Sunday, March 03, 2013

Evernote Resets All Users Passwords

Evernote Resets Passwords After Attackers Steal Login Data
"Online personal organizer Evernote reset passwords for all its users after attackers breached the company's systems and accessed login credentials, the company said in an email to customers.
Evernote assured users that even though the passwords had been exposed, the damage was limited because the company had used "one-way encryption" (hashed and salted) to protect the data. This means that attackers would have a more difficult time cracking the information to steal the actual password."

HTTP PATCH method, SPDY => HTTP 2.0

Most of internet is running on HTTP protocols that didn't change much
for a very long (computer) time...
But there are some people working hard to change that.
On one side there is Google SPDY protocol, that is now used as basis for HTTP 2.0.
On the other side, there are some adjustments on existing HTTP, by adding new methods.

RFC 5789 - PATCH Method for HTTP
Several applications extending the Hypertext Transfer Protocol (HTTP)
require a feature to do partial resource modification. The existing
HTTP PUT method only allows a complete replacement of a document.
This proposal adds a new HTTP method, PATCH, to modify an existing
HTTP resource.


HTTP PATCH preferred format is apparently JSON, not XML

Google: SPDY, err... HTTP 2.0: What Is It, How, Why, and When? @ InfoQ

Essentialy, Chrome browser, as well as Firefox and Opera,
are already using faster SPDY when communicating with Google servers.
Adding plugin to Apache with no other changes improves speed and reduces latency
So Google is "tuning" protocol on live and huge system.

Not to be outdone, Microsoft is proposing alternative incremental improvements to HTTP 1.1,
called "HTTP Speed and Mobility"

Some people call it a ""HTTP 2.0 War"

but this is more like healthy market competition of ideas...

Given recent history, Microsoft is likely to "embrace and sell support" for whatever is useful