CA page 45 - Dave's Blog

Search
My timeline on Mastodon

Installable Web Apps - Google Code

2010 May 24, 6:29Installable web apps makes total sense given the Google Chrome OS: "An installable web app is a normal web site with a bit of extra metadata. You build and deploy this app exactly as you would build and deploy any web app, using any server-side or client-side technologies you like. The only thing that is different about an installable web app is how the app is packaged."PermalinkCommentstechnical web browser webapp google chrome

Schneier on Security: Alerting Users that Applications are Using Cameras, Microphones, Etc.

2010 May 24, 6:26"What You See is What They Get: Protecting users from unwanted use of microphones, cameras, and other sensors," by Jon Howell and Stuart Schechter.

"We introduce the sensor-access widget, a graphical user interface element that resides within an application's display. The widget provides an animated representation of the personal data being collected by its corresponding sensor, calling attention to the application's attempt to collect the data."

Not sure how well that scales...PermalinkCommentstechnical security privacy research

Ajaxian » FireBreath: Cross platform plugin framework

2010 May 24, 6:25FireBreath is a cross-platform web browser developement framework supporting ActiveX (for IE) and NPAPI (for everyone else).PermalinkCommentstechnical web browser plugin activex

Feasibility and Real-World Implications of Web Browser

2010 May 23, 4:32"The ability to detect visitors' browsing history requires just a few lines of code. Armed with a list of websites to check for, a malicious webmaster can scan over 25 thousand links per second (1.5 million links per minute) in almost every recent browser."PermalinkCommentstechnical privacy security web browser

Google Code Blog: Introducing the Google Font API & Google Font Directory

2010 May 19, 1:56Google offers up a directory of fonts available for use in your css.PermalinkCommentsgoogle font technical css typography

Mike Phirman

2010 May 19, 7:17A creative-commons released comedy album. Heard him on the Nerdist podcast where he played live several of the songs you'd imagine someone having a tough time playing live. Humorous and is that Weird Al I hear in Street Meat?PermalinkCommentsmusic humor mike-phirman cc creativecommons

[from sambrook] YouTube - Zeitgeist Europe 2010 - The Power of Data

2010 May 18, 12:21PermalinkCommentsvideo tim-berners-lee technical web google semanticweb

Speech Recognition with Javascript; speechapi.com

2010 May 17, 5:05"With speechapi.com's javascript API, it is possible to build interesting speech-web mashups that include both speech-to-text as well as text-to-speech."PermalinkCommentsapi javascript speech speech-to-text technical

A quote from Sacramento Credit Union

2010 May 14, 8:52It really is an actual quote from the Sacramento Credit Union's website: "The answers to your Security Questions are case sensitive and cannot contain special characters like an apostrophe, or the words “insert,” “delete,” “drop,” “update,” “null,” or “select.”"

Out of context that seems hilarious, but if you read the doc the next Q/A twists it like a defense in depth rather than a 'there-I-fixed-it'.PermalinkCommentstechnical security humor sql

face.com developers site » Documentation

2010 May 10, 9:08A facial recogonition web service. Cool possibilities...PermalinkCommentsapi development free photo face facial-recognition technical

Shepard Fairey - Interview Magazine

2010 May 10, 8:59Iggy Pop interviews Shepard Fairey, including his Obama HOPE poster and AP lawsuit:

"... but the American public is generally pretty superficial, so an image like that just allows them to project whatever limited idea they have onto it. Obviously, not everyone is like that—I actually think there were a lot of people who were bummed by the image because they felt it was shallow propaganda."

"If I spend time conceiving and making a piece of art and somebody else sees that it has market value and replicates it in order to steal part of my market, then that’s not cool. But the way I make art—the way a lot of people make art—is as an extension of language and communication, where references are incredibly important. It’s about making a work that is inspired by something preexisting but changes it to have a new value and meaning that doesn’t in any way take away from the original—and, in fact, might provide the original with a second life or a new audience."
PermalinkCommentsart legal law ip shepard-fairey obey interview

Kevin Frei @ NWCPP: Exception Handling Cost

2010 May 10, 7:23"Kevin Frei - Exception Hanlding Cost September 2006 meeting of the Northwest C++ Users Group. Discussion of the assembly language cost of exception handling on the x86 Windows and x64 Windows platform"PermalinkCommentsC++ programming language exception microsoft windows performance technical video

INTERCAL -- the Language From Hell

2010 May 10, 5:21An old article by Charles Stross on INTERCAL the satirical programming language. It contains great features such as 'come from' the inverse of 'goto'.PermalinkCommentsc programming humor technical language software charles-stross intercal goto

Comparison of CORS and UMP - Web Security

2010 May 7, 6:29UMP instead of CORS for cross-domain access control: "...a developer can read only UMP and ignore CORS, yet still create safe code. This code can successfully message with CORS resources that do not require credentials. UMP is therefore a way of messaging with the credential-free subset of CORS resources."PermalinkCommentsw3c security web browser technical

The Emperor’s New APIs: On the (In)Secure Usage of New Client-side Primitives

2010 May 6, 7:43Covers case studies of insecure usage of HTML5 cross-document messaging and web storage.PermalinkCommentshtml html5 web browser security technical webstorage research facebook google system:filetype:pdf system:media:document

IA & Web Advertising By Jenna Fogle

2010 May 6, 7:37Includes categorizations of Web advertising including approximate price ranges.PermalinkCommentsad advertising web html technical

FBJS - Facebook Developer Wiki

2010 May 6, 7:25Another subset of javascript and DOM access to make a sandbox: "FBJS is Facebook's solution for developers who want to use JavaScript in their Facebook applications. We built FBJS to empower developers with all the functionality they need, and to protect our users' privacy at the same time."PermalinkCommentssandbox web browser facebook html javascript technical security web-sandbox

google-caja - Project Hosting on Google Code

2010 May 6, 7:22"Caja allows websites to safely embed DHTML web applications from third parties, and enables rich interaction between the embedding page and the embedded applications. It uses an object-capability security model to allow for a wide range of flexible security policies, so that the containing page can effectively control the embedded applications' use of user data and to allow gadgets to prevent interference between gadgets' UI elements."PermalinkCommentssecurity web browser web-sandbox caja google javascript html technical

WebSandbox - Microsoft Live Labs

2010 May 6, 7:16"Today web gadgets, mashup components, advertisements, and other 3rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem."PermalinkCommentsweb browser web-sandbox technical javascript html windows live security sandbox microsoft silverlight

ADsafe

2010 May 6, 7:14"ADsafe defines a safe subset of the JavaScript Programming Language, and an interface that allows programs written in that language to usefully interact with a specific subtree of of the HTML document."PermalinkCommentstechnical ajax javascript json security advertising ad web browser web-sandbox
Older EntriesNewer Entries Creative Commons License Some rights reserved.