Monday, January 27, 2014

Assignment (due February 3): Create a home page in html5

Hey folks,

Below is your first coding assignment! It's due by end of day Monday, February 3.


  • Create a short home page for yourself in HTML5 alone.

  • Don't use any CSS, or any tags that control appearance (we'll do this later).
  • Your page should be contained in one html file.
  • Your content should be suitable for use in a classroom context.

  • Validate your page using the W3C Nu Markup Validation Service Address as many of the resulting warnings and errors as you can.
  • Test your page on various browsers ("crossbrowser testing") using Browserling, Browsera, BrowserStack or SauceLabs. These tools make it easy to see how a page is rendered in different browsers without actually running those browsers. Test at least half of the following browsers:
    • Firefox for Windows
    • Firefox for OS X
    • Chrome for Windows
    • Chrome for OS X
    • Chrome for Android
    • Internet Explorer for Windows
    • Safari for OS X
    • Safari for iOS

  • Using wolfware classic assignment "html", submit the following as a single zip file by end of day Monday February 3:
    • Your version of the homepage HTML5 source.
    • A text file of 1-2 pages documenting the results of your validation including any remaining errors and warnings, and your summary of the results of crossbrowser testing.
  • (Optional) post your impressions of the crossbrowser testing tool you used to our forum for extra credit.

Thursday, January 23, 2014

Find: interesting show on net neutrality at The Verge

Welcome to episode 107 of The Vergecast, a weekly discussion of all things relevant and irreverent in the worlds of art, culture, science, and technology. In this episode, Joshua Topolsky, Nilay Patel, and Adi Robertson discuss the whirlwind of CES, Nest's acquisition by Google, and the FCC's loss over net neutrality.


from Web Class @ NCSU

Sunday, January 19, 2014

Find: Stunning graphs show how Reddit went from porn to WTF

Speaking of reddit and society...


Stunning graphs show how Reddit went from porn to WTF
// The Verge - All Posts

The weird and fascinating world of Reddit has been too large to comprehend all at once, at least until now. Randy Olson, a PhD student from Michigan State University researched how Reddit has changed since its conception in 2005, and made a few stunning graphs that illustrate the rise and fall of topics. The most striking graph provides a stratigraphic look at at the website's past, showing how topics that ruled Reddit in 2006 like "NSFW" and "programming" are no where near as sought out now as topics like "funny" and "WTF." It's almost possible to pinpoint when the most dramatic change occurred by using the graph as well — it came around 2008 when Reddit added a feature that allowed users to create their own subreddits. That small...

Continue reading…

from Web Class @ NCSU

Thursday, January 16, 2014

Find: Creator of PGP e-mail encryption making secure Android “Blackphone”

 // published on Ars Technica // visit site
Creator of PGP e-mail encryption making secure Android “Blackphone”

Phil Zimmermann, creator of PGP e-mail encryption, is leading a team of security industry executives building an Android phone with a variety of built-in privacy tools.

"I've been interested in secure telephony for longer than I've been interested in secure e-mail," Zimmermann said in a video on so-called Blackphone's website. "I had to wait for the rest of the technology infrastructure to catch up to make it possible to do secure telephony. PGP was kind of a detour for me while waiting for the rest of the technology to catch up to make really good secure telephony possible."

The narrator of the Blackphone video ominously says, "Technology was supposed to make our lives better. Instead we have lost our privacy—we have become enslaved." The Blackphone website says the phone will use "PrivatOS," an Android-based operating system, while letting users "make and receive secure phone calls; exchange secure texts; exchange and store secure files; have secure video chat; browse privately; and anonymize your activity through a VPN."

Read 4 remaining paragraphs

from Web Class @ NCSU

Find: FCC will find new way to prevent ISP abuse after net neutrality loss

Courts have removed the ability of the FCC to preserve net neutrality: the principle that all bits are equal, arriving at the same rate. Many say small companies and startups will be stifled, since they won't be able to pay for the same speeds as the big guys. It wasn't long ago that google was small....

// published on Ars Technica // visit site
FCC will find new way to prevent ISP abuse after net neutrality loss
FCC Chairman Tom Wheeler.

FCC Chairman Tom Wheeler today said the commission will take another shot at preventing abusive practices by ISPs after the commission's Open Internet Order was vacated Tuesday by the US Court of Appeals for the District of Columbia Circuit.

The court struck down the order's ban on traffic blocking and discrimination by Internet service providers because the FCC had not designated ISPs as common carriers. If Internet service providers were treated as common carriers, they could be subjected to stricter regulations, similar to those applied to phone service, which ensure that everyone's calls must go through and that all calls are treated equally. Verizon, which wants to charge content providers for prioritized access to its network, claimed that the FCC erred by imposing common carriage regulations on companies that are not considered common carriers. Verizon sued and won.

The FCC has the authority to reclassify ISPs as common carriers, but corporate and political opposition would make such a change difficult. Wheeler has not given any indication that he wants to reclassify ISPs, but he pointed to a bit of good news for the FCC in the court ruling.

Read 13 remaining paragraphs

from Web Class @ NCSU

Tuesday, January 14, 2014

Find: Google to buy Nest for $3.2 billion

Pretty big deal. Experientially, not a good match. Does my search engine need to know which room I'm in at home? But google has always been interested in energy. 

// published on Ars Technica // visit site
Google to buy Nest for $3.2 billion
Jacqui Cheng

Google announced on Monday that it has entered into an agreement to buy Nest Labs, Inc., makers of the Nest learning thermostat and Nest Protect, a connected smoke detector. The deal will cost Google $3.2 billion and should close in the next few months.

Nest has always been on Google's radar. Google Ventures, the company's startup investment arm, was one of the Nest's early investors. Google was previously rumored to be building a Nest thermostat competitor, and there were even leaked screenshots of a smart thermostat app built by Google called "EnergySense," which would let you control the temperature from a smartphone or Web client.

Now that Google is buying its main theoretical competition in this area, it's unclear what will happen to Google's internal projects. The one thing we do know is that the Nest brand will be sticking around, and the CEO of Nest, Tony Fadell, will continue to run the company as a separate division in Google.

Read 3 remaining paragraphs

from Web Class @ NCSU

Find: New DoS attacks taking down game sites deliver crippling 100Gbps floods

Time server amped dos attacks on game sites. 

 // published on Ars Technica // visit site
New DoS attacks taking down game sites deliver crippling 100Gbps floods
Online gamers such as these ones often stream their play in real time.

Recent denial-of-service attacks taking down League of Legends and other popular gaming services are doing more than just wielding a rarely-seen technique to vastly amplify the amount of junk traffic directed at targets. In at least some cases, their devastating effects can deprive celebrity game players of huge amounts of money.

As Ars reported last week, the attacks are abusing the Internet's Network Time Protocol (NTP), which is used to synchronize computers to within a few milliseconds of Coordinated Universal Time. A command of just 234 bytes is enough to cause some NTP servers to return a list of up to 600 machines that have previously used its time-syncing service. The dynamic creates an ideal condition for DoS attacks. Attackers send a modest-sized request to NTP servers and manipulate the commands to make them appear as if they came from one of the targeted gaming services. The NTP servers, which may be located in dozens or even hundreds of locations all over the world, in turn send the targets responses that could be tens or hundreds of times bigger than the spoofed request. The technique floods gaming servers with as much as 100Gbps, all but guaranteeing that they'll be taken down unless operators take specific precautions ahead of time.

Among the recent targets of this type of attack are game servers used by celebrity players who broadcast live video streams of their gaming prowess that are viewed as many as 50,000 times. In some cases, the massive audiences translate into tens of thousands of dollars per month, as ads are displayed beside video feeds of the players blowing away opponents in Dota 2 and other games.

Read 8 remaining paragraphs

from Web Class @ NCSU

Monday, January 13, 2014

Find: Chrome rendering engine will get faster, lighter, and better offline in 2014

Nice discussion of google chrome's new blink rendering engine. 


// published on Ars Technica // visit site
Chrome rendering engine will get faster, lighter, and better offline in 2014
A Google software engineer has outlined the Blink team's plans for 2014.

In April of 2013, Google announced that its Chrome browser would move away from the then-current WebKit rendering engine to a new, Google-backed (but still open-source) engine called Blink. Reasons given for the switch included a desire to improve performance and reduce complexity, and a recent Google Groups post by Google software engineer Eric Seidel shows just what the Blink team will be working toward in 2014.

Unsurprisingly, many of the team's goals focus on mobile device performance, "in part because Web engines (e.g. Blink) are not nearly as good on performance-constrained devices as they need to be." Google considers smooth scrolling and animation, input responsiveness, and load time to be key factors on mobile devices, and the company wants to improve on these while reducing memory usage and power consumption.

Other goals are focused on "improv[ing] the mobile Web platform itself," blurring the line between locally installed applications and apps run in the browser window. Google wants to enable "better-than-AppCache" offline modes for apps, Web apps that support push notifications, and apps that support hardware-specific features like screen orientation.

Read 6 remaining paragraphs

from Web Class @ NCSU

Thursday, January 9, 2014

Find: AT&T turns data caps into profits with new fees for content providers

Mobile internet is the future internet. This plan makes it more expensive for internet users to access new services, stifling innovation. 

Spectrum is a national resource. Maybe we should require it be used in the national interest, rather than the corporate interest. 

// published on Ars Technica // visit site
AT&T turns data caps into profits with new fees for content providers
Aurich Lawson / Thinkstock

AT&T today confirmed a long-rumored plan to monetize wireless data caps by charging content providers for the right to serve up video and other media without chewing up consumers' monthly data limits.

Sometimes called 1-800-DATA, AT&T billed the plan as "a new way for eligible 4G customers to enjoy mobile content and apps over AT&T’s wireless network without impacting their monthly wireless data plan."

Basically, the price of data is being charged to content providers instead of consumers. The rates for consumers and business will be similar. "We will offer AT&T Sponsored Data providers a wide range of options," an AT&T spokesperson told Ars. "Customers will be billed according to usage, with costs varying by amounts of usage. Rates are comparable to consumer rates."

Read 15 remaining paragraphs

from Web Class @ NCSU

Hackers use Amazon cloud to scrape mass number of LinkedIn member profiles

Amazon cloud can also be a force for evil. 

// published on Ars Technica // visit site
Hackers use Amazon cloud to scrape mass number of LinkedIn member profiles
Image courtesy of TheTruthAbout.

LinkedIn is suing a gang of hackers who used Amazon's cloud computing service to circumvent security measures and copy data from hundreds of thousands of member profiles each day.

"Since May 2013, unknown persons and/or entities employing various automated software programs (often referred to as 'bots') have registered thousands of fake LinkedIn member accounts and have extracted and copied data from many member profile pages," company attorneys alleged in a complaint filed this week in US District Court in Northern California. "This practice, known as 'scraping,' is explicitly barred by LinkedIn's User Agreement, which prohibits access to LinkedIn 'through scraping, spidering, crawling, or other technology or software used to access data without the express written consent of LinkedIn or its Members.'"

With more than 259 million members—many who are highly paid professionals in technology, finance, and medical industries—LinkedIn holds a wealth of personal data that can prove highly valuable to people conducting phishing attacks, identity theft, and similar scams. The allegations in the lawsuit highlight the unending tug-of-war between hackers who work to obtain that data and the defenders who use technical measures to prevent the data from falling into the wrong hands.

Read 7 remaining paragraphs

from Web Class @ NCSU

Wednesday, January 8, 2014

DoS attacks that took down big game sites abused Web’s time-synch protocol

New type of dos attack amps volume by using time sync service. Fortunately it's easy to repel. 

// published on Ars Technica // visit site
DoS attacks that took down big game sites abused Web’s time-synch protocol
69 percent of all DDoS attack traffic by bit volume in the first week of January was the result of NTP reflection.
Black Lotus

Miscreants who earlier this week took down servers for League of Legends,, and other online game services used a never-before-seen technique that vastly amplified the amount of junk traffic directed at denial-of-service targets.

Rather than directly flooding the targeted services with torrents of data, an attack group calling itself DERP Trolling sent much smaller-sized data requests to time-synchronization servers running the Network Time Protocol (NTP). By manipulating the requests to make them appear as if they originated from one of the gaming sites, the attackers were able to vastly amplify the firepower at their disposal. A spoofed request containing eight bytes will typically result in a 468-byte response to victim, an increase of more than 58 fold.

"Prior to December, an NTP attack was almost unheard of because if there was one it wasn't worth talking about," Shawn Marck, CEO of DoS-mitigation service Black Lotus, told Ars. "It was so tiny it never showed up in the major reports. What we're witnessing is a shift in methodology."

Read 4 remaining paragraphs

from Web Class @ NCSU

Tuesday, January 7, 2014

Assignment: your example web app

Hey folks,

During and after your first html assignment, you should be working on finding and posting an example web app. Details here!

The assignment is due by end of day January 15.

The assignment asks you to turn in using our Google Community; please email us if you would rather not consent to using it.

Prof. Watson

Assignment: your online tool IDs

Hey folks,

Assuming you consent on the previous assignment, we need to collect your IDs for those tools. In particular, we need you to create a Google profile so that we can add you to our online community; we need your GitHub ID so we can give you access to your project repo, and you will need a CodeAcademy ID for certain in class assignments.

Please use this form to give us your IDs.



Assignment: your consent for use of public online tools

Hi folks,

Your first assignment! An easy one.

Please view this online consent form, and indicate whether or not you consent to use of online tools. Please email us as well if you choose not to consent.

Remember that your grades will only be returned to you through WolfWare classic, no other forum or tool.

Professor Watson