Home » Posts tagged "netcraft"

Google 的 .search 網域

Netcraft 的「November 2017 Web Server Survey」這篇看到關於 Google 弄到的 .search 網域:

This month the controversial new .search gTLD being run by Google’s Charleston Road Registry subsidiary was found for the first time, with www.nic.search responding to the survey. Google hopes it will be able to run .search as a dotless domain which will automatically redirect users to their search engine of choice. This proposal has been criticised for going against ICANN’s own rules, which prohibits this functionality due to the potential for conflicts with existing names on internal networks. This feature could also cause confusion for users who have come to expect that typing words into their address bar will perform a search query for that term.

It is currently uncertain whether or not Google will be allowed to run the .search TLD as a dotless domain, however with the launch of the first site on this TLD this month Google is one step closer to the provision of this service.

找了一下資料,ICANNWiki 上的「.search」有些資料,另外也有新聞資訊 (2013 年的):「Google Wants To Operate .Search As A “Dotless” Domain, Plans To Open .Cloud, .Blog And .App To Others」。

不太妙...

Google 在愚人節玩笑中造成的安全問題...

Google 在愚人節時拿出養很久不知道做什麼的 domain 出來用:「https://com.google/」,但也因此造成了安全性問題:「Google’s April Fool’s prank inadvertently broke their security」。

問題在於正常的 Google 頁面有這個 HTTP header 可以避免 iframe (以及 clickjacking):

X-Frame-Options: SAMEORIGIN

但在加上 igu=2 的參數後不會有這個 HTTP header。雖然現在已經失效了,但當天也被 Netcraft 通報 XD

php.net 被擋的後續分析...

昨天一整天 php.net 網域下的網站都被擋掉:

Twitter 上也有看到 Rasmus Lerdorf 在抱怨:

Rasmus 說是 false positive (誤判),不過我是不太直接相信他講的話...

剛剛看到 Netcraft 整理了一些資料出來「PHP.net blocked by Google: False positive or not?」,裡面有不少東西可以看...

其中最後這段:

However, a short moment ago, a Hacker News user posted some obfuscated JavaScript that was found appended to a possibly cached version of the userprefs.js script, suggesting that the PHP.net website may have been compromised recently.

The obfuscated JavaScript inserts an iframe into the webpage, which loads content from an external site known for distributing malware. Google Chrome blocks the inclusion of any content from known malware domains, although the injected content in this case no longer appears to be accessible.

這段有問題的 javascript code 的解讀可以在這裡看到說明。

如果的確是 compromise,那這事就沒完了,接下來還要找是從哪個洞進來的... 不過以 php.net 的情況,(消音)...

AWS 的規模...

Netcraft 分析 Amazon Web Services 的規模,以及使用 AWS 的 Heroku:「Amazon Web Services' growth unrelenting」。

分析雖然只看了 HTTP 與 HTTPS 的部份,但以 AWS 的特性,應該是不差太多,所以相對性的數字應該是有參考價值的...

有這些資料後再來看:

雖然寫 4 month,但實際上應該是三個月的成長量 (二月到五月)。

us-east-1 仍然很強大 (還是沒看到 us-east-2 的消息),而 us-west-2 上個月突然有大戶進駐?跟東京與新加坡同個等級了...

另外 CloudFrontRoute 53 的成長數量也很耀眼,都是網站上設定好就可以馬上用,不需要找業務...

Archives