Reasons why you are being hacked

Weak passwords
Phishing is a common method of identity theft that utilizes fake e-mails which are sent to customers to acquire sensitive user information.
Insecure Internet Browsing 
Cyber threats that originate as the result of web browser vulnerabilities, can be controlled by using the latest versions of the web browser software, or by installing updates and configuring settings to disable applets, scripts, plugins and Active X controls.
Use of pirated software
Pirated software may be used to harvest Trojans and viruses in computer systems and since the software is “unsupported” the user is deprived of technical support.
Misuse of Portable storage devices.  
Lack of proper encryption
Some of the risks that one can expect from an unsecured network include: a

  1. Unauthorized access to files and data 
  2. Attackers may capture website traffic, user id and passwords, 
  3. Attackers may inject a software to log user key strokes and steal sensitive information 
  4. Unauthorized access to corporate network. (In the event that the user’s network is connected to a corporate network.)
  5.  A users IP address could be compromised and unauthorized users may use it for illegal transactions. 
Using Wireless Hotspots
While using public access points it is safe to use secure websites protected by the Secure Sockets Layer. Using infrastructure mode is safer than ad-hoc mode as it uses access controls to connect to network. A Virtual Private Network (VPN) is a secure way for a user to connect with their company network. (VPN creates secure access to private network over public connections.)

We Worship you lyrics

I love this song to an extent I decided to post it here.

We Worship You

Oh Precious Savior Lord
And Friend
We've to come to honour you as king
Our joyful songs will rise
As anthems to our awesome God

We've set aside this time today
That you would come and have your way
Our hearts are open wide
To see the glory of our God

We worship you
We worship you
We worship Jesus

( We worship)

(We Worship)
( Jesus)

( Jesus)

We've set aside this time today
That you would come and have your way

The Most effective way of stealing Passwords and relevant information

In this blog, I'm going to discuss about keylogs and why they are malicious.
Keystroke logging,  is the action of recording (logging) the keys struck on a keyboard, it can also  be defined as  a piece of software — or, even scarier, a hardware device — that logs every key you press on your keyboard. It can capture personal messages, passwords, credit card numbers, and everything else you type.
The keylogger can theoretically reside in a malware hypervisor running underneath the operating system, which thus remains untouched. It effectively becomes a virtual machine.
 A program on the machine obtains root access to hide itself in the OS and intercepts keystrokes that pass through the kernel.
Writing simple software applications for keylogging can be trivial, and like any nefarious computer program, can be distributed as a trojan horse or as part of a virus.
Legitimate programs may have a keylogging function which can be used to call certain program functions using “hotkeys,” or to toggle between keyboard layouts (e.g. Keyboard Ninja).
There is a lot of legitimate software which is designed to allow administrators to track what employees do throughout the day, or to allow users to track the activity of third parties on their computers. However, the ethical boundary between justified monitoring and espionage is a fine line. Legitimate software is often used deliberately to steal confidential user information such as passwords.

It is more difficult, however, for users to combat keyloggers; the only possible method is to use an appropriate security solution, as it’s usually impossible for a user to tell that a keylogger has been installed on his/ her machine.

Eight Important Oracle Storage Capabilities and Database Benefits

Oracle Intelligent Storage Protocol (OISP)
OISP is a unique communications protocol that enables Oracle Database 12c to communicate dynamically with the ZFS Storage Appliance to automatically tune critical factors, including logbias and record size, for optimal database performance. With OISP, storage administrators reduce manual tuning tasks by 65 percent, it is only available for ZFS Storage Appliances.

Oracle Database Hybrid Columnar Compression (HCC) for Oracle Exadata and Oracle Storage 
Systems Oracle Database HCC, available only with Oracle Exadata and Oracle storage systems, enables customers to compress data 12 to 50 times, depending on usage, resulting in a 3 to 5 times reduction in storage capacity requirements. HCC combines with new features in Oracle Database 12c to provide Heat Map and Automatic Data Optimization (ADO) in Oracle Advanced Compression.

Quality of Service (QoS) Plus for FS1
QoS Plus is a policy-based virtualization feature, incorporating business priority I/O (input/output) queue management fused with sub-LUN (logical unit number) automatic tiering into one simple management framework.

Application Profiles for FS1 Oracle FS1 Flash Storage System
Comes with predefined application profiles that provide tuned and tested out-of-the-box storage optimization for Oracle Database and key enterprise applications, including non-Oracle applications such as Microsoft Exchange.

Hybrid Storage Pools 
Oracle ZFS Storage Appliances leverage Hybrid Storage Pools intelligent data caching algorithm and architecture to ensure that up to 70–90 percent of “hot” I/O is processed in DRAM (in memory) — up to  44 2TB per system, frequently accessed data is cached in flash, and less-frequently accessed data is read from disk when needed. This ensures continuous and optimal storage performance and efficiency, with no enduser involvement required (refer to Chapter 2 for a full description).

Snap Management Utility
The Oracle Snap Management Utility for Oracle Database is a standalone management tool specifically engineered to work with the ZFS Storage Appliance. It provides

  1.  A simple, fast, efficient, and automatic way to back up, restore, clone, and provision Oracle Databases that are stored on the ZFS Storage Appliance — all performed directly by the database administrator with a graphical user interface 
  2.  One-step provisioning of database copies to accelerate development and test environments 
  3.  Support for Oracle Solaris, Linux, and Windows clients and database hosts, for databases configured for NAS or SAN storage types 
  4.  Support for Oracle Real Application Clusters (Oracle RAC)
Oracle Enterprise Manager (EM) and Oracle VM Integration 
Oracle EM is Oracle’s cross-system, global management, and monitoring tool. With Oracle EM plug-ins for engineered systems, Oracle FS1, and Oracle ZFS Storage, users can monitor and manage their entire Oracle environment from application to storage from a single pane of glass. EM plug-ins enable DBAs to monitor and manage storage resources with storage administration involvement.

Oracle Storage Archive Manager and Long-term Archiving 
Oracle StorageTek Storage Archive Manager (SAM) enables policy-based archiving and classification and provides ready access to data throughout its life cycle. 


How HTTPS Bicycle Attack Works

It is usually assumed that HTTP traffic encapsulated in TLS doesn’t reveal the exact sizes of its parts, such as the length of a Cookie header, or the payload of a HTTP POST request that may contain variable-length credentials such as passwords.

The Bicycle attack, in the context of obtaining the length of a user's password from a browser request, is fairly simple. All a user needs to do is have a packet capture of requests to a known site, including an authentication (login) request containing an already known username and an unknown plain-text password. If an attacker can determine the user's browser and how that browser would send requests to the site, they can subtract the length of all the known data the browser would send except for the piece of information they are interested in, which will result in them knowing the length of the unknown data.


  • Obtain a packet capture (i.e. via a Man-in-the-Middle attack) which has stream-cipher TLS traffic of encrypted browser requests to a known website, including one where there was likely to be a password sent in an authentication request. The target site may be revealed in the packet capture in the form of a DNS request, or the attacker may be able to find this out with some reconnaissance.
  • Obtain a "User-Agent" string from the packet capture or determine which browser the target was using.
  • Replicate browser requests to the site using the same browser. This will reveal the lengths of the requests to various pages on the site.
  • From the encrypted TLS payloads of the browser requests in the packet capture, extract the lengths of the payloads.
  • Compare the Pearson correlation coefficient for the plain-text and encrypted requests. This will enable to compare plain-text and encrypted request lengths in order to reveal which encrypted TLS requests are for which pages (URLs) of the website.

Five Phases Hacker Must Follow

Phase 1—Reconnaissance 
Reconnaissance refers to the preparatory phase where an attacker gathers as much information as possible about the target prior to launching the attack. Also in this phase, the attacker draws on competitive intelligence to learn more about the target. This phase may also involve network scanning, either external or internal, without authorization.

Phase 2 - Scanning
Scanning is the method an attacker performs prior to attacking the network. In scanning, the attacker uses the details gathered during reconnaissance to identify specific vulnerabilities. Scanning can be considered a logical extension (and overlap) of the active reconnaissance.

Phase 3 - Gaining Access 
Gaining access is the most important phase of an attack in terms of potential damage. Attackers need not always gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system.

Phase 4 - Maintaining Access
Once an attacker gains access to the target system, the attacker can choose to use both the system and its resources, and further use the system as a launch pad to scan and exploit other systems, or to keep a low profile and continue exploiting the system. Both these actions can damage the organization. For instance, the attacker can implement a sniffer to capture all network traffic, including telnet and ftp sessions with other systems.

Phase 5 - Covering Tracks 

This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process, e.g., a buffer overflow attack will usually leave a message in the system logs. Next, the attention is turned to effecting changes so that future logins are not logged. By manipulating and tweaking the event logs, the system administrator can be convinced that the output of his/her system is correct, and that no intrusion or compromise has actually taken place. 

What is REST?

REST stands for Representational State Transfer. (It is sometimes spelled "ReST".) It relies on a stateless, client-server, cacheable communications protocol -- and in virtually all cases, the HTTP protocol is used.

Secure Transactions with EMV chips goodbye magnetic chips

EMV -- which stands for Europay, MasterCard and Visa -- is a global standard for cards equipped with computer chips and the technology used to authenticate chip-card transactions. In the wake of numerous large-scale data breaches and increasing rates of counterfeit card fraud, U.S. card issuers are migrating to this new technology to protect consumers and reduce the costs of fraud.
"These new and improved cards are being deployed to improve payment security, making it more difficult for fraudsters to successfully counterfeit cards," says Julie Conroy, research director for retail banking at Aite Group, a financial industry research company. "It's an important step forward."
For merchants and financial institutions, the switch to EMV means adding new in-store technology and internal processing systems, and complying with new liability rules. For consumers, it means activating new cards and learning new payment processes.
Most of all, it means greater protection against fraud.
Want to know more about the transition and your new EMV chip-equipped credit card? Here are eight frequently asked questions to help you understand the changes.
1. Why are EMV cards more secure than traditional cards?
It's that small, metallic square you'll see on new cards. That's a computer chip, and it's what sets apart the new generation of cards.
The magnetic stripes on traditional credit and debit cards store contain unchanging data. Whoever accesses that data gains the sensitive card and cardholder information necessary to make purchases. That makes traditional cards prime targets for counterfeiters, who convert stolen card data to cash.

"If someone copies a mag stripe, they can easily replicate that data over and over again because it doesn't change," says Dave Witts, president of U.S. payment systems for Creditcall, a payment gateway and EMV software developer.
Unlike magnetic-stripe cards, every time an EMV card is used for payment, the card chip creates a unique transaction code that cannot be used again.
If a hacker stole the chip information from one specific point of sale, typical card duplication would never work "because the stolen transaction number created in that instance wouldn't be usable again and the card would just get denied," Witts says.
EMV technology will not prevent data breaches from occurring, but it will make it much harder for criminals to successfully profit from what they steal.
Experts hope it will help significantly reduce fraud in the U.S., which has doubled in the past seven years as criminals have shied away from countries that already have transitioned to EMV cards, Conroy says.
"The introduction of dynamic data is what makes EMV cards so effective at bringing down counterfeit card rates in other countries," she says.
2. How do I use an EMV card to make a purchase?
Just like magnetic-stripe cards, EMV cards are processed for payment in two steps: card reading and transaction verification.
However, with EMV cards you no longer have to master a quick, fluid card swipe in the right direction. Chip cards are read in a different way. 
"Instead of going to a register and swiping your card, you are going to do what is called 'card dipping' instead, which means inserting your card into a terminal slot and waiting for it to process," Conroy says.
When an EMV card is dipped, data flows between the card chip and the issuing financial institution to verify the card's legitimacy and create the unique transaction data. This process isn't as quick as a magnetic-stripe swipe.
"It will take a tiny bit longer for that transmission of data to happen," Witts says. "If a person just sticks the card in and pulls it out, the transaction will likely be denied. A little bit of patience will be involved."
While chip card transactions may take a bit longer than mag stripe transactions, total card processing time will vary between merchants and eventually speed up as the new payment environment is improved.
“It will vary depending on the merchant, the equipment and the point-of-sale system,” Ferenczi said. “I think that time lag overtime will be reduced for those longer transactions.”
3. Is card dipping the only option?
Not necessarily. EMV cards can also support contactless card reading, also known as near field communication.
Instead of dipping or swiping, NFC-equipped cards are tapped against a terminal scanner that can pick up the card data from the embedded computer chip.
"Contactless transactions are more consumer-friendly because you just have to tap," said Martin Ferenczi, president of Oberthur Technologies, the leading global EMV product and service provider. "Around the world, there is a move to make EMV cards dual-interface, which means contact and contactless. However, in the U.S., most financial instructions are issuing contact cards."
Dual-interface cards and the equipment needed to scan them are expensive. Right now, the first step is to successfully integrate EMV cards into the U.S. shopping scene. Dual interface will arrive later, according to Ferenczi.
“Dual-interface cards represent an excess of 40 percent of all cards issued outside the U.S. and I have no doubt that while we have a small base of 3 to 5 percent in the U.S. today, that percentage will grow significantly over the next year,” he said. “I think that we will start seeing an acceleration this year and further acceleration in 2017.”

Technology behind facebook

Software that helps Facebook scale
In some ways Facebook is still a LAMP site (kind of), but it has had to change and extend its operation to incorporate a lot of other elements and services, and modify the approach to existing ones.
For example:
  • Facebook still uses PHP, but it has built a compiler for it so it can be turned into native code on its web servers, thus boosting performance.
  • Facebook uses Linux, but has optimized it for its own purposes (especially in terms of network throughput).
  • Facebook uses MySQL, but primarily as a key-value persistent storage, moving joins and logic onto the web servers since optimizations are easier to perform there (on the “other side” of the Memcached layer).
Then there are the custom-written systems, like Haystack, a highly scalable object store used to serve Facebook’s immense amount of photos, or Scribe, a logging system that can operate at the scale of Facebook (which is far from trivial).
But enough of that. Let’s present (some of) the software that Facebook uses to provide us all with the world’s largest social network site.
Memcached is by now one of the most famous pieces of software on the internet. It’s a distributed memory caching system which Facebook (and a ton of other sites) use as a caching layer between the web servers and MySQL servers (since database access is relatively slow). Through the years, Facebook has made a ton of optimizations to Memcached and the surrounding software (like optimizing the network stack).
Facebook runs thousands of Memcached servers with tens of terabytes of cached data at any one point in time. It is likely the world’s largest Memcached installation.
HP, being a scripting language, is relatively slow when compared to code that runs natively on a server. HipHop converts PHP into C++ code which can then be compiled for better performance. This has allowed Facebook to get much more out of its web servers since Facebook relies heavily on PHP to serve content.
A small team of engineers (initially just three of them) at Facebook spent 18 months developing HipHop, and it is now live in production.
Haystack is Facebook’s high-performance photo storage/retrieval system (strictly speaking, Haystack is an object store, so it doesn’t necessarily have to store photos). It has a ton of work to do; there are more than 20 billion uploaded photos on Facebook, and each one is saved in four different resolutions, resulting in more than 80 billion photos.
And it’s not just about being able to handle billions of photos, performance is critical. As we mentioned previously, Facebook serves around 1.2 million photos per second, a number which doesn’t include images served by Facebook’s CDN. That’s a staggering number.
BigPipe is a dynamic web page serving system that Facebook has developed. Facebook uses it to serve each web page in sections (called “pagelets”) for optimal performance.
For example, the chat window is retrieved separately, the news feed is retrieved separately, and so on. These pagelets can be retrieved in parallel, which is where the performance gain comes in, and it also gives users a site that works even if some part of it would be deactivated or broken.
Cassandra is a distributed storage system with no single point of failure. It’s one of the poster children for the NoSQL movement and has been made open source (it’s even become an Apache project). Facebook uses it for its Inbox search.
Other than Facebook, a number of other services use it, for example Digg. We’re even considering some uses for it here at Pingdom.
Scribe is a flexible logging system that Facebook uses for a multitude of purposes internally. It’s been built to be able to handle logging at the scale of Facebook, and automatically handles new logging categories as they show up (Facebook has hundreds).
Hadoop is an open source map-reduce implementation that makes it possible to perform calculations on massive amounts of data. Facebook uses this for data analysis (and as we all know, Facebook has massive amounts of data). Hive originated from within Facebook, and makes it possible to use SQL queries against Hadoop, making it easier for non-programmers to use.
Both Hadoop and Hive are open source (Apache projects) and are used by a number of big services, for example Yahoo and Twitter.
Facebook uses several different languages for its different services. PHP is used for the front-end, Erlang is used for Chat, Java and C++ are also used in several places (and perhaps other languages as well). Thrift is an internally developed cross-language framework that ties all of these different languages together, making it possible for them to talk to each other. This has made it much easier for Facebook to keep up its cross-language development.
Facebook has made Thrift open source and support for even more languages has been added.
Varnish is an HTTP accelerator which can act as a load balancer and also cache content which can then be served lightning-fast.
Facebook uses Varnish to serve photos and profile pictures, handling billions of requests every day. Like almost everything Facebook uses, Varnish is open source.
Other things that help Facebook run smoothly
We have mentioned some of the software that makes up Facebook’s system(s) and helps the service scale properly. But handling such a large system is a complex task, so we thought we would list a few more things that Facebook does to keep its service running smoothly.


Facebook has a system they called Gatekeeper that lets them run different code for different sets of users (it basically introduces different conditions in the code base). This lets Facebook do gradual releases of new features, A/B testing, activate certain features only for Facebook employees, etc.
Gatekeeper also lets Facebook do something called “dark launches”, which is to activate elements of a certain feature behind the scenes before it goes live (without users noticing since there will be no corresponding UI elements). This acts as a real-world stress test and helps expose bottlenecks and other problem areas before a feature is officially launched. Dark launches are usually done two weeks before the actual launch.
Facebook carefully monitors its systems (something we here at Pingdom of course approve of), and interestingly enough it also monitors the performance of every single PHP function in the live production environment. This profiling of the live PHP environment is done using an open source tool called XHProf.
If Facebook runs into performance issues, there are a large number of levers that let them gradually disable less important features to boost performance of Facebook’s core features.

Eight simple things you can do to protect your business data:

Conduct a security audit.
If you don’t know what parts of your business are vulnerable or what data you have that needs to be protected, you can’t properly secure it. It is critical that you work with a professional to audit your entire IT infrastructure—computers, network, and mobile devices—to determine what you need to do to prevent hackers from accessing your network.
Make staff aware of the important role they play in security. 
Your staff are your front line of defense when it comes to security. Sure, hackers can access your network remotely and siphon off data without setting foot in your office. However, vigilant employees (consultants, partners, and vendors, too) can ensure that human error—which is a big cause of data security breaches—is minimalized.
Use strong and multiple passwords.
Too many of us use simple passwords that are easy for hackers to guess. When we have complicated passwords, a simple “dictionary attack”—an attack by a hacker using an automated tool that uses a combination of dictionary words and numbers to crack passwords—can’t happen. Don’t write passwords down; commit them to memory.
Encrypt your data. Encryption is a great security tool to use in case your data is stolen. For example, if your hard disk is stolen or you lose your USB thumb drive, whoever accesses the data won’t be able to read it if it’s encrypted.
Back up.
Security is important, but if your data is not backed up, you WILL LOSE IT. Ensure that your data is properly backed up, and test the backup to ensure that your data can be recovered when you need it. A One-Page Expert Guide from Ramon Ray Editor & Technology Evangelist, 8 Tips to Protect Your Business and Secure Its Data
Have security policies.
It’s one thing to ask employees to work securely, but you must also have clear and simple policies in place for them to follow to ensure that they are working in a secure environment. For example, insist that all notebook computers connected to the corporate network have security software. Mandate that NO security information ever be given over the phone. Policies like this and more will help ensure that your staff are doing their part to be security aware.
Protect your mobile work force. 
Your sales team of 10 years ago is probably nothing like your sales team of today. With the proliferation of the BlackBerry, iPhone, and other mobile devices, more of your staff are working away from the office—and away from the protection of your network security. They are operating “in the open” on your customers’ networks, public networks at coffee shops, or free networks in the park. It is important to ensure that their mobile technology, often connected wirelessly, is as secure as possible.
Implement a multiple-security-technology solution.
Viruses that corrupt data are not the only security threat. Hackers, and their attacks, are more sophisticated than ever, and it is critical to have multiple layers of security technology on all your different devices (including each desktop, mobile device, file server, mail server, and network end point) to comprehensively secure your data. This multiple security will block attacks on your network and/or alert you to a problem so that you (or your IT expert) can take the appropriate action.

An Introduction To APIs

An Application Programming Interface (or API) is a way for two webpages and/or pieces of software to communicate with each other. An API works as a middleman, taking the request from one piece of software, and then replying with the appropriate response from the other.
One example of an API you may be familiar with is the Create publish and share function. Using an API, we send a request to allow us to post on your social media account such as Twitter. The Twitter API then responds by posting a status update on your social media account.
The Create API opens up the possibility to streamline a number of tasks in the day-to-day running of your business by allowing for the easy creation of Apps. For instance, an App could be set up using the API to automatically transfer your shop orders into your accounting software.

As a Developer

As a Developer, you have the option of creating Apps for yourself or client, and making these publicly available to Create customers as well. To learn more, and to read our Developer Documentation, see our API Information for Developers guide.

How much will Twitter ads cost?

Your bid and budget come into play when controlling the spend in your campaign. Twitter Ads is an auction based system, so your budget and bid determine the price of your campaign. There is no minimum for using Twitter Ads and our system will only charge advertisers when you acquire an action (based on your campaign objective). While we cannot provide an exact price for the cost of Twitter Ads, since this is based on your budget and bid, you can view the pricing definitions below to get an idea of how much you will end up paying. It’s important to note that advertisers are never charged for organic activity.

When setting up a campaign, advertisers have two options to choose from when determining how to set bids for their campaigns, automatic or maximum bidding.

Automatic bidding is a bidding option that enables Twitter to auto-optimize bids for a given campaign objective and budget on the advertiser’s behalf. When selecting the automatic bid option, Twitter will attempt to enter the advertiser in auctions with the lowest bid possible, while also delivering on the advertiser’s overall campaign objectives.

Maximum bidding allows users to manually select how much a follow, lead, click or engagement is worth to their business. When entering your manual bid, you will not pay that amount when you win an objective-based campaign auction. Instead, you will only pay one penny above the second place advertiser’s quality-adjusted bid. The common term for this model is a second price auction.
Your campaign type determines which actions you are bidding for and will be charged for once the campaign starts running.  The available campaign types and associated actions are listed below:
Website Clicks or Conversions Campaigns:
You will only be charged for the clicks to your website that are acquired from that campaign.  All other actions and engagements (impressions, replies and retweets for example) are free.
Maximum bid pricing option suggestion: $1.68 – $10.00
Followers Campaigns:
You will only be charged for the follows you acquire from that campaign.  All other actions and engagements (impressions, replies and retweets for example) are free.
Maximum bid pricing option suggestion: $2.50 - $3.50
Tweet Engagement Campaigns:
You will only be charged for engagements on your Promoted Tweets.  Impressions are free.
Maximum bid pricing option suggestion: $1.50 - $2.50
App Installs or App Engagement Campaigns:
You will only be charged for clicks to install or open your App you acquire from that campaign.  All other actions and engagements (impressions, replies and retweets for example) are free.
Maximum bid pricing option suggestion: $1.95 – $3.25
Leads Campaigns:
You will only be charged for the leads acquired.  All other actions and engagements (impressions, replies and retweets for example) are free.
Maximum bid pricing option suggestion: $4.47 – $23.00
Video View Campaigns:
You will only be charged for video views from that campaign. A view occurs when a video is 100% in-view on the user’s device and has been watched for at least 3 seconds, or the user clicks to watch the video in full screen. All other actions and engagements (impressions, replies and retweets for example) are free.

Maximum bid pricing option suggestion: $0.10 – $0.50

Difference betweeen AdWords and AdWords Express

There’s no advantage to using both advertising products at the same time. Using both AdWords and AdWords Express can complicate your ad management and cause your ads to compete against each other, so we recommend using only one of these advertising tools at a time.

Compare products at a glance

 AdWords ExpressAdWords
Pay only for clicksYesYes
Automated managementYesNo
Easy solution for businesses without a websiteYesNo
Ads on Google Search and Google MapsYesYes
Ads on other related websitesLimitedYes
Mobile adsYesYes
Other advanced ad formats (e.g. video)NoYes
Ability to target ads geographicallyAnywhereAnywhere
Both AdWords and AdWords Express allow you to increase the number of times and the number of places where your business info appears. With either advertising product you can use targeted messaging in your ads to attract and engage potential customers.

Theme used for online shopping

Liquid reference

Liquid is an open-source template language created by Shopify and written in Ruby. It is the backbone of Shopify themes and is used to load dynamic content on storefronts.
Read about the basics of Liquid, or check out reference material on objectstags, andfilters.