tizianocavigliablog

I post con tag "Internet" archivio

La prima foto che ha fatto la storia del web

Geek   19.02.15  

Les Horribles Cernettes

È impossibile stabilire con certezza quale sia stata la prima foto pubblicata su internet, ma possiamo raccontare con certezza la storia della prima foto che ha cambiato internet.

C'entrano il CERN, Tim Berners-Lee, Silvano de Gennaro, una Canon EOS 650, la seconda versione di Photoshop e una band pronta a esibirsi all'Hadronic Music Festival.

Les Horribles Cernettes, a particle physics parody pop band led by Michele de Gennaro, a 3D graphics artist at CERN. The photo part was taken backstage at the 1992 Hadronic Music Festival by Silvano de Gennaro, Michele's then-boyfriend and an IT developer at CERN, with a Canon EOS 650. He later tricked out the image with those pink Cernettes graphics on the very first version of Photoshop. The comedic, nerd-girl, doo-wop band was a bit of an inside joke at the time. So de Gennaro never expected his janky album cover to change the world.

[...] De Gennaro took that Cernettes photo on July 18, 1992. That was around the same time that Berners-Lee was developing software that would enable the web to handle GIF images. Apparently, Berners-Lee was just bumming around the office, working on his web project, when he asked Silvio de Gennaro, who sat nearby, for a few scanned photos that he could upload.

You might expect that the first photo on the web would've something historical, maybe a picture taken by a famous photographer. But instead, de Gennaro handed off that album cover he'd done for the Cernettes. Tim Berners-Lee was a fan of the band, so when it came time to upload the first photo to the web, the Cernettes got the honor of being the first photo on the web.

LEGGI ALTRO...

Un web più veloce

Geek   18.02.15  

L'Internet Engineering Task Force sta per finalizzare la definizione di HTTP/2. Si tratta del più importante passo avanti da 16 anni di HTTP, il protocollo usato come principale sistema per la trasmissione d'informazioni sul web.

HTTP/2 is a very overdue upgrade to Hypertext Transfer Protocol, the basic protocol that handles connections between a web server and your browser. The original development of HTTP happened way back when Tim Berners Lee first imagined his World Wide Web project in the late 1980s. However the version of the protocol we currently use, HTTP/1.1, was officially introduced in 1999. Needless to say, the web has changed quite a bit in the past 15 years.

HTTP/2, like any good upgrade, will address some issues with the previous version, and as a result, your web browser will load pages more quickly.

LEGGI ALTRO...

I siti più popolari dal 1996 a oggi

Geek   17.12.14  

Il Washington post ha pubblicato le classifiche anno per anno dei 20 siti web più popolari dal 1996 al 2013. C'è chi è invecchiato bene, chi è diventato padrone del mondo e chi si è trasformato in materia per archeologi digitali.

LEGGI ALTRO...

Il piano del presidente Obama sulla net neutrality

Res publica   10.11.14  

La visione del presidente Obama sulla neutralità della rete per chiedere alla Federal Communications Commission (FCC), l'agenzia federale che regola il settore delle comunicazioni negli Stati Uniti, di proteggere il web da derive che porterebbero ad avere una rete a più velocità.

More than any other invention of our time, the Internet has unlocked possibilities we could just barely imagine a generation ago. And here's a big reason we've seen such incredible growth and innovation: Most Internet providers have treated Internet traffic equally. That's a principle known as "net neutrality" -- and it says that an entrepreneur's fledgling company should have the same chance to succeed as established corporations, and that access to a high school student's blog shouldn't be unfairly slowed down to make way for advertisers with more money.

LEGGI ALTRO...

Una mappa di internet

Geek   31.08.14  

La mappa di internet

Shodan, un motore di ricerca che analizza il traffico web per localizzare dispositivi connessi a internet, ha pubblicato una mappa che mostra la distribuzione mondiale di tutti i device collegati a internet.

LEGGI ALTRO...

Heartbleed: niente panico, ok panico

Geek   10.04.14  

Heartbleed è la falla che da due anni mina l'integrità dei dati sensibili archiviati da oltre due terzi dei siti web mondiali. La vulnerabilità minaccia tutti quei sistemi e servizi che si appoggiano a OpenSSL, colpendo le versioni dalla 1.0.1 alla 1.0.1f.
OpenSSL è una implementazione open source di SSL e TSL, i protocolli addetti alla sicurezza delle comunicazioni e transazioni su internet. Per gli utenti indicato con il lucchetto che compare di fianco agli indirizzi web sul vostro browser.

I motivi per disperarsi sono molti,

Heartbleed is a bug in OpenSSL’s implementation of a small part of the T.L.S. protocol, called the heartbeat extension. A "heartbeat," in this context, is like the "beep... beep…" of a hospital heart monitor: a quick way to check that the other end of a secure connection is still there. One side sends the other side a small piece of data, up to sixty-five kilobytes long, along with a number indicating the size of the data that has been sent. The other side is supposed to send back the exact same piece of data to confirm that the connection is still active. Unfortunately, in OpenSSL the replying side looks at the stated size of the data rather than at the actual size, and it always sends back the amount of data that the request asked for, no matter how much was sent. This means that if the stated amount of data is less than the amount actually provided, the response contains the data that was sent plus however much additional data, drawn from the contents of the computer's system memory, is required to match the amount requested.

Here is why this is so bad: the heartbeat response can contain up to sixty-four kilobytes of whatever data happens to be in the server's random access memory at the moment the request arrives. There is no way to predict what that memory will contain, but system memory routinely contains login names, passwords, secure certificates, and access tokens of all kinds. System memory is temporary: it is erased when a computer is shut down, and the data it holds is written and overwritten all the time. It is generally regarded as safe to load things like cryptographic keys or unencrypted passwords into system memory--indeed, there is little a computer can usefully do without temporarily storing pieces of sensitive data in its system memory. The Heartbleed bug allows an attacker to "bleed" out random drops of this memory simply by asking for it. Heartbeat requests aren't usually logged or monitored in any way, so an attack leaves no trace. It's not even possible to distinguish malicious heartbeat requests from authentic requests without close analysis. So an attacker can request new pieces of system memory over and over again; it's almost impossible for the victim to know they've been targeted, let alone to know what data might have been stolen.

Among the items that can be found in a server's system memory are the keys to cryptographically secured connections and the certificates that allow servers to prove they are what they claim to be. An attacker who steals cryptographic keys could use them to decode and read encrypted data that had previously been intercepted; an attacker who steals certificates could use them to mimic a secure site and to intercept communications. In other words, your browser could be tricked into thinking that it’s connected securely to your bank and instead be connected to an intermediary that can read all the data flowing back and forth.

Ma forse, se siamo fortunati, potrebbe risolversi solo con un gigantesco dopo sbornia per i sysadmin.

But before you panic, it is worth remembering that, at this point, we don't know how close we are to the worst-case scenario. It is possible, though improbable, that the security researchers who exposed this flaw were, in fact, the first people to find it, which would mean that it has only been known about, and exploited, for a few days. (It was found, independently, by a team of security researchers at Codenomicon and Neel Mehta, of Google Security.) At the same time the bug was announced, a new, secure version of OpenSSL was released, and updating most of the affected servers is a straightforward task. Major services like Google and Yahoo have already patched the vulnerability. Engineers did not need to stay up all night in a mad scramble to make repairs, but, as one system administrator told me, the nature of the bug made this something more than a routine update. "It's an update, a configuration change, and a notification to your users that there's no way to know if their data was stolen or not," he said. To be safe, identity certificates for servers and users must be revoked and then reissued. The fix, in other words, is both urgent and tedious, which is the worst kind of job for a programmer or system administrator.

La buona notizia è che la vulnerabilità è facilmente risolvibile.

LEGGI ALTRO...

Non mi aspettavo i gattini

Geek   12.03.14  

L'intervista degli utenti di Reddit a Tim Berners-Lee nel 25esimo anniversario della nascita del World Wide Web.

Tim, What other names did you consider other than the world wide web?

Mine of Information, The Information Mine, The Mesh None had quite the right ring. I liked WWW partly because I could start global variable names with a W and not have them clash with other peoples' (in a C world) ...in fact I used HT for them)

LEGGI ALTRO...
‹ Post più recenti     Post più vecchi ›     e molto di più nell'archivio...