HTML5 Web Messaging Abstract This specification defines two mechanism for communicating between browsing contexts in HTML documents. Status of This document This section describes the status of this document at the time of its publication. Implementors should be aware that this specification is not stable. If you wish to make comments regarding this document in a manner that is tracked by the W3C, please submit them via using our public bug database. If you cannot do this then you can also e-mail feedback to public-html-comments@w3.org (subscribe, archives), and arrangements will be made to transpose the comments to our public bug database. The working groups maintain a list of all bug reports that the editor has not yet tried to address and a list of issues for which the chairs have not yet declared a decision. The publication of this document by the W3C as a W3C Working Draft does not imply that all of the participants in the W3C Web Applications working group endorse the contents of the specification. The
BrowserSpy.dk Bigger than Heartbleed, 'Venom' security vulnerability threatens most datacenters Move over, Heartbleed. There's a new catastrophic vulnerability in town. A security research firm is warning that a new bug could allow a hacker to take over vast portions of a datacenter -- from within. The zero-day vulnerability lies in a legacy common component in widely-used virtualization software, allowing a hacker to infiltrate potentially every machine across a datacenter's network. For Venom security flaw, the fix is in: Patch your VM today Most datacenters nowadays condense customers -- including major technology companies and smaller firms -- into virtualized machines, or multiple operating systems on one single server. The cause is a widely-ignored, legacy virtual floppy disk controller that, if sent specially crafted code, can crash the entire hypervisor. The bug, found in open-source computer emulator QEMU, dates back to 2004. VMware, Microsoft Hyper-V, and Bochs hypervisors are not affected. The flaw may be one of the biggest vulnerabilities found this year.
Web Sockets : Mutually Human Software : Custom Software Strategy and Design, Mobile, Web Application, Product & Service, Software Craftsmanship, Ruby on Rails, Grand Rapids, Michigan Building applications for the web means working within the bounds of what is technically feasible over the Internet. For a long time the limitations of the Internet have forced developers to come up with unique approaches (read: dirty hacks) to deliver the best possible user experience they could muster. Building applications for the web means working within the bounds of what is technically feasible over the Internet. The challenge has been due largely to the very nature of the Internet. There has to be a better way What if there was a better way to deliver real-time information in a way that scales reliably and efficiently? What does this newfound ability give us? Well, immediately you can start to eliminate the waste of your applications that make AJAX polling requests every second for new changes to data. Besides updating our old polling applications, we can also start building real-time user experiences from the outset our applications.
A Primer on Information Theory and Privacy If we ask whether a fact about a person identifies that person, it turns out that the answer isn't simply yes or no. If all I know about a person is their ZIP code, I don't know who they are. If all I know is their date of birth, I don't know who they are. If all I know is their gender, I don't know who they are. There is a mathematical quantity which allows us to measure how close a fact comes to revealing somebody's identity uniquely. Because there are around 7 billion humans on the planet, the identity of a random, unknown person contains just under 33 bits of entropy (two to the power of 33 is 8 billion). ΔS = - log2 Pr(X=x) Where ΔS is the reduction in entropy, measured in bits, and Pr(X=x) is simply the probability that the fact would be true of a random person. Starsign: ΔS = - log2 Pr(STARSIGN=capricorn) = - log2 (1/12) = 3.58 bits of information Birthday: ΔS = - log2 Pr(DOB=2nd of January) = -log2 (1/365) = 8.51 bits of information How much entropy is needed to identify someone?
Polícias brasileiras não se protegem contra cibervigilância dos EUA De acordo com um telegrama de 2010 vazado pelo WikiLeaks, a embaixada dos Estados Unidos doou com regularidade computadores e outros equipamentos a diversos órgãos policiais brasileiros entre 2004 e 2009. O uso desses equipamentos doados passou a despertar preocupação depois que uma reportagem da revista alemã Der Spigel, de dezembro de 2013, revelou que uma unidade da NSA, agência de espionagem dos EUA, tem a capacidade de inserir dispositivos para “grampear” computadores, enviando todas as informações processadas pela máquina para a agência. O Observatório da Privacidade e Vigilância contatou os órgãos policiais brasileiros para saber se os computadores doados pelos EUA estavam em uso e se medidas preventivas foram tomadas para evitar o monitoramento. Além disso, a agência tem a capacidade de intervir nas máquinas à distância, por meio de dispositivos “remotamente instaláveis”.
Introducing Web Sockets: Bringing Sockets to the Web The Problem: Low Latency Client-Server and Server-Client Connections The web has been largely built around the so-called request/response paradigm of HTTP. A client loads up a web page and then nothing happens until the user clicks onto the next page. Around 2005, AJAX started to make the web feel more dynamic. Still, all HTTP communication was steered by the client, which required user interaction or periodic polling to load new data from the server. However, all of these work-arounds share one problem: They carry the overhead of HTTP, which doesn't make them well suited for low latency applications. Introducing WebSocket: Bringing Sockets to the Web The WebSocket specification defines an API establishing "socket" connections between a web browser and a server. Getting Started You open up a WebSocket connection simply by calling the WebSocket constructor: var connection = new WebSocket(' ['soap', 'xmpp']); Notice the ws:. Communicating with the Server
visitor statistic - Detecting a "unique" anonymous user Plod wants your PC? Brick it with a USB stick BEFORE they probe it Criminals, activists, and whistle-blowers have a new tool to help foil police by shutting down laptops before they are examined. "USBKill" is a script that turns an innocent-looking thumb drive into a kill switch that, when unplugged, forces computers to shut down. Author "Hephaestos" (@h3phaestos) says their tool will prevent users becoming the next Ross Ulbricht, the former boss of the Silk Road drug marketplace arrested in a raid in which his laptop was seized while still powered on. "USBKill waits for a change on your usb ports, then immediately kills your computer," Hephaestos says in a Github document. "The police will use a mouse jiggler to keep the screensaver and sleep mode from activating. "If this happens you would like your computer to shut down immediately." Users not content to trust that cops would pull USB sticks from laptops could attach it to their wrists so that it would unplug as they are tackled to the ground.