Category Archives: Servers

News and issues relating to server side technology.

Trade group exposes 100,000 passwords for Google, Apple engineers

Posted on by

“It is certainly unfortunate this information was leaked out, and who knows who got it before it got fixed,” Dragusin wrote. Elsewhere in the post he said: “If leaving an FTP directory containing 100GB worth of logs publicly open could be a simple mistake in setting access permissions, keeping both usernames and passwords in plaintext is much more troublesome.”

via Trade group exposes 100,000 passwords for Google, Apple engineers | Ars Technica.

Update: An IEEE spokeswoman emailed the following statement: “IEEE has become aware of an incident regarding inadvertent access to unencrypted log files containing user IDs and passwords. We have conducted a thorough investigation and the issue has been addressed and resolved.

Of all groups that have membership websites which store passwords, IEEE would be the last on a list I would suspect to have something like this happen.

phpMyAdmin Back Door

Posted on by

On September 25th, SourceForge became aware of a corrupted copy of phpMyAdmin being served from the ‘cdnetworks-kr-1′ mirror in Korea. This mirror was immediately removed from rotation.

The mirror provider has confirmed the attack vector has been identified and is limited to their mirror; with exploit having occurred on or around September 22nd.

via phpMyAdmin Back Door | SourceForge Community Blog.

This corrupted copy of phpMyAdmin included a backdoor which permitted execution of arbitrary commands by the web server user. The notice from phpMyAdmin may be seen at:
http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php

W3C announces plan to deliver HTML 5 by 2014, HTML 5.1 in 2016

Posted on by

The World Wide Web Consortium (W3C), the group that manages development of the main specifications used by the Web, has proposed a new plan that would see the HTML 5 spec positioned as a Recommendation—which in W3C’s lingo represents a complete, finished standard—by the end of 2014. The group plans a follow-up, HTML 5.1, for the end of 2016.

via W3C announces plan to deliver HTML 5 by 2014, HTML 5.1 in 2016 | Ars Technica.

The new HTML 5.1 will be smaller as a number of technologies (such as Web Workers and WebSockets) were once under the HTML 5 umbrella but have now been broken out into separate specifications. It will also have less stringent testing requirements.

Intel Confirms Decline of Server Giants HP, Dell, and IBM

Posted on by

But just four years later, Bryant says, the landscape has completely changed. Today, she explains, eight server makers account for 75 percent of Intel’s server chip revenues, and at least one of those eight doesn’t even sell servers. It only makes servers for itself. “Google is something like number five on that list,” Bryant told us on Monday evening, during a dinner with reporters in downtown San Francisco.

That’s right, Google is likely the world’s fifth largest server maker.

via Intel Confirms Decline of Server Giants HP, Dell, and IBM | Wired Enterprise | Wired.com.

Which SSL certificate should I buy?

Posted on by

SSL certificates that most web browsers can accept without grief are sold by a relatively small number of companies. That’s because the major web browsers are shipped with a certain set of “root certificate authorities” that they trust… and if your certificate isn’t signed by one of those authorities, or by a certificate “chained” from one of them, then you’re out of luck— the web browser will display a scary warning to the user or, in some cases, refuse to work with your site at all.

The cost of SSL certificates varies quite a bit, from as little as $20 to as much as $1,000 or more. Why such a big difference? There are three main reasons:

via WWW FAQs: Which SSL certificate should I buy?.

2. Some certificates are directly signed by a trusted root certificate, while others are “chained” from another “intermediate” certificate. This isn’t really a problem, as long as the company selling you the chained certificate really does own the root certificate. But some webmasters get confused by intermediate certificates, fail to install them correctly, and mistakenly think they have purchased a bad certificate. So chained certificates are usually less expensive to allow for this inconvenience, even though there is no real technical disadvantage.

Intel immerses its servers in oil — and they like it!

Posted on by

The idea of immersing servers in oil to keep them cool isn’t entirely new — passionate gamers have been housing their systems in vegetable oil for years. But it’s time to take notice of this trend when Intel starts singing its praises as a potentially revolutionary method for slashing the price of running a data center.

via Intel immerses its servers in oil — and they like it! — Cloud Computing News.

Most servers today follow design principles for optimal airflow, but “we could throw some of those rules out,” he said, and maybe build a better server. The obvious steps are eliminating anything to do with fans, sealing hard drives (or going to solid-state drives) and replacing any organic materials that might leech into the oil. A redesign of the heat sink probably would be in order, as would a rethinking of where things sit on the motherboard.

Building Web Services the REST Way

Posted on by

Representational State Transfer is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through an application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use

via.  Building Web Services the REST Way