Sunday, 22 February 2015

Superfish - Lenovo's shameful factory install adware

Lenovo shamefully decided to bundle ad-ware into their laptops straight from the factory.  Users complained that they were getting unexpected advertising pop ups sparking an investigation.  It was discovered that Superfish software had been installed creating an additional certificate authority,allowing third parties to masquerade as legitimate sites.  These third parties injected adds,  effectively a man in the middle attack.  This, I presume, makes Lenovo a little more money and users a lot more vulnerable

It's not just Lenovo komodia.com, who made the software is used by other many companies.

Full details here
http://www.theregister.co.uk/2015/02/20/superfish_is_malware_us_government/
Posted by at No comments:

Saturday, 21 February 2015

HTTP/2 faster browsing after 15 years


The Internet Engineering Steering Group (IESG) has approved the specifications for HTTP/2. Google have been the real instigators here designing the SPDY protocol and then making it part of the new specification.  It works too, with encrypted HTTPS/2 running faster than unencrypted HTTP/1.

This is bigger news than it seems. HTTP/1 has been around for 15 years with little modification.  It's the protocol that runs over TCP providing our browsing content with 'pushes' & 'gets'.  There have been big inefficiencies, which we have lived with, for example transfers start slowly and increase in speed so the maximum transfer rate could be determined. Typically there would be many connections from one client all staring slowly, unnecessary because we know how fast the first connection can go.  Not only speed an improvment but so is compression.  Data is repeated in many http sessions, ideal for compression.  This HTTP/2 does far better than HTTP/1

More details in this article
http://www.theregister.co.uk/2015/02/18/http2_specification_approved/

And a great podcast here
http://twit.tv/show/security-now/495

Posted by at No comments:

Friday, 30 January 2015

Sugata  Mitra - Child drive learning
See Sugata's TED talk

 Take aways

  • Learning can happen without trainer intervention just by providing tools and a mentor who is purely curious about what learners can do.
  • Only 30% of trainees are self-directed and there is criticism that this type of learning disrupts others learning
Details
Sugata provided a computer and not instructions on how to use it for children in a remote Indian village.  The children spoke no English nor had any understanding of computers, however they taught themselves both.

 In balance it's clear that not everyone self directs their learning less than %30 and there have been criticisms of the outcomes, that this type of learning derailed more formal classroom based learning.

Posted by at No comments:
Subscribe to: Posts (Atom)