Tag Archives: control

用 Xbox 控制器操控潛艇

拿民用品當作軍事器材不是第一次了,不過拿來操作潛艇倒是蠻值得看一下的:「The U.S. Navy's most advanced submarines will soon be using Xbox controllers」。 在 lab 環境測試的畫面。 原因頗簡單,就是成本考量,而且很容易取得: The company says the photonic mast handgrip and imaging control panel that cost about $38,000 can be replaced with an Xbox controller that typically … Continue reading

Posted in Computer, Game, Hardware, Murmuring, Recreation|Tagged , , , , , , , |2 Comments

Mozilla 的提案「HTTP Immutable Responses」

狀態已經是 Category: Standards Track 了,RFC 8246 的「HTTP Immutable Responses」: The immutable HTTP response Cache-Control extension allows servers to identify resources that will not be updated during their freshness lifetime. This ensures that a client never needs to revalidate a cached … Continue reading

Posted in Browser, Computer, Murmuring, Network, Software, WWW|Tagged , , , , , , , , |1 Comment

在 Git/Mercurial/Subversion 上 "-" 發生的問題

在「[ANNOUNCE] Git v2.14.1, v2.13.5, and others」這邊看到 - 開頭產生的問題: These contain a security fix for CVE-2017-1000117, and are released in coordination with Subversion and Mercurial that share a similar issue. CVE-2017-9800 and CVE-2017-1000116 are assigned to these systems, respectively, for issues … Continue reading

Posted in Computer, Murmuring, Network, Security, Software|Tagged , , , , , , , , , , , , , |Leave a comment

iOS 11 將 Location 的主權交還給使用者

在 Hacker News Daily 上看到這則 tweet,說 iOS 11 將會把 Location 的主權交還給使用者控制: iOS 11 Privacy Updates: 2. Location “While Using” is now ALWAYS an option for users. (It’s about time!)https://t.co/QW5lkGnWE9 — Tinfoil 2.0 😱 (@tfoil2) June 6, 2017 查了對應的一些網站,可以看到好幾個站台都有介紹這一點:「iOS 11 Users … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, Software|Tagged , , , , , , , , , , |Leave a comment

Web Cache Deception Attack

在「How (Not) to Control Your CDN」這邊看到了「Web Cache Deception Attack」這個攻擊方式。 攻擊的手法是利用網站會把 /user/personal-info/foo.css 與 /user/personal-info 視為一樣的內容時,配合 CDN 或是 reverse proxy server 會把 .css 設定無差異 cache 時,就可以在 cache server (cache edge) 取得使用者的敏感資料。 這主要是 url routing 的條件放太寬造成的。 另外 Mark Nottingham 還建議 cache 應該在 origin … Continue reading

Posted in CDN, Computer, CSS, Murmuring, Network, Security, Service, WWW|Tagged , , , , , , , , , , , , |Leave a comment

Facebook 與 Google Chrome 以及 Firefox 的人合作降低 Reload 使用的資源

Facebook 花了不少時間對付 reload 這件事情:「This browser tweak saved 60% of requests to Facebook」。 Facebook 的人發現有大量對靜態資源的 request 都是 304 (not modified) 回應: In 2014 we found that 60% of requests for static resources resulted in a 304. Since content addressed URLs never … Continue reading

Posted in Browser, Computer, Firefox, GoogleChrome, Murmuring, Network, Software, WWW|Tagged , , , , , , , , , , , , , , , , , , , , |Leave a comment

GitHub 在 Merge Pull Request 時支援 Rebase 了

有些人認為儘量保持原狀,但有些人認為儘量維持 tree 的乾淨,而這次推出的 rebase 則是把後者的需求補上了:「Rebase and merge pull requests」。

Posted in Computer, Murmuring, Programming|Tagged , , , , , , , , , , |Leave a comment

Google 研發出的 BBR: Congestion-Based Congestion Control

Google 針對 TCP 的 congestion control 研究出了新的方法,是個純 sender-side 的演匴法,可以讓現有的 internet 直接換上去使用:「[net-next,14/14] tcp_bbr: add BBR congestion control」。 在 long-lived TCP connection 愈來愈普及後 (像是 HTTP/2),TCP 連線的最佳化可以用統計模型來計算,這也就是 BBR 的想法: In a nutshell, BBR creates an explicit model of the network pipe by sequentially … Continue reading

Posted in Computer, Murmuring, Network, WWW|Tagged , , , , , , , , , , , |1 Comment

用 DNS 控制的後門

在「Wekby APT Gang Using DNS Tunneling for Command and Control」這邊看到用 DNS 做為控制的後門系統,原報導是「New Wekby Attacks Use DNS Requests As Command and Control Mechanism」。 用 DNS 控制的穿透性比 HTTPS 高不少,被拿來做為 APT 類的攻擊威脅高不少...

Posted in Computer, DNS, Murmuring, Network, Security|Tagged , , , , , , , , , |Leave a comment

中國富豪搬移財產的方法

中國因為一年只讓國民帶五萬美金出國,於是中國的富豪就想到各種方法搬移財產,其中 Boing Boing 介紹的這個方法真的頗棒的 XDDD:「Chinese millionaire sues himself through an offshore shell company to beat currency export controls」。 先成立一家空殼公司,然後再用空殼公司告自己的公司,藉由法院的賠償程序,避開了個人財產的轉移限制: But there's a better way: for a small sum, you can just set up an offshore shell company, direct it to … Continue reading

Posted in Financial, Murmuring, Political|Tagged , , , , , |Leave a comment