I've found out why I get requests to set cookies from sites I don't think I've visited. The reason is that I have visited the site, I just didn't know it!
It's a feature of Firefox that, as far as I can tell, only Google make use of. So, in the case of the previous example that I posted, the HTML returned from the Google search contains the following code:
link rel="prefetch" href="http://www.georgeproctor.co.uk/"
This tells Firefox to go and get the content from that URL as Google thinks that I am likely to actually want to visit that site. In most cases Google is wrong, but it makes Firefox go off and connect to that site anyway! If I'd let the handling of cookies to Firefox's default state then I'd have never noticed!
Seems to me that Firefox should default to not allowing prefetching. That way the user is more likely to know what is happening rather than unknowingly allowing cookies from sites that the user may not even be aware that they have visited.
Wednesday, 28 May 2008
What's with Google and the cookies?
I've changed the settings on Firefox so that sites that want to set cookies get flagged up with a dialog, then I can choose which sites get to set cookies on my machine.
Since I've done this I've noticed that Google searches that pop up a commercial website at the top of the results page seem to allow the top search to set a cookie without even visiting that site. (see image)
Can someone out there please tell me what Google is doing?
If you're looking, they will post...
Slashdot has a article about online security-
"A TJX employee was fired for an online post mentioning that TJX hasn't beefed up security after the recent, massive data breach that saw 94 million credit card numbers copied by criminals and money from their accounts stolen. The employee mentioned that, at first, their usernames were the same as their passwords. After they required stronger passwords, some managers complained, so they 'compromised' by allowing blank passwords. The whistleblower said he discussed his concerns with management, but that it was like talking to a brick wall. In spite of the weak internal security, TJX now has a firm that scours the internet to find bad things posted about them, which is how they found the message and fired him for it. Too bad they don't appear to have hired anyone to beef up operational security or to convince people to use strong passwords."
I was interested in the quote about TJX actively scanning the internet for bad press, so I think I'm doing them a favour by posting, it makes their effort worthwhile!
In the UK, TJX is best know for its TKMaxx stores. From the look of the customers I've seen coming and going, TJX's credit card problem must be confined to the USA. I can't believe that the typical TJMaxx customer could even get hold of (their own!) credit card. I walked past a TJMaxx store a couple of days ago. I must just go and check my wallet....
"A TJX employee was fired for an online post mentioning that TJX hasn't beefed up security after the recent, massive data breach that saw 94 million credit card numbers copied by criminals and money from their accounts stolen. The employee mentioned that, at first, their usernames were the same as their passwords. After they required stronger passwords, some managers complained, so they 'compromised' by allowing blank passwords. The whistleblower said he discussed his concerns with management, but that it was like talking to a brick wall. In spite of the weak internal security, TJX now has a firm that scours the internet to find bad things posted about them, which is how they found the message and fired him for it. Too bad they don't appear to have hired anyone to beef up operational security or to convince people to use strong passwords."
I was interested in the quote about TJX actively scanning the internet for bad press, so I think I'm doing them a favour by posting, it makes their effort worthwhile!
In the UK, TJX is best know for its TKMaxx stores. From the look of the customers I've seen coming and going, TJX's credit card problem must be confined to the USA. I can't believe that the typical TJMaxx customer could even get hold of (their own!) credit card. I walked past a TJMaxx store a couple of days ago. I must just go and check my wallet....
Thursday, 22 May 2008
Tricky work
Close to where I live, the Glasgow Housing Association is demolishing some high rise flats. They are very close to some other accomodation, so they are removing one section of the flats prior to bringing them down with explosives some time in the next month or so. It still seems like a close call to me! They are not advertising the time when they will demolish the buildings but I hope I'm there to watch!
Handling '404 Not Found' errors
Were everything else working, you might not have to worry about these errors. However, there a any number of reasons that someone might request a missing resource from your website, so I think it should at least be testing for handling this condition gracefully. To see what I mean and - how you can get it wrong - goto the website of the (sic) "WORLD'S LARGEST INDEPENDENT SOFTWARE TESTING COMPANY" (yes, it's in shouty capitals on the site)
So, give it a try at the applabs site - http://www.applabs.com/whereisit.html - and see where the other links take you too (hint: nowhere!). Not a great showcase for the capabilities.
So, give it a try at the applabs site - http://www.applabs.com/whereisit.html - and see where the other links take you too (hint: nowhere!). Not a great showcase for the capabilities.
Try almost any other site and a message will inform you of the error, but at least the other links let you get out of the (small) hole you might find yourself in.
Actually a couple of the links will get you back to the homepage, but mostly you'll think you're stuck. If they ever get around to testing and fixing the site, perhaps someone could let me know and I'll update the blog!
NEWSFLASH: They fixed it around October 2008. Still a bit crap.
Twisted Fire Starter!
I had a visit from the local fire brigade last night. Full turnout with blue lights and big hoses! Turns out the neighbour called 999 (same as US 911). Obviously not wanting to have wasted their time getting all dressed up, the came into my garden and stuck their hose in my garden incinerator. It's a sticky black mess now.
There's no local rules to ban the use of garden incinerators (although the local council don't like them) and everything was contained within the incinerator, so it wasn't out of control. I think it was a bit heavy handed of them but you've got to consider the general good work they do so I'll leave it as an interesting experience.
Thursday, 15 May 2008
Monday, 12 May 2008
Green Computing
There's a bit of talk nowadays about 'Green Computing' and what can be done to decrease the environmental impact of power hungry electronic devices. Actually, its another case of necessity being the mother of invention. If you look at the figures for the power output of modern silicon chips they are, per unit of surface area, more power hungry than the heating element of an electric fire! Datacenters groan under the weight of their cooling equipment and many now struggle to supply enough power to the racks. It's not that hardware vendors are environmental angels, its that the kit is about to burst into flames (literally in the case of some laptops!)
Perhaps we're just on the wrong place with regards to aggregating IT hardware. Maybe we should look to put as much together in one (or two or three for proper disaster recovery) place. I think the Moon is the best place to put it. Solar panels to generate electricity and just let the heat radiate way into space. The trick is to put as much kit in the same place as is possible and leave the minimum amount of information to be transferred between the Earth and the Moon. At the same time, people should have slightly more kit in their own homes, but it should be plumbed in properly so that in the winter the excess heat can contribute to heating the whole place. What we need is a global repository of soft objects, like digital photos, music and video which can be mega-cached locally and transferred via P2P processes around the globe and to and from the big MoonPuter.
Maybe I'm just going barking...
Perhaps we're just on the wrong place with regards to aggregating IT hardware. Maybe we should look to put as much together in one (or two or three for proper disaster recovery) place. I think the Moon is the best place to put it. Solar panels to generate electricity and just let the heat radiate way into space. The trick is to put as much kit in the same place as is possible and leave the minimum amount of information to be transferred between the Earth and the Moon. At the same time, people should have slightly more kit in their own homes, but it should be plumbed in properly so that in the winter the excess heat can contribute to heating the whole place. What we need is a global repository of soft objects, like digital photos, music and video which can be mega-cached locally and transferred via P2P processes around the globe and to and from the big MoonPuter.
Maybe I'm just going barking...
Live the message!
Aargh! Completely off the road now... but it was funny when I saw it so I had to take the picture!
Saturday, 10 May 2008
Slightly off-topic...
... but it is about software.
I wish I'd got a Canon digital camera. I've got a Casio and don't get me wrong, I happy with it. But just look what some smart hackers have done with Canon cameras.
Doesn't work with all Canon cameras though. I think you need to have a Digic II processor. The current range has Digic III processors and I don't think it works for them. Although, given a little time and some specs....
I wish I'd got a Canon digital camera. I've got a Casio and don't get me wrong, I happy with it. But just look what some smart hackers have done with Canon cameras.
Doesn't work with all Canon cameras though. I think you need to have a Digic II processor. The current range has Digic III processors and I don't think it works for them. Although, given a little time and some specs....
Subscribe to:
Posts (Atom)
