. Awwwards
Unlike Amazon’s Alexa, which ranks websites with algorithms based off of web statistics, visits, relevance, and SEO optimization strategy, Awwwards typically accepts website submissions and allow users to rate these sites based on four distinct features: design, usability, creativity, and content.
AwwwardsAwwwards is the abode of a vast collection of mind-blowing websites across the internet where users not only get a chance to rate them based on design, creativity, and innovation on the internet but also gather unexplored ideas regarding their next projects. Users are also able to query and search directories based on their respective niche as well as hire and apply for website design positions site wide.

9. Rhyme Zone
Are you a Poet, song lyricist, into essay writing, a rapper, or just looking for rhythm? Then you should try out Rhyme Zone. RhymeZone is arguably the best and fastest way to find English words for any writing. It has been running continuously since 1996.
Rhyme ZoneIt is a concise guide for finding corresponding rhymes, antonyms, synonyms, descriptive words, definition, thesaurus, lyrics, poems, homophones, similar sounding words, related words, similar spellings, picture search, Shakespearean novel search, and letter matching.

10. Library Genesis
Library Genesis is a search engine for the biggest archive of free e-books on the internet allowing free access to content that is otherwise paywalled or not digitized anywhere else on the internet.
Irrespective of the type of books you read; novels, tech, educational material, LibGen (Sci-Tech), Scientific articles, Fiction, Comics Standards, and Magazines, you are rest assured such books reside here.
Library GenesisLibGen initially used the domain name libgen.org but was forced to shut down and to suspend use of the domain name due to copyright issues from authors In late October 2015. The LibGen website is blocked by a handful of ISPs in the UK for obvious reasons. As of 5 June 2018, Library Genesis claims its database contains over 2.7 million books and 58 million science magazine files.

Bottomline: Now that you’ve probably bookmarked these rare but real websites, spread the love by telling someone about this today.