The Web As a Runtime in Mobile Context
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Mozilla Firefox Lower Version Free Download Firefox Release Notes
mozilla firefox lower version free download Firefox Release Notes. Release Notes tell you what’s new in Firefox. As always, we welcome your feedback. You can also file a bug in Bugzilla or see the system requirements of this release. Download Firefox — English (US) Your system may not meet the requirements for Firefox, but you can try one of these versions: Download Firefox — English (US) Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Firefox for Android Firefox for iOS. December 1, 2014. We'd also like to extend a special thank you to all of the new Mozillians who contributed to this release of Firefox! Default search engine changed to Yandex for Belarusian, Kazakh, and Russian locales. Improved search bar (en-US only) Firefox Hello real-time communication client. Easily switch themes/personas directly in the Customizing mode. Wikipedia search now uses HTTPS for secure searching (en-US only) Recover from a locked Firefox process in the "Firefox is already running" dialog on Windows. Fixed. CSS transitions start correctly when started at the same time as changes to display, position, overflow, and similar properties. Fullscreen video on Mac disables display sleep, and dimming, during playback. Various Yosemite visual fixes (see bug 1040250) Changed. Proprietary window.crypto properties/functions re-enabled (to be removed in Firefox 35) Firefox signed by Apple OS X version 2 signature. Developer. WebIDE: Create, edit, and test a new Web application from your browser. Highlight all nodes that match a given selector in the Style Editor and the Inspector's Rules panel. -
Brief Intro to Firebug Firebug at a Glance
Brief Intro to Firebug Firebug at a glance • One of the most popular web debugging tool with a collec6on of powerful tools to edit, debug and monitor HTML, CSS and JavaScript, etc. • Many rich features: • Inspect, Log, Profile • Debug, Analyze, Layout How to install • Get firebug: • Open Firefox, and go to hp://geirebug.com/ • Click Install Firebug, and follow the instruc6ons • Ways to launch Firebug • F12, or Firebug Buon • Right click an element on the page and inspect it with Firebug Firebug Panels • Console: An interac6ve JavaScript Console • HTML: HTML View • CSS: CSS View • Script: JavaScript Debugger • DOM: A list of DOM proper6es (defaults to window object) • Net: HTTP traffic monitoring • Cookies: Cookie View Tasks for HTML Panel • Open twiLer.com and log in with your account. Ac6vate Firebug. • Tasks with HTML Panel • 1. Which <div> tag corresponds to the navigaon bar at the top of the page? • 2. Change the text “Messages” in the navigaon bar to “Tweets” • 3. Find out which <div> tag corresponds to the dashboard which is the le` column of the page. Can you change the width of the dashboard to 200px? • 4. Try to figure out the URL of your profile picture at the top le` corner of the home page, and use this URL to open this picture in a new tab. • 5. Change your name next to your profile picture to something else, and change the text colour to blue. Inspect HTTP Traffic • Open twiLer.com and log in with your account. Ac6vate Firebug. • Tasks with Net Panel • 1. Which request takes the longest 6me to load? • 2. -
Trident Development Framework
Trident Development Framework Tom MacAdam Jim Covill Kathleen Svendsen Martec Limited Prepared By: Martec Limited 1800 Brunswick Street, Suite 400 Halifax, Nova Scotia B3J 3J8 Canada Contractor's Document Number: TR-14-85 (Control Number: 14.28008.1110) Contract Project Manager: David Whitehouse, 902-425-5101 PWGSC Contract Number: W7707-145679/001/HAL CSA: Malcolm Smith, Warship Performance, 902-426-3100 x383 The scientific or technical validity of this Contract Report is entirely the responsibility of the Contractor and the contents do not necessarily have the approval or endorsement of the Department of National Defence of Canada. Contract Report DRDC-RDDC-2014-C328 December 2014 © Her Majesty the Queen in Right of Canada, as represented by the Minister of National Defence, 2014 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 2014 Working together for a safer world Trident Development Framework Martec Technical Report # TR-14-85 Control Number: 14.28008.1110 December 2014 Prepared for: DRDC Atlantic 9 Grove Street Dartmouth, Nova Scotia B2Y 3Z7 Martec Limited tel. 902.425.5101 1888 Brunswick Street, Suite 400 fax. 902.421.1923 Halifax, Nova Scotia B3J 3J8 Canada email. [email protected] www.martec.com REVISION CONTROL REVISION REVISION DATE Draft Release 0.1 10 Nov 2014 Draft Release 0.2 2 Dec 2014 Final Release 10 Dec 2014 PROPRIETARY NOTICE This report was prepared under Contract W7707-145679/001/HAL, Defence R&D Canada (DRDC) Atlantic and contains information proprietary to Martec Limited. The information contained herein may be used and/or further developed by DRDC Atlantic for their purposes only. -
Flash Player and Linux
Flash Player and Linux Ed Costello Engineering Manager Adobe Flash Player Tinic Uro Sr. Software Engineer Adobe Flash Player 2007 Adobe Systems Incorporated. All Rights Reserved. Overview . History and Evolution of Flash Player . Flash Player 9 and Linux . On the Horizon 2 2007 Adobe Systems Incorporated. All Rights Reserved. Flash on the Web: Yesterday 3 2006 Adobe Systems Incorporated. All Rights Reserved. Flash on the Web: Today 4 2006 Adobe Systems Incorporated. All Rights Reserved. A Brief History of Flash Player Flash Flash Flash Flash Linux Player 5 Player 6 Player 7 Player 9 Feb 2001 Dec 2002 May 2004 Jan 2007 Win/ Flash Flash Flash Flash Flash Flash Flash Mac Player 3 Player 4 Player 5 Player 6 Player 7 Player 8 Player 9 Sep 1998 Jun 1999 Aug 2000 Mar 2002 Sep 2003 Aug 2005 Jun 2006 … Vector Animation Interactivity “RIAs” Developers Expressive Performance & Video & Standards Simple Actions, ActionScript Components, ActionScript Filters, ActionScript 3.0, Movie Clips, 1.0 Video (H.263) 2.0 Blend Modes, New virtual Motion Tween, (ECMAScript High-!delity machine MP3 ed. 3), text, Streaming Video (ON2) video 5 2007 Adobe Systems Incorporated. All Rights Reserved. Widest Reach . Ubiquitous, cross-platform, rich media and rich internet application runtime . Installed on 98% of internet- connected desktops1 . Consistently reaches 80% penetration within 12 months of release2 . Flash Player 9 reached 80%+ penetration in <9 months . YUM-savvy updater to support rapid/consistent Linux penetration 1. Source: Millward-Brown September 2006. Mature Market data. 2. Source: NPD plug-in penetration study 6 2007 Adobe Systems Incorporated. All Rights Reserved. -
Understanding the Attack Surface and Attack Resilience of Project Spartan’S (Edge) New Edgehtml Rendering Engine
Understanding the Attack Surface and Attack Resilience of Project Spartan’s (Edge) New EdgeHTML Rendering Engine Mark Vincent Yason IBM X-Force Advanced Research yasonm[at]ph[dot]ibm[dot]com @MarkYason [v2] © 2015 IBM Corporation Agenda . Overview . Attack Surface . Exploit Mitigations . Conclusion © 2015 IBM Corporation 2 Notes . Detailed whitepaper is available . All information is based on Microsoft Edge running on 64-bit Windows 10 build 10240 (edgehtml.dll version 11.0.10240.16384) © 2015 IBM Corporation 3 Overview © 2015 IBM Corporation Overview > EdgeHTML Rendering Engine © 2015 IBM Corporation 5 Overview > EdgeHTML Attack Surface Map & Exploit Mitigations © 2015 IBM Corporation 6 Overview > Initial Recon: MSHTML and EdgeHTML . EdgeHTML is forked from Trident (MSHTML) . Problem: Quickly identify major code changes (features/functionalities) from MSHTML to EdgeHTML . One option: Diff class names and namespaces © 2015 IBM Corporation 7 Overview > Initial Recon: Diffing MSHTML and EdgeHTML (Method) © 2015 IBM Corporation 8 Overview > Initial Recon: Diffing MSHTML and EdgeHTML (Examples) . Suggests change in image support: . Suggests new DOM object types: © 2015 IBM Corporation 9 Overview > Initial Recon: Diffing MSHTML and EdgeHTML (Examples) . Suggests ported code from another rendering engine (Blink) for Web Audio support: © 2015 IBM Corporation 10 Overview > Initial Recon: Diffing MSHTML and EdgeHTML (Notes) . Further analysis needed –Renamed class/namespace results into a new namespace plus a deleted namespace . Requires availability -
Actionscript 3.0 from the Ground up Tour
Adobe Presents Colin Moock’s ActionScript 3.0 From the Ground Up Tour Materials provided by O’Reilly Media, Inc. Welcome Key Learning Welcome to the ActionScript 3.0: From the Ground Up Tour! In collaboration with Colin Moock, FITC Design and Technology The following table lists some of today’s most important concepts. Events, O’Reilly, and participating academic institutions around the world, Adobe is thrilled to bring you this world-class day of training. Following the tradition of Flex Camp (http://flex.org/camp/) and the onAIR bus tour (http://onair.adobe.com/), this Concept Example lecture is an important part of Adobe’s ongoing initiative to bring knowledge to the development community. Classes are blueprints for objects. class VirtualPet { At Adobe, we understand that a tool is only useful when you know how to use it. And we’re committed to helping you gain that knowledge. So sit back, get ready for a high-paced day of learning, and most of all have fun! } Objects (or instances) are the things in a program, new VirtualPet() Links and Resources such as a number, a car, a button, a point in time The entire set of notes for today’s lecture are available at: Some classes are built into ActionScript, others are MovieClip, TextField, Sound, String custom-made. http://moock.org/lectures/groundUpAS3 A package contains a class so its name doesn’t package zoo { The code for the virtual zoo application can be obtained at: conflict with other names. class VirtualPet { http://moock.org/eas3/examples/moock_eas3_examples/virtualzoo_final } For a prose version of today’s lecture in book form, see Colin Moock’s Essential ActionScript 3.0 (O’Reilly, 2007). -
Nessus 8.3 User Guide
Nessus 8.3.x User Guide Last Updated: September 24, 2021 Table of Contents Welcome to Nessus 8.3.x 12 Get Started with Nessus 15 Navigate Nessus 16 System Requirements 17 Hardware Requirements 18 Software Requirements 22 Customize SELinux Enforcing Mode Policies 25 Licensing Requirements 26 Deployment Considerations 27 Host-Based Firewalls 28 IPv6 Support 29 Virtual Machines 30 Antivirus Software 31 Security Warnings 32 Certificates and Certificate Authorities 33 Custom SSL Server Certificates 35 Create a New Server Certificate and CA Certificate 37 Upload a Custom Server Certificate and CA Certificate 39 Trust a Custom CA 41 Create SSL Client Certificates for Login 43 Nessus Manager Certificates and Nessus Agent 46 Install Nessus 48 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Download Nessus 49 Install Nessus 51 Install Nessus on Linux 52 Install Nessus on Windows 54 Install Nessus on Mac OS X 56 Install Nessus Agents 58 Retrieve the Linking Key 59 Install a Nessus Agent on Linux 60 Install a Nessus Agent on Windows 64 Install a Nessus Agent on Mac OS X 70 Upgrade Nessus and Nessus Agents 74 Upgrade Nessus 75 Upgrade from Evaluation 76 Upgrade Nessus on Linux 77 Upgrade Nessus on Windows 78 Upgrade Nessus on Mac OS X 79 Upgrade a Nessus Agent 80 Configure Nessus 86 Install Nessus Home, Professional, or Manager 87 Link to Tenable.io 88 Link to Industrial Security 89 Link to Nessus Manager 90 Managed by Tenable.sc 92 Manage Activation Code 93 Copyright © 2021 Tenable, Inc. -
Empirical Studies of Javascript-‐ Based Web Applicaxon
Empirical Studies of JavaScript- based Web Applica8on Reliability Karthik Pa@abiraman1 Frolin Ocariza1 Kar.k Bajaj1 Ali Mesbah1 Benjamin Zorn2 1 University of Bri.sh Columbia (UBC), 2MicrosoE Research (MSR) Web 2.0 Applicaons Copyright: Karthik Paabiraman, 2014 Web 2.0 Applicaon: Amazon.com Menu Amazon’s Third party Search bar Web 2.0 applicaons allow rich UI funconality within a single web page own ad gadget ad Func8on Copyright: Karthik Paabiraman, 2014 Modern Web Applicaons: JavaScript • JavaScript: Implementaon of ECMAScript standard – Client-Side JavaScript: used to develop web apps • Executes in client’s browser – send AJAX messages • Responsible for web applicaon’s core func.onality • Not easy to write code in – has many “evil” features 4 Copyright: Karthik Paabiraman, 2014 JavaScript: History Brief History of JavaScript (Source: TomBarker.com) JavaScript (JS) had to “look like Java” only less so, be Java’s dumb kid brother or boy-hostage sidekick. Plus, I had to be done in ten days or something worse than JS would have happened – Brendan Eich (Inventor of JavaScript) Copyright: Karthik Paabiraman, 2014 • • 10000 20000 30000 40000 50000 60000 70000 80000 90000 Thousands of lines of code, oEen > 10,000 97 of the 0 Google YouTube Yahoo Baidu QQ MSN Amazon JavaScript: Prevalence Sina WordPress Alexa Ebay LinkedIn Bing MicrosoE Yandex 163 top 100 websites use JavaScript Copyright: Karthik Paabiraman, 2014 mail.ru PayPal FC2 Flickr IMDb Lines of code Apple Livedoor BBC Sohu go.com Soso Youku AOL CNN MediaFire ESPN MySpace MegaUpload Mozilla 4shared Adobe About LiveJournal Tumblr goDaddy CNET YieldManager Sogou Zedo Ifeng Pirate Bay ImageShack Weather NY Times Nelix JavaScript: “good” or “Evil” ? Vs Eval Calls (Source: Richards et al. -
Optimizing Actionscript Bytecode Using LLVM
Optimizing ActionScript Bytecode using Replace with LLVM a graphic White Master 5.5” Tall & 4.3” Wide 10/2/2009 Scott Petersen Adobe Systems, Inc. Copyright 2009 Adobe Systems Incorporated. All rights reserved. Adobe confidential. 1 ActionScript 3 . Adobe Flash/AIR app development language . EcmaScript based – “JavaScript with classes and types” . var x; // implicitly a variant – JS style . var x:int; // x is an int! . var x:*; // explicitly a variant . ActionScript Bytecode (ABC) reminiscent of JVM bytecode . Verified . Stack oriented . Object oriented ® Copyright 2009 Adobe Systems Incorporated. All rights reserved. Adobe confidential. 2 ActionScript 3 . JIT compiler + interpreter + garbage collector + basic support library in around 1.5M uncompressed, 600k compressed for x86 . Open Source Tamarin Project http://www.mozilla.org/projects/tamarin . Straightforward AS3 compiler . Effectively non-optimizing ® Copyright 2009 Adobe Systems Incorporated. All rights reserved. Adobe confidential. 3 ActionScript 3 Performance . Performance for AS => AS3 compiler + Tamarin JIT . Roughly 1.2% of native optimized C (Scimark2 numeric benchmark) . Performance for C => C/LLVM based frontend (Alchemy) + Tamarin JIT . Roughly 30% of native optimized C (Scimark2 numeric benchmark) . Performance for Java => javac + JRE 6 . Roughly 60% of native optimized C (Scimark2 numeric benchmark) ® Copyright 2009 Adobe Systems Incorporated. All rights reserved. Adobe confidential. 4 ActionScript 3 Performance . C code running on the Tamarin JIT is >20x faster than AS3! . Why is C code so fast on Tamarin? . Why is AS3 code so slow on Tamarin? . Alchemy generated code . Avoids some known performance pitfalls in Tamarin . AS3 has a variant type – boxing and unboxing is expensive – Alchemy avoids this . AS3 often does many object allocations, taxing the GC – Alchemy uses a single “ram” object with fast access opcodes . -
Sample2.Js Malware Summary
Threat Analysis Report Summary Threat Malicious Level File Name sample2.js MD5 Hash 580E637B97B16698CC750B445223D5C0 Identifier SHA-1 Hash 07E507426F72522DABFECF91181D7F64DC3B8D23 Identifier SHA-256 Hash 790999F47B2FA4396FF6B0A6916E295D832A12B3495A87590C859A1FE9D73245 Identifier File Size 3586 bytes File Type ASCII text File 2015-11-06 09:26:23 Submitted Duration 38 seconds Sandbox 27 seconds Replication Engine Analysis Engine Threat Name Severity GTI File Reputation --- Unverified Gateway Anti-Malware JS/Downloader.gen.f Very High Anti-Malware JS/Downloader.gen.f Very High YARA Custom Rules Sandbox Malware.Dynamic Very High Final Very High Sample is malicious: f inal severit y level 5 Behavior Classif icat ion Networking Very High Exploiting, Shellcode High Security Solution / Mechanism bypass, termination and removal, Anti Unverified Debugging, VM Detection Spreading Unverified Persistence, Installation Boot Survival Unverified Hiding, Camouflage, Stealthiness, Detection and Removal Protection Unverified Data spying, Sniffing, Keylogging, Ebanking Fraud Unverified Dynamic Analysis Action Severity Malware behavior: networking activities from non-executable file Very High ATTENTION: connection made to a malicious website (see Web/URL Very High reputation for details) Detected suspicious Java Script content High Downloaded data from a webserver Low Modified INTERNET_OPTION_CONNECT_RETRIES: number of times that Low WinInet attempts to resolve and connect to a host Connected to a specific service provider Low Cracks a URL into its component -
Tion Thomas EA Graphics Lunch Presentation
Tion Thomas EA Graphics Lunch Presentation Software Engineering Intern Central Technology Group – Apt Purdue University – MS ‘09 Mentor: Anand Kelkar Manager: Fazeel Gareeboo EA Company Overview Founded in 1982 Largest 3rd party game publisher in the world Net revenue of $3.67 billion in FY 2008 #1 mobile game publisher (acquired JAMDAT) Multi-Platform philosophy Has/owns development studios all over the globe: Bioware/Pandemic (Bioshock, Mercenaries) Criterion (Burnout, Black) Digital Illusions (Battlefield series) Tiburon (Madden) Valve (Half-Life) Crytek (Crysis) EA Company Overview cont… 4 Major Brands/Divisions: EA Sports (FIFA, Madden, NBA, NFL, Tiger Woods, NASCAR) EA Sports Freestyle (NBA Street, NFL Street, FIFA Street, SSX) EA (Medal of Honor, C&C, Need For Speed, SIMS, Spore, Dead Space) POGO (Casual web based games) Currently has 4 entries on the top selling franchises of all time list: #3 - Sims (100 million) #5 - Need For Speed (80 million) #7 – Madden (70 million) #9 - FIFA (65 million) EA Is Unique Sheer size breaks the traditional game developer paradigm Bound by multi-platform technology Long history with titles on almost every console that ever existed Most studios have annual cycles that cannot be broken Both developer and publisher with ownership in many huge studios Origin Of Tiburon Founded by 3 programmers in Longwood, FL First title was MechWarrior for SNES First Madden title was Madden 96 for Genesis, SNES Acquired by EA in 1998 How Tiburon Got Madden Originally, EA contracted Visual -
Návrh Zásobníkového Procesoru Pro Vestavěné Systémy a Implementace Podpůrných Nástrojů
České vysoké učení technické v Praze Fakulta elektrotechnická Katedra řídicí techniky Návrh zásobníkového procesoru pro vestavěné systémy a implementace podpůrných nástrojů DIPLOMOVÁ PRÁCE Vypracoval: Jan Procházka Vedoucí práce: Ing. Pavel Píša PhD. Rok: 2012 zadani Prohlášení Prohlašuji, že jsem svou diplomovou práci vypracoval samostatně a použil jsem pouze podklady (literaturu, projekty, SW atd.) uvedené v přiloženém seznamu. V Praze dne .................... .….............................. Jan Procházka Poděkování Na tomto místě bych chtěl poděkovat Ing. Pavlu Píšovi Ph.D. za vedení mé práce, za poskytnutí podkladů k vypracování, a za cenné rady. Také bych chtěl poděkovat rodině za podporu v době psaní této práce. Jan Procházka Abstrakt Obsahem této práce je v teoretické části analýza virtuálních strojů založených jak na registrové, tak na zásobníkové technologii. Hlavním cílem bude navrhnout interpret typu Forth a zásobníkovou mikroprocesorovou architekturu vhodnou pro vestavěné aplikace řídicích systémů jako řízení, například číslicových systémů, s požadavkem na jednoduchost nejen celé architektury, ale i diagnostiky systému. Následně bude vytvořen interpret portovatelný na cizí platformy. Nakonec bude provedena diskuse aplikace synchronní a asynchronní architektury při návrhu mikroprocesoru. Abstract Content of this thesis is, in the first, theoretical part, virtual machine analysis based on register as well as stack technology. Main goal will be to design Forth style interpreter and stack microprocessor architecture which would