* Posts by SilentLennie

11 publicly visible posts • joined 1 Mar 2011

Don't panic about domain fronting, an SNI fix is getting hacked out

SilentLennie

Re: But how?

They use TLS to connect to the DNS-server for example 1.1.1.1 or 8.8.8.8

Mozilla's Flash-killer 'Shumway' appears in Firefox nightlies

SilentLennie

Re: I thought that HTML5

Anyone serious about porting a large game as a webapplication uses WebGL.

For example, you take your existing OpenGL C++ game engine and 'just' recompile it with Emscripten/LLVM to 'asm.js' and run that in the browser:

https://www.youtube.com/watch?v=BV32Cs_CMqo

(Mozilla and the game engine developers did that port in only 4 days !)

But people have been using it for other things as well, how about porting emulators of old computers to asm.js/Javascript. For example to play old games:

https://archive.org/stream/The_Hobbit_v1.0_1982_Melbourne_House/The_Hobbit_v1.0_1982_Melbourne_House.z80?module=spectrum

They ported MESS which emulates a large number of devices:

https://archive.org/details/consolelivingroom

Or a DOS-emulator, so you can play 2400 old DOS games, like:

https://archive.org/details/msdos_Wolfenstein_3D_1992

If DOS works, you can make WIndows 3.1 work too, so they did, with Internet access:

http://ascii.textfiles.com/archives/4546

SSL BEASTie boys develop follow-up 'CRIME' web attack

SilentLennie

Re: "Chrome and Firefox are both vulnerable to CRIME"

On an other website I've seen the author mention: we tested Firefox and Chrome and notified them, they both are working on fixes or have some prepared.

Which basically means, the other browsers don't know what the problem is, if they are vulnerable or how to fix it.

There is a talk by the authors about the CRIME-attack a conference, the conference is on 19, 20 or 21

That was the only information I could find.

The last time was the BEAST attack, it wasn't specific to OpenSSL at all. Maybe you meant the SSL renegotiation attack, that was kind of OpenSSL specific. But most servers do use OpenSSL, so it basically effected almost all servers installations except IIS on Windows.

Germans increase office efficiency with 'cloud ceiling'

SilentLennie

Now that is what I call cloudcomputing :-)

Now that is what I call cloudcomputing :-)

Google preps Chrome fix to slay SSL-attacking BEAST

SilentLennie

1024 ?

You are funny, most sites already use 2048 bit.

Researchers poke gaping holes in Google Chrome OS

SilentLennie

I'm surprised

I'm surprised this is a problem, because even if extensions exist in the same environment it is possible to program them in such a way that no other extension can read the data of an other extension.

Just look up Private Members in JavaScript by Crockford, basically you just create your extension data inside of it's own scope.

Firefox web 3D engine fosters image theft bug

SilentLennie

hardware acceleration

Most of the modern browsers all have hardware acceleration (IE9+, Opera 11+, Mozilla 4+, Chrome 11 or 12+) and this will probably mean you will see security issues in video-card drivers being exploited.

I don't believe Open-/WebGL is an exception.

The New C++: Lay down your guns, knives, and clubs

SilentLennie

JavaScript

"Years back I did a fair amount of coding in xBASE, an English-like language, and found that I could write substantial routines and often have them work first time, with ZERO bugs. I'd defy any coder to claim that to be possible In C-based languages."

Well people do it all the time in JavaScript.

Sizing a server to support desktop virtualisation

SilentLennie

webtechnologies and servers

I've been arguing that for years, it is much easier to manage a few webapplications on a few central servers than having to deal with all those desktops.

But I do not believe in cloud-computing very much, I think running your applications on your own hardware makes a lot more sense.

If you have many locations of the company, running your own hardware centrally or possible at a datacentre is a possibility. But I prefer to not have others deal with our data.

The Node Ahead: JavaScript leaps from browser into future

SilentLennie

Just eventloop

Hi Jolyon,

It just used the single threaded eventloop and a threadpool for the few Operating System API's which don't support proper async use.

Here is the long story:

http://developer.yahoo.com/yui/theater/video.php?v=dahl-node

SilentLennie

Netscape

Obviously Netscape was there first. They created a server which had JavaScript at it's core.

Technically, Microsoft never had a JavaScript engine, they had JScript, which is a bug-for-bug-compatible implementation of JavaScript or something like that. ;-).