HTML

add news feed

tweet a story

Microsoft Security Bulletin MS13-080 - Critical This security update resolves eight privately reported and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if...
Microsoft Security Bulletin MS13-080 - Critical This security update resolves eight privately reported and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows servers. For more information, see the full bulletin. Recommendation. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871. For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. Update for Flash Player (2886439) On October 8th, an update for Adobe Flash Player in Internet Explorer 10 and 11 on supported editions of Windows 8, Windows 8.1 and Windows Server 2012 and Windows Server 2012 R2 is also available. The details of the bug fixes and new features are documented in Adobe release notes for Flash Player 11.9. Most customers have automatic updating enabled and will not need to take any action because this update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871. — Wilson Guo, Program Manager, Internet Explorer
about 2 hours ago
Not to be outdone by Sil’s 15 Minute Meals done by an idiot, here’s the lunch I cooked my yesterday for my brood as a change from normal roasts, to unanimous acclaim and a request to do it for Xmas dinner. Ingredients Enough...
Not to be outdone by Sil’s 15 Minute Meals done by an idiot, here’s the lunch I cooked my yesterday for my brood as a change from normal roasts, to unanimous acclaim and a request to do it for Xmas dinner. Ingredients Enough chicken legs for everyone 8 good sausages (I used Sainsbury’s best Pork and Apple ones) Loads of thyme and some sage (out of the garden) Half a chorizo ring Jar of black olives (cheapo ones are fine) 4 cloves of garlic Some pickled chills if you like a tang butternut squash (or courgette, or potato, or whatever) 2 – 3 parsnips, depending on size 4 or 5 good size carrots 3 oranges (and some lemon/ lime if you want) olive oil, salt, pepper Purple sprouting broccoli Frozen peas Get a large baking dish, and pre-heat the oven to about gas mark 5. Lay the chicken in the baking dish. Cut sausages into 3 pieces, and throw them into the tray. Chop chorizo into fingernail sized chunks, throw them on. Peel and chop the squash, carrots and parsnips into decent-sized chunks – about half the size of your thumb (too small and they’ll disintegrate). Throw it all on. Ditto olives and pickled chillis. Juice the oranges and pour it over everything, drizzle olive oil over it all (not too much as the meat will produce its own fat). Finely chop garlic, some orange zest and pour it over. Add some salt, and black pepper and lots of sage and thyme. Wuffle it around with a wooden spoon to make sure everything is oiled and seasoned. Put it in the oven. Open bottle of wine to let it breathe. Drink a glass of it to test it. 25 mins later, turn everything over in the dish and put it back. About 1 hour after you turned the oven on, put the kettle on and boil some water. While it’s boiling, put peas and broccoli in a microwavable bowl, add 2 tbsp of water, cover and nuke for 5 mins. Serve everything. Use juices left in pan, veg water, a glug of wine and water from kettle plus a Knorr Chicken Stock Pot to make gravy. Eat it all. Total cost, excluding wine, about £15 for 4 people.
1 day ago
@joesuf agreed:
@joesuf agreed:
2 days ago
This is the 27 September – 4 October 2013 edition of a “weekly digest of W3C news and trends” that I prepare for the W3C Membership and public-w3c-digest mailing list (publicly archived). This digest aggregates information ab...
This is the 27 September – 4 October 2013 edition of a “weekly digest of W3C news and trends” that I prepare for the W3C Membership and public-w3c-digest mailing list (publicly archived). This digest aggregates information about W3C and W3C technology from online media —a snapshot of how W3C and its work is perceived in online media. You may tweet your demos and cool dev/design stuff to @koalie, or write me e-mail. If you have suggestions for improvement, please leave a comment. W3C and HTML5 related Twitter buzz [What was tweeted frequently, what caught my attention. Most recent first (popularity is flagged with a figure —number of times the same URIs or tweet was quoted/RTed.] (110) HTML5 Rocks Tutorials: requestAutocomplete – take my money, not my time, by Jake Archibald (1.5K) Boing Boing: W3C green-lights adding DRM to the Web’s standards, says it’s OK for your browser to say “I can’t let you do that, Dave” (1K) EFF: Lowering Your Standards: DRM and the Future of the W3C (200) ALA, W3C Column: Performance Matters, by Jatinder Mann (7.9K) HTML5: Google Launches Public Beta of Web Designer (67) W3C Tweet: 19th birthday of the W3C W3C in the Press (or blogs) 18 articles this week. A selection follows. Highlights: DRM in HTML5 (7 articles, in Russian, French, Dutch, English) Google launches public beta of Web Designer [Most recent first. Find keywords and more on our Press clippings] OpenStand (3 October), Statement from OpenStand on the Strengths of the OpenStand Principles Electronic Frontier Foundation (2 October), Lowering Your Standards: DRM and the Future of the W3C Boing Boing (2 October), W3C green-lights adding DRM to the Web’s standards, says it’s OK for your browser to say “I can’t let you do that, Dave” ITworld (1 October), See – and hear – what it was like to surf the web 20 years ago The Next Web (30 September), Google launches public beta of Web Designer, a free design tool for creating HTML5 ads and campaigns The Hill’s Hillicon Valley (30 September), New California law may push other Do Not Track effort MIT News (30 September), Building disaster-relief phone apps on the fly Forbes (28 September), HTML5 is the Future of Book Authorship
4 days ago
Leonard Richardson: Hey, folks, I got some pretty exciting news. Now that RESTful Web APIs has come out, there’s really no reason to buy 2007’s RESTful Web Services. So Sam Ruby and I and O’Reilly have gotten together and started giving ...
Leonard Richardson: Hey, folks, I got some pretty exciting news. Now that RESTful Web APIs has come out, there’s really no reason to buy 2007’s RESTful Web Services. So Sam Ruby and I and O’Reilly have gotten together and started giving the old book away. You can get a PDF from the RESTful Web APIs website or from my now-ancient RESTful Web Services site. The license is BY-NC-ND.
4 days ago
October 14th was chosen in 1946 to raise awareness among regulators, industry and consumers as to the importance of standardization to the global economy. Last year for the WSD, we celebrated the creation of OpenStand, as a way to crysta...
October 14th was chosen in 1946 to raise awareness among regulators, industry and consumers as to the importance of standardization to the global economy. Last year for the WSD, we celebrated the creation of OpenStand, as a way to crystallize the principles of standardization used to create and evolve the Internet and the Web. This year, in 2013, I’d like to celebrate this day by doing two things: first, something a bit fun, a personal review of some of graphic designs used to celebrate WSD, to see how they convey the OpenStand ideas (remember it’s an ISO/IEC/ITU initiative), and second, have a more serious discussion on the recent PRISM story. Graphic designs celebrating WSD So first, looking at the WSD imagery: the largest source is the ISO competition for WSD poster, but there are also lots of regional celebration graphics. I’ll start with the banner of the World Standards Cooperation, the organization that runs the competition on behalf of the ISO/IEC/ITU. It’s nice, and is high on messaging, but it doesn’t really suggest to me the real nature of open standardization. I also find it too commercially oriented, the baton looks too shiny not to cost a lot ;) It does refer to values shared by all standardizers, such as cooperation, e.g., passing on something, building for and onto other’s work, and the idea of new communication/conduit (the Michelangelo allusion), but it misses the interoperability and innovation aspects which I think are paramount in the field. The winner of the 2013 competition better conveys the interop piece. But in such a mechanical way that it is a bit scary. For instance, it’s impossible to decide in which direction the gears are turning, e.g., who is in charge, and it’s clear to any engineer that the little Vinci man is going to turn much much faster than the big earth wheel – talk about a ride! It’s not very strong either on the OpenStand consensual, transparency and openness aspects, gears being by nature hidden under the hood and obeying strict physical laws. The runners up in the 2013 competition were much better on feeling, using nature/green as a background, and the butterfly one conveyed a nice innovation trend and some interoperability as well (assuming all the new butterflies can communicate, being all butterflies). . . But still, I think the scope is limited to Darwinism, and whether or not standards obey natural selection laws is not really the focus of the WSD. Looking at previous WSD posters, I really liked the Accessibility theme in 2010. Accessibility having such a broad scope, it does cover a lot of ground, but it is still unclear if once around the table, the due process used by the participants is consensual, transparent, etc. OK, I’m getting picky. So to keep things short, I think I was looking for something like this: Open ICT Standards: Transparent, Compatible. (OK, I can already hear the curmudgeons “But, but? Isn’t it a small Webcam I see inside the bulb?!”) Maybe we should have a contest for an OpenStand poster. Before closing this fun section, don’t get me wrong, I hope that this post will promote the WSD contest and I applaud the efforts of ISO/IEC/ITU for celebrating such a day. Transparency rules If I insisted on transparency in my first paragraphs, it’s because there has been allegations recently that some government agencies where spying on citizens using back-doors in ICT standards that they had inserted themselves during the standard development. Quite an accusation and a risk to lose a confidence and a trust capital that we’re just starting to get from the general population. We’ve looked at this issue with our OpenStand partners and decided to remind policy makers of the importance of transparency and openness in standard making. In a joint statement yesterday, we explain our belief that the OpenStand way may not be perfect, but that it is the best
5 days ago
After convincing my Member of Parliament, John Hemming, of the folly of Cameron’s plan to censor the web in the UK (sorry, I mean filter the web), he’s been doing some digging with the ISPs, writing to them to ask whether the...
After convincing my Member of Parliament, John Hemming, of the folly of Cameron’s plan to censor the web in the UK (sorry, I mean filter the web), he’s been doing some digging with the ISPs, writing to them to ask whether they plan to store your opt-ins privately on your router, or centrally. He’s published the answers to his emails to BT, Sky and Virgin. BT were evasive, and TalkTalk didn’t formally respond, but it’s pretty clear they’ll store them in a centralised database. What could possibly go wrong with the government having access to a list of all those who want to see porn or “extremist” sites? It’s not like we live in a surveillance society, is it? John and I would like to publish a fuller list. If you are a customer of an ISP that’s not on the list, please email them and ask them if they plan to store your opt-ins on a centralised database, what categories they intend to filter (eg, porn, extremism, alcohol, drugs) and how they will categorise them (eg, who will decide whether BNP/ EDL sites are “extremist”?) and paste it into a comment below. Please include the date and time the reply was sent, and who signed it (so we can double-check before publishing on John’s blog). Thanks!
6 days ago
As of today, the HTML Working Group can publish some of their Recommendation-track specifications under a Dual License: Creative Commons Attribution 3.0 Unported License (CC-BY) and the W3C Document License. This change comes as part of ...
As of today, the HTML Working Group can publish some of their Recommendation-track specifications under a Dual License: Creative Commons Attribution 3.0 Unported License (CC-BY) and the W3C Document License. This change comes as part of the new HTML Working Group charter. The W3C Director proposed this permissive copyright in May as an experiment in response to a request from the HTML Working Group to be able to “fork” a specification (create a derivative work). A permissive license also makes it easier to include the prose of a specification in software and software documentation. The experiment is expected to make it easier for people to bring work to the HTML Working Group, and for the group to complete HTML 5.0 on time. The experiment will last through the duration of the HTML Working Group charter, during which time we will be looking for both positive impacts and unintended consequences such as harming interoperability. For example, forking a specification can impose high costs, and is therefore not recommended. We will always encourage individuals to work within the W3C Process and find common grounds with the community at large in order to avoid fragmentation and harming the interoperability of the World Wide Web. We have created a FAQ to answer other questions about the experiment. We’re looking forward to this experiment as part of our continued effort to work with the community to build an Open Web Platform and we’re encouraging the community at large to take advantage of the experiment.
8 days ago
Apologies for the irregularity of the Reading List at the moment; September and October are autumn conference season and my schedule is bonkers. Responsive Images A meeting at Mozilla Paris on how to solve Responsive Images, organised an...
Apologies for the irregularity of the Reading List at the moment; September and October are autumn conference season and my schedule is bonkers. Responsive Images A meeting at Mozilla Paris on how to solve Responsive Images, organised and summarised by Marcos Caceres concluded Browser vendors agree that srcset + DPR-switching is the right initial step forward (i.e., the 2x, 3x, etc. syntax). Agreement to then consider srcset + viewport size after some implementation experience (possibly drop height syntax from srcset spec). If not implemented, Width/Height syntax to possibly be marked at risk in srcset spec. Browser makers acknowledge the art-direction use case, but still think is not the right solution. Adding new HTTP headers to the platform, as Client-Hints proposes to do, has had negative impact in the past – so Client Hints might need to be reworked at bit before it becomes more acceptable to browser verndors. So initially, we’ll use something like Browsers that have “retina” displays will choose retina.jpg as they have 2 CSS pixels to one physical pixel. Browsers that aren’t retina, or don’t understand the new syntax, fall back to the good old src attribute. WebKit and Blink have implemented (but not yet shipped) srcset, Mozilla is planning implemention now. Meanwhile, an alternative “srcN” proposal has been put forward by Tab Atkins and John Mellor (excitingly, “John Mellor” was the real name of The Clash’s Joe Strummer). It claims to solve Resolution-based discrimination, Art-direction discrimination and Viewport-based discrimination usecases. Discussion here. UK Government Web The Cabinet Office’s Open Standards Board is recommending open standards technology. The first two to be approved are HTTP/1.1 and Unicode UTF-8. Francis Maude, the Minister, allegedly said “open standards will give us interoperable software, information and data in government and will reduce costs by encouraging competition, avoiding lock-in to suppliers or products and providing more efficient services”. This may not be revelatory to those of us in the web world, but it’s a Good Thing for the nation. I had the pleasure of hearing Paul Arnett (now of Twitter, previously of gov.uk) talking about the gov.uk initiative at From The Front conference a few days ago, and thought it was a sign of schizophrenia that the same government that can allow subject experts make a world-leading governmental portal is the same government that disregards experts and its own consultation in wanting to censor the web. I realise now that it’s the old Tory DNA: the belief in encouraging competition by economic liberalism, reducing bureaucracy, while remaining socially authoritarian and reeling from one moral panic to the other. So no change there. Standardsy Stuff Service Workers: Navigation Controllers, Minus Navigations, Plus New Shiny – goodbye Crappcache, au revoir Navigation Controllers, hello Service Workers! Responsive elements – a tiny JS library that “makes it possible for any element to adapt and respond to the area they occupy” Designing for iOS7: Perils & Pluses by Luke Wroblewski Embed Responsively – paste in a YouTube/ Vimeo/ etc URL, and get some cut-n-paste code that makes your embeds responsive Node school – “Install these choose-your-own-adventure style lessons and learn how to use node.js” Misc NASA paywalls first papers arising from Curiosity rover, I am setting them free The Feynman Lectures on Physics in handy HTML format How Much Does The Internet Weigh?
9 days ago
@shelleypowers @cookiecrook uses inert (set by browser) to indicate make non dialog DOM inert
@shelleypowers @cookiecrook uses inert (set by browser) to indicate make non dialog DOM inert
11 days ago