Archive for the ‘Javascript’ Category

« Older Entries

Anonymous Cons Web Users Into Joining DDoS Attacks With Camouflaged Links

Tuesday, January 24th, 2012

Anonymous Cons Web Users Into Joining DDoS Attacks With Camouflaged Links

Anonymous is tricking unwitting Internet bystanders into participating in its Megaupload-inspired DDoS attacks by flooding the Web with innocuous-looking links.

Anonymous has a new tool in its arsenal that transforms casual Web surfers into unwitting participants in a distributed denial of service attack, according to security experts.

The loosely knit group of activist hackers has embedded JavaScript into specially crafted Websites to redirect site visitors to the targeted site, Graham Cluley, senior technology consultant at Sophos, wrote on the Naked Security blog Jan. 20. The page repeatedly attempts to access the target Website for the entire time the browser window is open, which only adds to the traffic bombardment.

Anonymous distributed links to these specially crafted Web pages via its Twitter feed which was re-tweeted widely, and links also popped up on Internet Relay Chat rooms, Facebook, Tumblr and other social networking sites. Some of the links led to PasteHTML.com, a site that looks a little like the popular text-sharing site Pastebin frequently used by Anonymous to issue statements. A variation of this method allowed users to type in the IP address of target Web servers before the JavaScript code began executing.

Most of the links were obscured using URL shortening services such as bit.ly. Several Anonymous Twitter accounts have thousands of followers, and some gained “hundreds of thousands of new fans overnight” during the course of the campaign, according to Cluley.

The new method appears to have helped knock Universal Music and other sites offline during last week’s Megaupload-revenge attacks.

“If you visit the Webpage, and do not have JavaScript disabled, you will instantly, without user interaction, begin to flood a Website of Anonymous’s choice with unwanted traffic, helping to perpetuate a DDoS attack,” Cluley said.

Internet users who have disabled JavaScript on their browser would not have been caught in this trick. However, considering how many Websites require JavaScript to do the simplest tasks nowadays, most people have the scripting language enabled.

This is yet another reminder to be careful about clicking on links online. URL shorteners make it really hard to tell where the link originated from or its intended purpose. Even if a friend posted the link on the social network, if the original source is Anonymous, it may not be that safe.
“Don’t forget, denial-of-service attacks are illegal. If you participate in such an attack you could find yourself receiving a lengthy jail sentences,” Cluley warned.

(more…)

Tags:
Posted in internet, Javascript, softwares - news | No Comments »

FeedHenry Serves Up HTML5 Node.js Platform

Tuesday, January 24th, 2012

FeedHenry Serves Up HTML5 Node.js Platform

JavaScript programming aligned with fluid backend I/O functionality

FeedHenry has launched a solution for developers to build HTML5, JavaScript, and hybrid apps with an integrated Node.js backend-as-a-service layer. The company has set out to create a mobile app Platform-as-a-Service (PaaS), which allows developers to use JavaScript skills to build a mobile app client, alongside backend functionality that leverages the event-driven I/O architecture of the Node.js environment.

By building inside one single code base, FeedHenry logically argues that developers will increase their efficiency and speed app development time. Inside the FeedHenry studio, developers are presented with the option to build complex mobile apps using HTML5 and JavaScript that will run as native apps on all major smartphones and tablet devices.

These apps can be developed using any third-party JavaScript library or HTML5 UI/UX toolkit and connect through RESTful API calls to a server-side backend. This server-side business and integration logic is developed in Node.js using JavaScript. Developers can use any of the company’s standard APIs for integration, caching, storage, or encryption and programmers are also free to include other third-party JavaScript libraries.

At build-time, the client code is pushed to a build farm where the native binary is created; the server-side code is staged with a single command to the FeedHenry cloud (or to any public or private cloud supporting Node.js). The mobile application platform automatically synchronizes the app client with the Node.js backend and provides scaling as well as built-in redundancy, lifecycle management, and reporting.

“As enterprises mature with their mobility initiatives and start getting into more sophisticated apps where they need complex integration with the backend and the cloud, the play will shift to the server side,” said Cathal McGloin, CEO, FeedHenry. “The server side will become a crucial part of every mobile initiative as enterprises see how much more they can do with apps to increase revenue and boost employee productivity. Apps are fast becoming the new tool within organizations, but with that there’s the headache on the server side with security, scalability, performance, and management. With Node.js, FeedHenry’s mobile application platform offers an easy way to build mobile app solutions for the enterprise that takes care of the server side functionality.”

(more…)

Tags:
Posted in internet, Javascript, softwares - news | No Comments »

Google’s Chrome Browser Sprouts Programming Kit of the Future

Tuesday, January 24th, 2012

Google’s Chrome Browser Sprouts Programming Kit of the Future

Chito Manansala is the reason you and about 2 billion other people can instantly pay with a Visa card in shops across the planet.

As chief system architect at Visa, Manansala designed the communications system at the heart of VisaNet — a worldwide network of shops, ATMs, banks and websites that handles 130 million payments a day. In other words, he knows how to build a contraption that juggles ridiculous amounts of information with each passing second.

In 2007, after leaving Visa, he joined Sabre, the company behind the online travel agency Travelocity. At Sabre, Travelocity is just the tip of the proverbial iceberg. The company offers all sorts of software that shuttles information among travel agencies, airlines, hotels and other tourism outfits across the globe, and Manansala was hired to build a system that would drive applications running on a world of mobile phones. Think of it as the VisaNet of travel reservations.

At first, he built this system using the venerable Java programming language. But he has since dropped Java and switched to what is widely regarded as The Next Big Thing among Silicon Valley developers. He switched to Node.

Node is short for Node.js, a new-age programming platform based on a software engine at the heart of Google’s Chrome browser. But it’s not a browser technology. It’s meant to help build software that sits on a distant server somewhere, feeding an application to your PC or smartphone, and it’s particularly suited to systems like the one Chito Manansala is building — systems that juggle scads of information streaming to and from other sources. In other words, it’s suited to the modern internet.

Two years ago, Node was just another open source project. But it has since grown into the development platform of the moment. At Yahoo!, Node underpins “Manhattan,” a fledgling online service for building and hosting mobile applications. Microsoft is offering Node atop Windows Azure, its online service for building and hosting a much beefier breed of business application. And Sabre is just one of a host of big names using the open source platform to erect applications on their own servers.

“There’s real developer excitement over Node, but there’s also real benefit to using it for at least certain types of applications,” says Bill Hilf, the general manager of product management for Windows Azure. “We don’t see Node on Azure as altruistic. We see it as a way to drive business.”

For Gerad Suyderhoud — who helped organize the first Node hackathon in the summer of 2010 — Node is the successor to Ruby on Rails, the programming framework that made it big when Twitter made it big. “First there was C, which Amazon was written in,” he told us this past spring. “Then there was Perl, and Craigslist was written in Perl. Then there was PHP and Facebook, and then Rails and Twitter. With each of these things, they solved a lot of hard problems, but then new problems arrived. Node solves the next set of hard problems, the problems that come with all this real-time stuff.”

And he’s not alone. This week, in downtown San Francisco, Joyent — the chief steward of the Node open source project — is hosting the first major conference dedicated to the technology, and the speaker lists includes names from likes of Google, Yahoo!, Microsoft, VMware, and Mozilla.

Javascript Breaks Out

The js stands for Javascript. Node.js is a new way of programming with the web’s standard programming language. Not to be confused with Java, Javascript is the code that runs inside your browser when you use web applications such as Google’s Gmail.

Node is based on the Javascript engine at the heart of Google’s Chrome browser — the engine that executes Javascript code. But it takes Javascript out of the browser and moves it to a new place. The trick with Node is that developers can also use Javascript to build the back-end of an application — the part that runs on a server somewhere. With Node, all those developers who know how to build code for the browser can suddenly build stuff for the server too — at least in theory. It seeks to democratize net programming.

(more…)

Tags:
Posted in Google Chrome, internet, Javascript, softwares - news | No Comments »

Cloud9 launches documentation site to support growing Node.js community

Tuesday, January 24th, 2012

Cloud9 launches documentation site to support growing Node.js community

JavaScript has come a long way since its inception in the 1990s. The odd language, which was once confined to simplistic tasks like form validation, has expanded beyond the browser and now powers all kinds of applications from mobile devices to server rooms.

The evolution of the language standard and the introduction of heavily optimized implementations have made JavaScript a respectable choice for building serious applications. Although the language is still burdened by some idiosyncrasies, its intrinsic flexibility is proving to be valuable.

One of the major technologies that has driven adoption of JavaScript on servers is Node.js, an open source software framework for building scalable applications with JavaScript. Its efficient, event-driven approach to I/O makes it well-suited for building real-time Web applications. Node.js takes advantage of JavaScript’s simplicity and expressiveness to make development faster and more productive.

Key Node.js users and contributors from a diverse assortment of companies ranging from Mozilla to Walmart are congregating in San Francisco this week for the Node Summit, a conference focused on the Node.js framework. Among the many companies that will have a presence at the event is Cloud9, the makers of a Web-based integrated development environment (IDE) built with a Node.js backend. Cloud9 makes its software available as a hosted service and also distributes it as open source software under the GNU General Public License.

We spoke with Cloud9 CEO Ruben Daniels about Node.js and some announcements that Cloud9 is making this week concurrently with Node Summit. Cloud9 is a particularly intriguing Node.js success story because the company uses Node.js itself, actively contributes back to the Node.js community, and offers a product that is tailored to benefit other Node.js adopters. Cloud9′s business interests are heavily aligned with the long-term success of Node.js.

Cloud9 on Node.js

We discussed the evolution of the JavaScript programming language, the advantages of server-side JavaScript development, and the benefits of Node.js. I started by asking Daniels if improvements to the standard have made JavaScript a competitive language for large-scale development. He said that it’s competitive today and is advancing in a direction that will continue to improve its efficacy for building server-side software.

“JavaScript marries the concepts of a functional and imperative language in a way that makes it very easy for people to start using it,” he said. “Already, it is a real competitor. The biggest hurdle right now is going from a popular language for building client-side apps to building server-side enterprise applications. The way the language is evolving is supporting that.”

One area where he sees the need for improvement in JavaScript is the lack of a native module system. Node.js uses the CommonJS module system, but it would be advantageous to have one that is inherent to the language and consistent between various JavaScript runtimes.

Daniels characterizes the ability for developers to reuse existing code and skills between the client and the server as a major advantage of using Node.js to build web applications. When I asked if the differences between JavaScript engines and the lack of certain features on the browser side posed challenges for reusability, he explained that portable JavaScript libraries help insulate developers from those kinds of issues. In some cases, he said, it’s simply a matter of being mindful when you write code about where you else you might want to use it.

(more…)

Tags:
Posted in internet, Javascript, softwares - news | No Comments »

HTML 5 makes the browser smarter

Tuesday, January 24th, 2012

HTML 5 makes the browser smarter

The unsung hero of the web has always been Javascript, without which the standards-based web would be completely static. Javascript enables functionality to be executed in the browser, and has been used to create all sorts of effects otherwise not possible with HTML alone.

In the early days, Javascript implementations weren’t entirely standard, requiring developers to have to write variants for different browsers; this isn’t really an issue any more.

For applications, developers will either use libraries or develop their own validation routines. This Javascript code adds significantly to the amount of code downloaded.

With HTML5, developers will need to write less Javascript, as the browser provides features to do things for itself rather than rely extra scripting.

Validation is the main area of improvement. HTML5 now provides a number of new validation features such as mandatory checking, type checking, range and field length validation. The validation is done within the browser, and developers can opt to decide how to process errors.

Obviously validation has to be repeated on the server for security, to ensure that data hasn’t been hacked in the browser or in transmission. This then means that validation has to be maintained in two places and kept in sync.

HTML5 also provides a number of new input field types such as tel, email, color, datetime. This empowers the browser, by applying it to display a date picker, or a colour chooser for example. More importantly for mobile applications it would allow the browser to show an appropriate keyboard layout e.g. a numeric layout for tel, and an alphabetic keyboard for email type.

There are also a number of new attributes which previously required Javascript such as autocomplete, placeholder and pattern which will prove very useful.

There will be some organisations that will not want the browser to affect their carefully designed user experience; for these people the answer is simple, just don’t use the new features.

(more…)

Tags:
Posted in internet, Javascript, softwares - news | No Comments »

« Older Entries