Skip navigation
Help

web security

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

Today, a large collection of Web hosting and service companies announced that they will support Railgun, a compression protocol for dynamic Web content. The list includes the content delivery network and Web security provider CloudFlare, cloud providers Amazon Web Services and Rackspace, and thirty of the world’s biggest Web hosting companies.

Railgun is said to make it possible to double the performance of websites served up through Cloudflare’s global network of data centers. The technology was largely developed in the open-source Go programming language launched by Google; it could significantly change the economics of hosting high-volume websites on Amazon Web Services and other cloud platforms because of the bandwidth savings it provides. It has already cut the bandwidth used by 4Chan and Imgur by half. “We've seen a ~50% reduction in backend transfer for our HTML pages (transfer between our servers and CloudFlare's),” said 4Chan’s Chris Poole in an e-mail exchange with Ars. “And pages definitely load a fair bit snappier when Railgun is enabled, since the roundtrip time for CloudFlare to fetch the page is dramatically reduced. We serve over half a billion pages per month (and billions of API hits), so that all adds up fairly quickly.”

Rapid cache updates

Like most CDNs, CloudFlare uses caching of static content at its data centers to help overcome the speed of light. But prepositioning content on a forward server typically hasn’t helped performance much for dynamic webpages and Web traffic such as AJAX requests and mobile app API calls, which have relatively little in the way of what’s considered static content. That has created a problem for Internet services because of the rise in traffic for mobile devices and dynamic websites.

Read 13 remaining paragraphs | Comments

0
Your rating: None

Imagine installing a service on your cellphone that lets you see all the data – from location to address book info – transmitted by your phone. Or a simple website where you and your friends could have private chats that couldn’t be read by the most aggressive spying agencies. Or a service that lets you know how many tracking codes are on a site before you clicked on it.

Lam Thuy Vo
One of the coders at the Data Transparency Weekend models the official T-shirt from the event.

Over the weekend, more than 100 computer programmers built those tools and many more at the Wall Street Journal’s first-ever Data Transparency Weekend in New York.

The event was an outgrowth of the Journal’s extensive reporting about how companies and government’s are increasingly using technology to collect personal data. The event was designed to promote the creation of tools that let people see and control their personal data.

After a weekend of coding, nearly 20 projects were submitted for judging on Sunday. The entries were judged by Alessandro Acquisti, professor of information technology and public policy at Carnegie Mellon, Sid Stamm, Web security and privacy strategist at Mozilla and Andrew McLaughlin, former deputy chief technologist at the White House and vice president at Tumblr.

Danny Weitzner, the deputy chief technologist at the White House, handed out the certificates to the winning teams. The winners were:

Outstanding Scanning Project: TOSBack2 – a project to scan the Web to build a “living archive” of all privacy policies online.

Outstanding Education Project: PrivacyBucket – software that lets users of the Chrome Web browser view the type of demographic estimates that Web tracking companies make about them based on their Web browsing history.

Outstanding Control Project: Cryptocat – an instant messaging service that lets people engage in encrypted chats inside their Web browsers or on their phones. Extra bonus: the program lets people generate random numbers (which are needed for encryption) by shaking their phone – allowing the creators to say that their program is powered by dance moves.

Judge’s Choice Award: Site Scoper – a website that scans for tracking files and sensitive content on websites before you visit it.

“Ready for Primetime” Award: MobileScope – a service that lets people see what data is being transmitted without their knowledge by their cellphone. It also offers ad-blocking and do-not-track services for cellphones.

The judges also dreamed up their own three award categories:

The Zuckerberg/Systrom Memorial Award for Opportunistic Optimism Award: Pestagram, for its blatantly commercial mashup of hot Web technologies Instagram and Pinterest.

Best Listener Award: The Price of Free, for the fact that the project was generated by Professor Acquisti’s speech kicking off the weekend, in which he challenged participants to find ways to quantify how much people are paying with their data for free services.

And, finally, The Soup Cans and String Winner: Ostel, for its work on technology that allows people to make encrypted cellphone calls using voice-over-the-Internet technology.

For more photos and news from the weekend, check out the Storify coverage:

Day 1

Day 2

Day 3

0
Your rating: None


TEDxMaui - Jeremiah Grossman - Hack Yourself First

About the Speaker: Jeremiah Grossman is a world-renowned expert on Internet security and the founder of WhiteHat Security, where he oversees Web security, R&D and industry evangelism. Named one of InfoWorld's top 25 CTOs, Grossman is a Maui High graduate and "self-confessed" hacker who speaks at top universities and conferences worldwide. Recorded at TEDxMaui 2012, held on January 22, 2012 at the Maui Arts & Cultural Center.
From:
TEDxTalks
Views:
71

6
ratings
Time:
13:21
More in
Nonprofits & Activism

0
Your rating: None

brothke writes "In the classic poem Inferno, Dante passes through the gates of Hell, which has the inscription abandon all hope, ye who enter here above the entrance. After reading The Tangled Web: A Guide to Securing Modern Web Applications, one gets the feeling the writing secure web code is akin to Dante's experience." Read below for Ben's review.



Read more of this story at Slashdot.

0
Your rating: None