Sunday, March 03, 2013
"Online personal organizer Evernote reset passwords for all its users after attackers breached the company's systems and accessed login credentials, the company said in an email to customers.
Evernote assured users that even though the passwords had been exposed, the damage was limited because the company had used "one-way encryption" (hashed and salted) to protect the data. This means that attackers would have a more difficult time cracking the information to steal the actual password."
for a very long (computer) time...
But there are some people working hard to change that.
On one side there is Google SPDY protocol, that is now used as basis for HTTP 2.0.
On the other side, there are some adjustments on existing HTTP, by adding new methods.
RFC 5789 - PATCH Method for HTTP
Several applications extending the Hypertext Transfer Protocol (HTTP)
require a feature to do partial resource modification. The existing
HTTP PUT method only allows a complete replacement of a document.
This proposal adds a new HTTP method, PATCH, to modify an existing
WHY PATCH IS GOOD FOR YOUR HTTP API
HTTP PATCH preferred format is apparently JSON, not XML
JSON OR XML: JUST DECIDE
Google: SPDY, err... HTTP 2.0: What Is It, How, Why, and When? @ InfoQ
Essentialy, Chrome browser, as well as Firefox and Opera,
are already using faster SPDY when communicating with Google servers.
Adding plugin to Apache with no other changes improves speed and reduces latency
So Google is "tuning" protocol on live and huge system.
Not to be outdone, Microsoft is proposing alternative incremental improvements to HTTP 1.1,
called "HTTP Speed and Mobility"
Some people call it a ""HTTP 2.0 War"
but this is more like healthy market competition of ideas...
Given recent history, Microsoft is likely to "embrace and sell support" for whatever is useful