Software News – netfordownload.com

Anonymous Cons Web Users Into Joining DDoS Attacks With Camouflaged Links

Anonymous is tricking unwitting Internet bystanders into participating in its Megaupload-inspired DDoS attacks by flooding the Web with innocuous-looking links.

Anonymous has a new tool in its arsenal that transforms casual Web surfers into unwitting participants in a distributed denial of service attack, according to security experts.

The loosely knit group of activist hackers has embedded JavaScript into specially crafted Websites to redirect site visitors to the targeted site, Graham Cluley, senior technology consultant at Sophos, wrote on the Naked Security blog Jan. 20. The page repeatedly attempts to access the target Website for the entire time the browser window is open, which only adds to the traffic bombardment.

Anonymous distributed links to these specially crafted Web pages via its Twitter feed which was re-tweeted widely, and links also popped up on Internet Relay Chat rooms, Facebook, Tumblr and other social networking sites. Some of the links led to PasteHTML.com, a site that looks a little like the popular text-sharing site Pastebin frequently used by Anonymous to issue statements. A variation of this method allowed users to type in the IP address of target Web servers before the JavaScript code began executing.

Most of the links were obscured using URL shortening services such as bit.ly. Several Anonymous Twitter accounts have thousands of followers, and some gained “hundreds of thousands of new fans overnight” during the course of the campaign, according to Cluley.

The new method appears to have helped knock Universal Music and other sites offline during last week’s Megaupload-revenge attacks.

“If you visit the Webpage, and do not have JavaScript disabled, you will instantly, without user interaction, begin to flood a Website of Anonymous’s choice with unwanted traffic, helping to perpetuate a DDoS attack,” Cluley said.

Internet users who have disabled JavaScript on their browser would not have been caught in this trick. However, considering how many Websites require JavaScript to do the simplest tasks nowadays, most people have the scripting language enabled.

This is yet another reminder to be careful about clicking on links online. URL shorteners make it really hard to tell where the link originated from or its intended purpose. Even if a friend posted the link on the social network, if the original source is Anonymous, it may not be that safe.
“Don’t forget, denial-of-service attacks are illegal. If you participate in such an attack you could find yourself receiving a lengthy jail sentences,” Cluley warned.

(more…)

Cloud9 launches documentation site to support growing Node.js community

JavaScript has come a long way since its inception in the 1990s. The odd language, which was once confined to simplistic tasks like form validation, has expanded beyond the browser and now powers all kinds of applications from mobile devices to server rooms.

The evolution of the language standard and the introduction of heavily optimized implementations have made JavaScript a respectable choice for building serious applications. Although the language is still burdened by some idiosyncrasies, its intrinsic flexibility is proving to be valuable.

One of the major technologies that has driven adoption of JavaScript on servers is Node.js, an open source software framework for building scalable applications with JavaScript. Its efficient, event-driven approach to I/O makes it well-suited for building real-time Web applications. Node.js takes advantage of JavaScript’s simplicity and expressiveness to make development faster and more productive.

Key Node.js users and contributors from a diverse assortment of companies ranging from Mozilla to Walmart are congregating in San Francisco this week for the Node Summit, a conference focused on the Node.js framework. Among the many companies that will have a presence at the event is Cloud9, the makers of a Web-based integrated development environment (IDE) built with a Node.js backend. Cloud9 makes its software available as a hosted service and also distributes it as open source software under the GNU General Public License.

We spoke with Cloud9 CEO Ruben Daniels about Node.js and some announcements that Cloud9 is making this week concurrently with Node Summit. Cloud9 is a particularly intriguing Node.js success story because the company uses Node.js itself, actively contributes back to the Node.js community, and offers a product that is tailored to benefit other Node.js adopters. Cloud9′s business interests are heavily aligned with the long-term success of Node.js.

Cloud9 on Node.js

We discussed the evolution of the JavaScript programming language, the advantages of server-side JavaScript development, and the benefits of Node.js. I started by asking Daniels if improvements to the standard have made JavaScript a competitive language for large-scale development. He said that it’s competitive today and is advancing in a direction that will continue to improve its efficacy for building server-side software.

“JavaScript marries the concepts of a functional and imperative language in a way that makes it very easy for people to start using it,” he said. “Already, it is a real competitor. The biggest hurdle right now is going from a popular language for building client-side apps to building server-side enterprise applications. The way the language is evolving is supporting that.”

One area where he sees the need for improvement in JavaScript is the lack of a native module system. Node.js uses the CommonJS module system, but it would be advantageous to have one that is inherent to the language and consistent between various JavaScript runtimes.

Daniels characterizes the ability for developers to reuse existing code and skills between the client and the server as a major advantage of using Node.js to build web applications. When I asked if the differences between JavaScript engines and the lack of certain features on the browser side posed challenges for reusability, he explained that portable JavaScript libraries help insulate developers from those kinds of issues. In some cases, he said, it’s simply a matter of being mindful when you write code about where you else you might want to use it.

(more…)

How to Use Character Entities in HTML, CSS and JavaScript

You’ve almost certainly encountered entities in HTML pages. They’re commonly used for international characters, mathematical operators, shapes, arrows and other symbols. For example:

view plainprint?
♠
♣
♥
♦
©
®
These map directly to UTF-8 characters. The symbol for PI (π) can either be written as π or it’s UTF-8 number π. You can look-up popular symbols on the HTML Character Entity Reference to discover their HTML entity code and UTF-8 index number.

Strictly speaking, it’s not necessary to use these codes if you’re serving pages as UTF-8; the default character set for HTML and XML documents. However, there may be occasions when you’re not using UTF-8, adjacent characters are causing issues, or it’s difficult to enter a specific symbol on your keyboard. Similarly, you may be using ANSI or a another encoding method for CSS and JavaScript files.

Entities in CSS

Adding content via pseudo elements is increasingly common — especially if you’re using webfont icons. To add any UTF-8 character, you need to find it’s number and convert that to hexadecimal. For Pi, it’s 03C0. This can be added within a CSS file using a preceding backslash, e.g.

(more…)

jQ.Mobi JavaScript framework boasts faster mobile apps

Framework simplifies Web development and boosts performance for iOS and Android

JQ.Mobi, an HTML5-optimized rewriting of the JQuery JavaScript library, is available in a beta version as of this week for Android and Apple iOS software developers, with proponents citing dramatic speed improvements and size reduction.

Offered by HTML5 development platform provider appMobi, jQ.Mobi is 2.5 times faster than desktop JQuery and requires just 3KB of memory, the company said. It is an open source mobile development framework that outperforms JQuery on Android and iOS, the company said. “This is a big step for developers in JavaScript and HTML5 toward getting the same types of UI advantages that they have in native platforms,” said Sam Abadir, appMobi CTO and founder.

[ Apple's iOS boosted Objective-C as a programming language last year. | Subscribe to InfoWorld's Developer World newsletter for more news related to software development issues. ]

JQ.Mobi features a query selector engine, UI library, and plug-ins. Unlike existing JavaScript UI frameworks such as JQuery Mobile and Sencha Touch, jQ.Mobi is not hampered by any legacy roots in desktop Web browsers or HTML4, the company claimed. The technology works with platforms that leverage the WebKit browser, which in addition to Android and iOS, also includes RIM BlackBerry 6 and higher-numbered versions of RIM’s software.

HTML5-centered capabilities in jQ.Mobi include backing for Cascading Style Sheets 3 and WebKit, Abadir said. AppMobi, which provides such cloud services as collection of analytics data, hopes to blaze new trails with jQ.Mobi. “The intent of this project is to put it out there and hopefully have it influence other projects as well,” Abadir said.

(more…)