Thank you, Countryside Cabinets

Published: March 3, 2011

Thank you,, for clicking through my affiliate link when signing up for a Bluehost account.

Using the Web To Turn Kids Into Autodidacts

Published: December 5, 2010

Autodidacticism — self-education or self-directed learning — is nothing new, but the Internet holds the promise of taking it to the masses. Sugata Mitra, an Indian physicist whose earlier educational experiments inspired the film ‘Slumdog Millionaire,’ is convinced that, with the Internet, kids can learn by themselves so long as they are in small groups and have well-posed questions to answer. And now, Mitra’s Self-Organized Learning Environments (SOLE) are going global, with testing in schools in Australia, Colombia, England and India. On their own, children can get about 30% of the knowledge required to pass exams, so to go further, Dr. Mitra supplements SOLE with e-mediators, amateur volunteers who use Skype to help kids learn online.


Deep Packet Inspection Set To Return

Published: November 27, 2010

[T]wo US companies, Kindsight Inc. and Phorm Inc., are pitching deep packet inspection services as a way for Internet service providers to claim a share of the lucrative online ad market [Shunned Profiling Technology on the Verge of Comeback]. Kindsight and Phorm say they protect people’s privacy with steps that include obtaining their consent. They also say they don’t use the full power of the technology, and refrain from reading email and analyzing sensitive online activities. Use of deep packet inspection this way would nonetheless give advertisers the ability to show ads to people based on extremely detailed profiles of their Internet activity. To persuade Internet users to opt in to be profiled, Kindsight will offer a free security service, while Phorm promises to provide customized web content such as news articles tailored to users’ interests. Both would share ad revenue with the ISPs. Kindsight says its technology is sensitive enough to detect whether a particular person is online for work, or for fun, and can target ads accordingly.


Who will win the battle for control of the web?


A series of critical breakthroughs – massively increased bandwidth, the demand for rich media, cloud computing, the advent of wireless connectivity and the rise of mobile devices – has created the foundations for the next generation of rich internet-based apps.

Each of the big three computing companies – Microsoft, Apple and Google – has its own radically different vision to promote, as does the world’s biggest creative software company, Adobe

The stage is set for an enormous battle between these computing titans, and the value of the prize is incalculable: what price can you put on a company that holds the keys to the internet?

Tom Arah @ PC Pro

Via Slashdot.

NPR on the future of the Internet, 1993


Via Boing Boing.

Google and Microsoft Cheat on Slow-Start

Published: November 26, 2010

Ben Strong writes:

I decided a couple of weeks ago that I wanted to build an app, most likely a web app. Being a premature optimizer by nature, my first order of business (after deciding I need to learn to draw) was to find the absolute fastest way to serve up a web page. The Google home page is the fastest-loading page I know of, so I thought a good place to start would be to figure out how they do it and then replicate their strategy.

The full story of my search is below, but the short version is that to match Google’s page load times you have to cheat on the tcp slow-start algorithm. It appears that stretching the parameters a little bit is fairly common, but Google and Microsoft push it a lot further than most. This may well be common knowledge in web development circles, but it was news to me.

Ben Strong’s Blog

Via Slashdot:

“Software developer and blogger Ben Strong did a little exploring to find out how Google achieves its admirably fast load times. What he discovered is that Google, and to a much greater extent Microsoft, are cheating on the ‘slow-start’ requirement of RFC-3390. His research indicates that discussion of this practice on the Net is at an early, and somewhat theoretical, stage. Strong concludes with this question: ‘What should I do in my app (and what should you do in yours)? Join the arms race or sit on the sidelines and let Google have all the page-load glory?'”

See also:

HTTPS Everywhere versus Firesheep

Published: November 24, 2010

HTTPS Everywhere Gets Firesheep Protection

The Electronic Frontier Foundation today said it rolled out a version of HTTPS Everywhere that offers protection against ‘Firesheep’ and other tools that seek to exploit webpage security flaws. Hitting the streets in October, Firesheep caused a storm of controversy over its tactics, ethics and Web security in general. Firesheep sniffs unencrypted cookies sent across open WiFi networks for unsuspecting visitors to Web sites such as Facebook and Twitter, and lets the user take on those visitors’ log-in credentials.


HTTPS Everywhere

HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.

Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site.

The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.

Scalpers Busted for Ticket Scam Botnet

Published: November 20, 2010

Three California men have pleaded guilty charges they built a network of CAPTCHA-solving computers that flooded online ticket vendors and snatched up the very best seats for Bruce Springsteen concerts, Broadway productions and even TV tapings of Dancing with the Stars.

The men ran a company called Wiseguy Tickets, and for years they had an inside track on some of the best seats in the house at many events. They scored about 1.5 million tickets after hiring Bulgarian programmers to build “a nationwide network of computers that impersonated individual visitors” on websites such as Ticketmaster, and LiveNation, the U.S. Department of Justice (DoJ) said Thursday in a press release.

… Their scheme was remarkably successful. When Bruce Springsteen and the E Street Band played Giants Stadium in July 2008, nearly half of the 440 general admission floor tickets were snatched up by the Wiseguy Tickets network.

The network would “flood vendors computers at the exact moment that event tickets went on sale,” the DoJ said. With computerized CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)-solving, the bots were able to complete transactions faster than any human, giving them an edge in snatching up tickets for the Major League Baseball playoffs, the Rose Bowl and many concerts.

Network World, via Slashdot

Long Live the Web


“The Web is critical not merely to the digital revolution but to our continued prosperity — and even our liberty. Like democracy itself, it needs defending.”

Tim Berners-Lee

Via Boing Boing.

See also Tim Berners-Lee @ Wikipedia.

How Not To Design a Protocol

Published: October 30, 2010

“Google security researcher Michael Zalewski posted a cautionary tale for software engineers: amusing historical overview of all the security problems with HTTP [categorySeeAlso slug=”cookies”], including an impressive collection of issues we won’t be able to fix. Pretty amazing that modern web commerce uses a mechanism so hacky that does not even have a proper specification.”