Category Archives: WWW

收 Wikimedia (包括維基百科) 的 Recent Changes

所以有新的 streaming protocol 取代本來的 RCStream:「Get live updates to Wikimedia projects with EventStreams」。 這次新的 protocol 是走標準協定: EventStreams is built on the w3c standard Server Sent Events (SSE). SSE is simply a streaming HTTP connection with event data in a particular text … Continue reading

Posted in CMS, Computer, Murmuring, Network, Programming, Wiki, WWW | Tagged , , , , , , , , , , , | Leave a comment

修改 User-Agent 讓 Office 365 服務變快...

在 Facebook 上看到剛剛在 Hacker News 上熱起來的「Onedrive is slow on Linux but fast with a “Windows” user-agent (2016)」這篇,引用了 2016 年在 Microsoft Community 上的討論:「Onedrive for Business open is very slow on Linux (Chrome/Firefox) but with very fast with a "Windows" user-agent」。 在 … Continue reading

Posted in Browser, Cloud, Computer, Firefox, GoogleChrome, IE, Murmuring, Network, Software, WWW | Tagged , , , , , , , , , , , , , , , | Leave a comment

檢查瀏覽器是否阻擋不安全的 SSL 連線

在這邊看到可以測試瀏覽器的 SSL 連線,網站在 https://badssl.com/dashboard/ 這邊: OOO, Chrome just added a dashboard to quickly test out whether your network connection's being ruined by inspection: https://t.co/1iVkGnat7A pic.twitter.com/s19RmdzlK5 — Eric Mill (@konklone) March 17, 2017 Google Chrome 都有過,但是 Firefox 與 IE11 都還可以連 dh1024... … Continue reading

Posted in Browser, Computer, Firefox, GoogleChrome, IE, Murmuring, Network, Security, Software, WWW | Tagged , , , , , | Leave a comment

EdgeCast 總算記得要推出 HTTP/2 了...

每次看到 EdgeCast 的業務都會抱怨一下,總算正式公佈了... EdgeCast 的 HTTP/2 預定在 2017/03/31 全面上線:「HTTP/2 Coming Soon to Our Customers with SSL Certificates!」。 由於是逐步上線,有些網站會在 3/31 前就生效 (像是 EdgeCast 的官網): The rollout of HTTP/2 will be gradual, and you may start to see some of your content … Continue reading

Posted in CDN, Cloud, Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , | Leave a comment

在 Ubuntu 上跑 Selenium (Google Chrome 與 Firefox)

最近可能會用到,所以開了一台 EC2 instance 跑 Ubuntu 16.04 測試 Selenium。拿 Chrome 與 Firefox,Linux 平台上兩個主要的瀏覽器。 要讓他動還蠻簡單的,只是不知道真的用下去後,後面會遇到多少地雷 XDDD 基本上是按照「Installing Selenium and ChromeDriver on Ubuntu」這篇文章的方法安裝,有幾點可以注意一下: ChromeDriver 可以翻一下最新版,文件上寫的是 2.26,但現在最新的是 2.27 (寫這篇時)。 雖然寫「(Optional) Create and enter a virtual environment」表示可以不做,但不做其實不會動 (看錯誤訊息像是要建立目錄時權限不夠),所以乖乖的用 virtual environment 裝在自己目錄下吧 XDDD 同理,Firefox 用 APT … Continue reading

Posted in Browser, Computer, Firefox, GoogleChrome, Murmuring, Network, Software, WWW | Tagged , , , , , , , , | Leave a comment

V8 對 for-in 的最佳化

V8 引擎的人對 for-in 的最佳化寫了一篇解釋「Fast For-In in V8」,比較直接的結果就是維基百科與 Facebook 都變快了: For example, in early 2016 Facebook spent roughly 7% of its total JavaScript time during startup in the implementation of for-in itself. On Wikipedia this number was even higher at around … Continue reading

Posted in Browser, Computer, GoogleChrome, Murmuring, Network, Programming, Software, WWW | Tagged , , , , , , , , , | Leave a comment

GitHub 決定在 2018/02/01 停用不安全的 HTTPS/SSH 演算法

在「Discontinue support for weak cryptographic standards」這邊訂了日期,2018/02/01 將會關閉: HTTPS 的 TLSv1 與 TLSv1.1 SSH 的 diffie-hellman-group1-sha1 SSH 的 diffie-hellman-group14-sha1 看起來最苦的應該是 Android 4.3 以及更早的版本,以現在的官方數字來看還有 13%+ (Dashboards),這些版本內建的瀏覽器不支援 TLSv1.2,不過另外裝 browser 就還能過...

Posted in Computer, Murmuring, Network, Programming, Security, WWW | Tagged , , , , , , , , , | Leave a comment

Cloudbleed:Cloudflare 這次的安全問題

Cloudflare 把完整的時間軸與影響範圍都列出來了:「Incident report on memory leak caused by Cloudflare parser bug」。 出自於 2/18 時 Google 的 Tavis Ormandy 直接在 Twitter 上找 Cloudflare 的人: Could someone from cloudflare security urgently contact me. — Tavis Ormandy (@taviso) February 18, 2017 Google 的 … Continue reading

Posted in CDN, Cloud, Computer, Murmuring, Network, Search Engine, Security, WWW | Tagged , , , , , , , , , , , , , , , , | Leave a comment

Firefox 下一個版本 (52) 將預設關閉 SHA-1 支援

順著 SHA-1 正式被打穿,Mozilla 也正式宣佈從下一個版本的 Firefox 將完全關閉 SHA-1 支援 (看敘述應該還是可以透過 about:config 開):「The end of SHA-1 on the Public Web」。 As announced last fall, we’ve been disabling SHA-1 for increasing numbers of Firefox users since the release of Firefox 51 using a … Continue reading

Posted in Browser, Computer, Firefox, Murmuring, Network, Security, Software, WWW | Tagged , , , , , , , , , , , , | Leave a comment

AES-GCM-SIV

在「AES-GCM-SIV: Specification and Analysis」這邊看到 AES-GCM-SIV 的作者自己投稿上去的資料,是個已經被放進 BoringSSL 並且在 QUIC 上使用的演算法: We remark that AES-GCM-SIV is already integrated into Google's BoringSSL library \cite{BoringSSL}, and its deployment for ticket encryption in QUIC \cite{QUIC} is underway. 在 RFC 上的說明解釋了這個演算法的目的是希望當 nonce 沒有被正確實作時仍然可以有比 AES-GCM 強的保護: … Continue reading

Posted in Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , | Leave a comment