Trace and Javascript

Trace and Javascript  
Have you ever traced the runtime of your application? Do you know how many queries you make that gray endpoint, which? And how long are those cross-references calculated for a similar resource type from each entity page that needs to be returned to the query? Have you tried to measure how long you have to wait for the user because of the optional query fields that he adds from time to time? Have you ever wondered if you would parallelize these six queries to those two databases?
 
If anything above sounds interesting, or at least familiar - welcome to the cut.
 
chrome: ...
+ 0 -

Google's Shell Style Guide (in Russian)

Foreword
 
Which Shell to use is
 
Bash The only shell script language that can be used for executable files.
 

Scripts must begin with #! /bin /bash with a minimum set of flags. Use the set to set the shell options, that would call your script as bash did not violate its functionality.


 

Restricting all shell scripts to bash, gives us a consistent shell language that is installed on all our machines.


 

The only exception is if you are limited by the conditions of what you are programming for. One example is the Solaris SVR4 package, which requires the use of ...

+ 0 -

FIDO2 - Passwords must die

I think all of you have repeatedly heard about the fact that "passwords are dead", "passwords are dying out", "new technology will kill passwords" and the like.
 
 
We in FIDO Alliance just came to inform you that passwords will still die out in authentication.
 
 
FIDO U2F about which I wrote earlier .
 
 
FIDO2 - Passwords must die  
 
That is, the authentication script with U2F is as follows:
 
 

The registration is:


 
- The user registers using a user name (can be better changed to a password, and then user-user?) And password
 
- The server hashes the password using scrypt, argon? bcrypt and stores in the database
 
- T...[/h]
+ 0 -

Can I trust my Chrome Sync and Firefox passwords?

Recently I wrote about insufficient protection of locally saved passwords in Firefox . As some readers have correctly pointed out, an attacker with physical access to your device is not the main threat. So let's take a look at how browser developers protect your passwords when they are transferred to the cloud. Both Chrome and Firefox provide a synchronization service that can download not only the saved passwords, but also cookies, and the history of page views. How safe is this service?
 
 
TL; DR: currently the answer is "no". Both services have weaknesses in defense. However...
+ 0 -

Let's make Windows slower! Part one: file access

Let's make Windows slower! Part one: file access Windows has long been reproached for the slowness of its file operations and the slow creation of processes. Why not try to make them even slower? This article will show how to slow down file operations in Windows by about 10 times from their normal speed (or even more), and these methods are practically not amenable to tracking by a normal user.
 
 
And, of course, we will learn to detect and correct such situations. The whole text is written on the basis of the problem I encountered a couple of months ago, so everything written below is completely real.
 
file system...
+ 0 -

Confrontation W3C and WHATWG: Apple, Google, Microsoft, Mozilla object to DOM 4.1

As everyone knows, there are two HTML specifications: W3C ( consortium, World Wide Web ) And WHATWG (Apple, Google, Microsoft and Mozilla, de facto authors of the HTML5 standard). This week there was an open conflict between the creators of the specifications.
 
 
The situation developed as follows. It all began with the fact that the W3C fork made the specification of the live standard WHATWG DOM and named it DOM 4.1. Then W3C made incompatible changes to it and announced the fork as the official specification, although in fact all the important work was done in the WHATWG version.
 
 
Some ...
+ 0 -

Blocking Telegram - getting ready for the worst?

Blocking Telegram - getting ready for the worst?  
 
As you know, yesterday Roskomnadzor asked the court to block Telegram. We must understand that the games are over and the messenger will be blocked with a very high degree of probability. The case itself was initiated by the suit of Roskomnadzor, and Judge Smolin Yu.M. has already managed to hold a preparatory meeting in the Tagansky court of Moscow. There were no lawyers from Telegram at the meeting. Someone says that Durov himself ordered not to appear on the court, but it may well be that the specialists simply did not have time to prepare. For everything about everything they had only a few hours ...
+ 0 -

Reducing the credibility of Symantec PKI: recommendations to site owners

Reducing the credibility of Symantec PKI: recommendations to site owners
 
Hi Habr, earlier, in his security blog, we announced plans to reduce Chrome's trust in Symantec certificates (including Symantec-owned brands such as Thawte, VeriSign, Equifax, GeoTrust and RapidSSL). This post describes how site owners can determine whether they will be affected by a decrease in trust in Symantec certificates, and if so, what needs to be done and when. Failure to replace these certificates will break the site in future versions of major browsers, including Chrome and Firefox.
Chrome Canary . If you see a certificate ...
+ 0 -

Trace JS ↔ DOM, or Round trip

The search for memory leaks in Chrome 66 has become much more convenient. DevTools can now conduct a trace, do snapshots of DOM objects from C ++, display all available DOM objects from jаvascript together with references to them. The emergence of these features was the result of a new mechanism for tracing C ++ in the garbage collector V8.
 
Let me remind you that stable Chrome now (March 2? 2013) has version 6? so to marvel at the feature, you'll have to install one of the unstable assemblies (for example, Beta has version 6? and Dev and Canary - 67).
...
+ 0 -

Google, Qualcomm and cloud gaming services. Integration of success?

The story of the compromises


 
The past year has given us plans to release Google laptops based on ARM solutions from Qualcomm with the Windows operating system. The majority met this
 
the solution is cool enough. And besides, recently the information was revealed that it would be sufficiently reduced in the functionality of the system, which in general was clear earlier.
 
Google, Qualcomm and cloud gaming services. Integration of success?
 
About any support is not said in Microsoft, for the full implementation of an alien architecture for Win requires a lot of time. Probably, the seditious thought crept in every person who understands this. Why would they even release ...[/h]
+ 0 -