“Wait a minute, Chrome OS ships with the Gnome desktop environment, OpenOffice, and GIMP? I thought the whole point was that it was purely web-based?

Update: Ah-hah, it’s a fake. Just some scammers hosting on Google Sites. No wonder I was confused. I can’t imagine that Google is OK with this.”

via Daring Fireball

“Over the past year many organizations are noticeably starting to “get” the importance of web application security and studying up on the issues, but experience doesn’t come overnight. At WhiteHat we meet a lot of different people possessing a variety of views on the webappsec world. So a couple days ago, I was sanity checking some of Bill Pennington’s (VP of Services) slides on “Five Things Every Security Professional Should Know about Website Security”. For some reason the way the advice was laid out it reminded me of the Five Stages of Grief (if your familiar) because it closely mimicked the attitudes of those we encounter depending on their degree of webappsec sophistication.  Bill re-did the stages, webappsec style, and it came out pretty funny actually…” via Jeremiah Grossman

Web app developers spend most of our time not thinking about how data is actually transmitted through the bowels of the network stack. Abstractions at the application layer let us pretend that networks read and write whole messages as smooth streams of bytes. Generally this is a good thing. But knowing what’s going underneath is crucial to performance tuning and application design. The character of our users’ internet connections is changing and some of the rules of thumb we rely on may need to be revised….  Read the rest of the article at developer.yahoo.net