The Web Won't Be Safe or Secure until We Break It. Related Content Security in the Browser Web browsers leave users vulnerable to an ever-growing number of attacks. Can we make them secure while preserving their usability? Browse this Topic: Queue on Reddit Jeremiah Grossman, WhiteHat Security The Internet was designed to deliver information, but few people envisioned the vast amounts of information that would be involved or the personal nature of that information. If people knew just how much of their personal information they unwittingly make available to each and every Web site they visit—even sites they've never been to before—they would be disturbed. Obtaining all this information has been possible for years.
Drive-by downloads seek to escape the confines of the browser walls and infect the computer's operating system below with malware. These attacks are primarily written with HTML, CSS (Cascading Style Sheets), and JavaScript, so they are not identifiable as malware by antivirus software in the classic sense. Nonstarter Solutions. 11 hard truths about HTML5. HTML5 heralds some nifty new features and the potential for sparking a Web programming paradigm shift, and as everyone who has read the tech press knows, there is nothing like HTML5 for fixing the Internet. Sprinkle some HTML5 into your code, and your websites will be faster and fancier -- it'll make your teeth white, too. But the reality of what HTML5 can do for those seeking native-app performance on the Web falls short of the hype. After several years of enjoying HTML5's sophisticated new tags and APIs, the time is ripe to admit that there are serious limitations with the model. Not only are there reasons to grouse about HTML5 failing to fulfill our Web nirvana dreams, there are even reasons to steer away from HTML5 in some cases.
The truth is, despite its powerful capabilities, HTML5 isn't the solution for every problem. What follows is a list of 11 hard truths Web developers must accept in making the most of HTML5. There are limits to the security problems that can be incurred. The Dirty Little Secrets of Search. PRETEND for a moment that you are Google’s search engine. Someone types the word “dresses” and hits enter. What will be the very first result? There are, of course, a lot of possibilities.
Macy’s comes to mind. O.K., how about the word “bedding”? “Area rugs”? You could imagine a dozen contenders for each of these searches. J. The company bested millions of sites — and not just in searches for dresses, bedding and area rugs. This striking performance lasted for months, most crucially through the holiday season, when there is a huge spike in online shopping. With more than 1,100 stores and $17.8 billion in total revenue in 2010, Penney is certainly a major player in American retailing.
Does the collective wisdom of the Web really say that Penney has the most essential site when it comes to dresses? Despite the cowboy outlaw connotations, black-hat services are not illegal, but trafficking in them risks the wrath of Google. TO understand the strategy that kept J. Who is that someone? “J. Snapshot of global internet speeds revealed. 28 July 2010Last updated at 12:27 The world's internet is getting faster - slowly A report based on analysis of huge amounts of net traffic has revealed the state of the internet around the globe.
The data, from network giant Akamai reveals the average global net speed is only 1.7Mbps (megabits per second) although some countries have made strides towards faster services. The fastest broadband city in the world is Masan in South Korea. In the speed league table, the UK is ranked 27th out of 201 countries, with an average speed of 3.8Mbps.
Continue reading the main story Average net speed by region South Korea 12Mbps Hong Kong 9Mbps Japan 7.8Mbps Romania 6.3Mbps Latvia 6.3Mbps Sweden 6.1Mbps Netherlands 5.9Mbps Czech Republic 5.4Mbps Denmark 5.3Mbps Switzerland 5.2Mbps This is below the 5.2Mbps average speed calculated by regulator Ofcom in its annual broadband report. Expensive bandwidth "Other countries have got faster," said David Belson, head of market intelligence at Akamai. Firefox 4 RC Vs. IE9 RC: The First Duel. Mozilla posted the first builds of the Release Candidate of Firefox on its FTP servers: Time for a first comparison with IE9 RC, its main rival. How fast is Mozilla’s Firefox 4 RC1? At the time of this writing, Mozilla’s Firefox 4 RC has not been released, at least not officially.
However, the first build of the release candidate was available openly for some time last Friday and we accepted the invitation to take a closer look. According to Mozilla’s developer posts, the Firefox team does not expect to make any more changes to the code of the posted RC (build1) and release it as the final version in the near future. In fact, the version posted on Mozilla’s FTP server was built from the Firefox 4.0 beta 13-pre builds based on the Mozilla 2.0 core . The version number of the browser tested in this article is “4.0″ and not “4.0 RC”. We feel confident that the browser on our computers is the version that will be released early in the week as Firefox 4.0 RC.
Firefox 4.0 RC Gateway NV59C </b>*} JavaScript expert: WebKit, get your bug-ridden house in order | Internet & Media. It was a good day for the WebKit browser engine yesterday when Opera Software adopted it in place of its in-house Presto . But yesterday's developments also became an opportunity for a high-profile JavaScript programmer to lodge criticisms about WebKit. "Each release of Chrome or Safari generates excitement about new bleeding-edge features; nobody seems to worry about the stuff that's already (still!) Broken," complained Dave Methvin, president of the jQuery foundation and a member of the core programming team that builds the widely used Web programming tool, in a blog post.
"jQuery Core has more lines of fixes and patches for WebKit than any other browser. In general these are not recent regressions, but long-standing problems that have yet to be addressed. " WebKit is a browser engine used initially in Apple's OS X and later in iOS and Google's Chrome products. It dominates in mobile, though there are variations among the versions from Apple, Google, and others using the software. Software Engineering for Internet Applications. Software Engineering for Internet Applications. JavaScript conquers the server | Application Development. May 25, 2011 Follow @peterwayner In 1996 when no one believed in Apple and AOL was voted most likely to succeed, Netscape took its shiny, new JavaScript language from the browser and stuck it in the Netscape Enterprise HTTP server. That was probably the first moment that someone tried to make JavaScript the lingua franca for back-office servers, but it wasn't the last.
After Netscape dissolved into Mozilla, new stacks with JavaScript have come and gone as the true believers try again and again. Now some 15 years later, JavaScript on the server is back in vogue. . [ Also on InfoWorld: 13 open source development projects making waves in the enterprlse. But some things are different this time. To understand the latest burst of enthusiasm, I spent some time installing a few of the more interesting JavaScript servers and building a few basic websites. Pillars of Python: Six Python Web frameworks compared | Application Development. August 10, 2011 Although Python is not as prevalent as, say, PHP as a language for Web applications, Python nevertheless has much to recommend it in that effort.
It is a dynamic, interpreted language, as is PHP, and therefore encourages iterative, exploratory development. Programming purists could point to the fact that object orientation was designed into Python from its very beginnings, rather than being retrofitted to the language at a later point in its life.
Language design considerations aside, the capabilities embodied in Python's standard libraries are impressive. . [ Also on InfoWorld: "InfoWorld review: Nine fine Python development tools" | Neil McAllister reveals the most dangerous programming mistakes. | Get software development news and insights from InfoWorld's Developer World newsletter. ] Of course, you don't need to do all that work.
In the following pages, we review six Web application frameworks for the Python Web developer. Thoughts on Flash. WebGL as a security problem.