Home » Posts tagged "net" (Page 2)

php.net 被擋的後續分析...

昨天一整天 php.net 網域下的網站都被擋掉:

Twitter 上也有看到 Rasmus Lerdorf 在抱怨:

Rasmus 說是 false positive (誤判),不過我是不太直接相信他講的話...

剛剛看到 Netcraft 整理了一些資料出來「PHP.net blocked by Google: False positive or not?」,裡面有不少東西可以看...


However, a short moment ago, a Hacker News user posted some obfuscated JavaScript that was found appended to a possibly cached version of the userprefs.js script, suggesting that the PHP.net website may have been compromised recently.

The obfuscated JavaScript inserts an iframe into the webpage, which loads content from an external site known for distributing malware. Google Chrome blocks the inclusion of any content from known malware domains, although the injected content in this case no longer appears to be accessible.

這段有問題的 javascript code 的解讀可以在這裡看到說明。

如果的確是 compromise,那這事就沒完了,接下來還要找是從哪個洞進來的... 不過以 php.net 的情況,(消音)...

Google 官方提供 Google Fonts 下載的建議方案...

Update:一次只能選一個字體,找不到全選的地方,然後有一千多個... 還是去網路上找人家包好整包抓比較快。

Google Developers Blog 上看到官方對於下載 Google Fonts 的建議方案:「Download Google fonts to your desktop」。

Monotype 所推出的工具「SkyFonts」,支援 Windows 與 Mac 版。當 Google Fonts 有新的字型時,SkyFonts 會自動更新。不過當 Google Fonts 刪除時會發生什麼事情就不知道了...

會需要 Microsoft .NET Framework 4.0 與 WindowsInstaller 4.5 (x86):

這樣感覺有點肥... XD

用 Net::OpenID::Consumer 取得 Google 的帳戶資料

GoogleOpenID 服務有提供 OpenID Attribute Exchange 1.0 (參考「Federated Login for Google Account Users」這個網頁), 測了一陣子才知道要怎麼透過 PerlNet::OpenID::Consumer 取得資料:

my $csr = Net::OpenID::Consumer->new(
    ua => LWPx::ParanoidAgent->new,
    args => {},
    consumer_secret => 'secret',
    required_root => 'http://.../',
    minimum_version => 2

my $claimed_identity = $csr->claimed_identity('https://www.google.com/accounts/o8/id');

        mode => 'fetch_request',
        required => 'email',
        'type.email' => 'http://axschema.org/contact/email',

my $check_url = $claimed_identity->check_url(
    delayed_return => 1,
    return_to => 'http://.../...',
    trust_root => 'http://.../'

say $check_url;

之前會試不出來,主要是卡在 type.email 忘記加,加上去的時候又打成 email...

Comcast 開始限制 Level3 的流量...

Slashdot 上的報導,Comcast 開始限制 (過濾) Level3 對 Comcast 的流量:「Level 3 Shaken Down By Comcast Over Video Streaming」。

另外 Level3 的新聞稿:「Level 3 Communications Issues Statement Concerning Comcast's Actions」以及 Comcast 的回應稿:「10 Facts About Peering, Comcast and Level 3」。

很擺明 Comcast 就是衝著 Level3 拿下 Netflix 的合約而來的 (參考「Netflix 拋棄 Akamai CDN,改以 Level 3 CDN 為主力」),在評論「Comcast Says Their Dispute With Level 3 Is "Not About Online Video" - Yeah Right」也是對 Comcast 的說法不以為然。

剛好在 12/21 FCC 才要對網路中立性投票:「FCC To Vote On Net Neutrality On December 21」,這則新聞看起來真是...