Removing Chrome Spying Activity

---

Chrome is interesting fast browser (well, starts fast), but it has enough attraction that will probably begin to lure people.

The problem is that while Google touts it as a "Safe Browser" that is only stopping others from malicious and unethical activity - but not unethical activity that Google does itself.

This is like a neighbor getting your mail, opening it up for you, checking that it doesn't have any anthrax, but also records who send it, why, what information it had to sell to others, and then before it gives the mail to you, it will re-seal the letters as if it was never open.

Well, there are a number of things you can do to remove the spying. One will require you to rebuild Chrome.

Under Wrench | Options | General

Click the Default Search Manage option and unclick

  [_] Use a suggestion service to help complete searches.....

Under Wrench | Options | Under the Hood, turn off the following options:

  [_] Help Make Chromium Better........

  [_] Show Suggestions for navigation

  [_] Use DNS Pre-Fetching ...........

  [_] Enable Phishing and malware protection

For Cookie Settings use

  [Restrict how third-party cookies can be used]


This will stop all by one last call home spy ware feature.

The last one requires a recompile of the Chrome source code.  Add a single line of code in the c/c++ file:

    File: src\chrome\browser\url_fetch.cc

    Function: function StartUrlRequest()

void URLFetcher::Core::StartURLRequest()  {
DCHECK(MessageLoop::current() == io_loop_);
DCHECK(!request_);

return; // <--- STOP SPY WARE

request_ = new URLRequest(original_url_, this);
....
}

Adding the return statement will stop all unsolicited background call home, monitoring done by Google.

Google Chrome - Open SPYWARE

---

Folks, as much as I admire Google, we need to be careful with what Google is done with their new browser - Chrome.

It is effectively Google "Spy ware" and attempt to take control of the user' PC, oops, I mean "device" in the same with Apple has done with iPhone.

I will have more to say on this, but I believe its time we need to get an organization that will help put a STOP to the rampant unethical practice of installing software that collects, spies and sends info to centralized systems, and also takes control of what you install.

People need to call/contact the FCC, FTC, state senators.

More to come...

Poison Pills: The death of DKIM SSP

---

For those who remember the classic ending in Planet Of the Apes, where Heston finally realizes he never left earth seeing the crumbled Statue of Liberty sticking out of the beach sand, he cries in despair:

"They finally did it! Oh no! Those Bastards finally did it!"

Its exactly how I felt when the DKIM working group was commandeered by a handful of business related concerns to finally destroy the DKIM SSP protocol proposal.

The way they did it was nothing short of a brilliant strategy in injecting a poison pill.

For awhile there, it seemed the momentum was on the side of SSP. The SSP-01 specification was making sense, developers began to feel confidence to implement it feeling there was no way in hell, it will change much more.

But all of sudden BANG - a competitive specification called ASP was introduce - a poison pill. ASP was so BAD, it is fairly obvious no one will use it.

But the ASP group was powerful enough to get the SSP authors to rewrite their own SSP specification with nearly all the same content!! It made you wonder WHO copied WHO!

ASP is so bad, not even the ASP principal author is supporting it his new Reputation $$$$ business services. Its not part of the VBR specification!. You wonder why? Well, Anything SSP related would water this VBR system. Most system would simply not need this REPUTATION service.

In some way, I am happy it happen. Now I can move on. The ASP people should be given credit for killing SSP. I just wonder if they have enough sleeping pills on hand - they are going to need it.

Liar! Liar! Pant on fire! Clemens Busted!

---

Roger "Steroid Dodger" Clemens is busted!

If the new photos of Roger at this Canseco party isn't enough to prove this big bum is a freaking liar, I don't know what else is. Who needs the DNA results from this needle shots up his a-hole? Anyone who think this guy is telling the truth about not using steroids must also believe O.J. never chopped up his wife! Whats wrong with you people!

Just in case anyone is asking why Clemens would lie in our faces, I need only to say two words: PETE ROSE!!

Is DKIM safe without a strong policy framework? Part 2

---

Last year, I touched based with the DKIM securities issues and it major lack of tieing in policy considerations (SSP):

Is DKIM safe without a strong policy framework?

Since last year, the SSP spec has evolved to something that is surreal in terms of its functional specifications. It is overly complex and quite frankly, I don't think even a PHD can understand its purpose.

Today, believe it not, it is still being rehashed, same debates, same arguments, same people on one side of the SSP (CONS) and same people on the other side of SSP (PROS). It is like nothing was accomplished. And just like it existed on day 1, the same problems with DKIM sans SSP, exist today. Its only coming up again now because it will be on the table at the next IETF meeting.

When I wrote the alternative SSP protocol called DSAP, it was specifically written to address all the key security issues.

After discussions with the author of SSP and the IETF-DKIM chairs, I agree to support SSP if it covered all the basic security issues. The author did add the consideration's (although in extremely complex ways), so I opted to abandon any follow ups to my far simply, more concise DSAP I-D proposal.

Today, I am seriously considering of revisiting the DSAP proposal. If the IETF and the IETF-DKIM can't get SSP ratisfied (even with its complexities), I might just throw in this monkey wrench and see how it flies.

Improving jQuery Timers Applications

---

A recent discovery about how jQuery is using AJAX using timer dispatch functions opened up a can of worms about the engineering reasoning used for the jQuery AJAX timer design.

I won't rehash the fine details. If you want to follow the discussion, read the thread at jQuery Support Group.

What I will show is how any jQuery applicaiton that has timers involved can behave differently depends on the user's PC machine timer resolution.

If you have a jQuery application that is sensitive with timers, you owe it to yourself to test it with the test C/C++ utility.

Download:

source code: fastsleep.cpp
zip exe/source: fastsleep.zip

Run the utility and then start to test your jQuery application. Make sure it works with as you expect it. Then hit M in the utility to change the resolution on the PC and retest your jQuery application to see if you see any negative or positive effect.

You might be surprise at what you see. Even if you don't see any visual difference or broken behavior using a PC 1ms timer resolution, your jQuery application could be using excessive overhead. To measure this, you will need to use the FireBug Profiler to see how many times a portion of code was run.

Background:

I'll keep it short, last year I can across this interesing submission at codeproject.com:

How Yahoo! speeds up your application

For me, what was the ultimate discovery is that any application running on your PC, including any browser plugin, who changes the PC's multi-media resolution with a call to timeBeginPeriod(1), the change applies across the entire PC system.

This means all applications, including the browser and any javascript with timers are all affected by the system timer resolution change.

Go ahead and play with this. I am highly interesting to see any reports with timer resolution sensitivity in jQuery applications.

--
HLS

jQuery - Javascript on Steriods

---

For wildcat!, someone requested a wish item to add dynamic popup windows to see a preview of messages when they place their mouse over the message link. Since this request was ditto but many others, I explored adding "balloon tips" for these previews.

I found an javascript module jTip.js and this was very simple to implement into wildcat! mail template pages. Suddenly we have PREVIEWS!

But it wasn't perfect, so I looked for other javascripts and found a "enhanced clone" of jTip called ClueTip!

What was common between the two was that they both were plug-ins for a phenomenal new javascript framework called jQuery.

I checked out this jQuery and all I can start to describe this is by saying "WOW!"

jQuery is basically another language, a wrapper language more specifically that enhances the use of JavaScript. It basically makes it easier to create Web 2.0 applications with less javascript programming - "Write less, Do more" is the jQuery motto.

It does have a different language syntax that takes getting use to, but once you get over that hurdle, it is really quite flexible and I may say elegant as well with its ability to "chain" jQuery methods together in one line.

Here is a quick example of how jQuery improves javascript coding used in Wildcat!

Mail Inbox and listings have select checkboxes. The following javascript in wcMsglib.js is used to get the total selected:

Using raw DOM/Javascript:

// Find nodes by class name

document.getElementsByClassName = function(className) {
   var children = document.getElementsByTagName('*') || document.all;
   var elements = new Array();
   for (var i = 0; i < children.length; i++) {
     var child = children[i];
     var classNames = child.className.split(' ');
     for (var j = 0; j < classNames.length; j++) {
       if (classNames[j] == className) {
         elements.push(child);
         break;
       }
     }
   }
   return elements;
}

function msgTotalSelected()
{
  var nTotal = 0;
  var msgitems = document.getElementsByClassName("msgitem");
  for (var i = 0; i < msgitems.length; i++) {
    var e = msgitems[i];
    if (e.type == "checkbox" && e.checked) nTotal++;
  }
  return nTotal;
}

Using jQuery:

<script type='text/javascript' rc='/public/js/jquery.js'></script>

function msgTotalSelected() {
  return $('msgitem:checked').length;
}

In short, jQuery handles all the typical complex DOM operations you would do to find DOM nodes, elements, classes and objects on a web page and provides a very elegant language syntax to give you all the functionality you need to create awesome web pages very quickly.

Do we need jQuery for Wildcat! web development?

Of course not. It is another tool, but a great one at that! It can make programming Web 2.0 easier.

jQuery also has a growing list of add-ons called "jQuery Plugins" that many people have written to glorify your web pages and make it more interactive.

jQuery also supports cross-browser functionality. This is one thing that will definitely reduce testing a web site against different web browsers.

The jQuery documentation is good (needs more examples) and I particularily like the Visual jQuery Reference site! In addition, the jQuery mailing list support group is very active and helpful as well.

Since I found some very useful jQuery plugins, it is a pretty good bet we will begin to implement jQuery with Wildcat! in many of its client areas. I've been exploring how to use jQuery template concepts, AJAX and other things and I have already found that we can scale the Wildcat! server more by moving a good bit of the server-side template processing to the Browser. I can't go overboard with this because jQuery will add overhead to the Browser thus making it appear more sluggish.

If this all jQuery exploration holds up, I might be setting up a jQuery support area for wildcat! developers and sysops at Santronics Online. This will allow Wildcat! customers to discuss jQuery and how they might be able to further use it with Wildcat! I'll make an announcement when the mail and files areas are ready.

--
HLS

Wildcat! 7.0 Development Starts this Week!

---

After a lengthy research effort, this week we begin the new Wildcat! 7.0 (WC7) development efforts. WC7 will be a long time coming of a re-awaken and modern Wildcat! system with all the current technology and preparing it for the future.

From my research, I found that Wildcat! is still a very strong and powerful framework with ideas and concept that many in the similar industry are just now beginning to recognize and deal with. The basic strategy is to strengthen and enhance the Wildcat! Client/Server framework. This will lay the groundwork for years to come. Our problem has been one of marketing and becoming stagnant with the current strength of the current system, ignoring or not focusing on new trends such as WEB 2.0, RSS, XML I/O, etc.

Well, all that is about to change starting this week. There will more to come with plans and announcements, but one of the first things we already done is to enhance the Developer's Corner at the Santronics Online Support Web Site.

The primarily highlights (subject to change) to look for in Wildcat! 7.0 are:

All Editions (Community, Business, Enterprise)

- XML I/O API support for Wildcat! SDK
- RSS feed support for Mail and File Areas
- BLOG support for Mail and File Areas
- SPRY, FLEX, GWT and APOLLO support
- Audio/Video Support
- New WcNavigator based on Web 2.0 methods
- Open Source WcBASIC (Maybe)

Business Edition and Enterprise Edition

- SQL support for User, Mail and File database
- Clustering Support
- I/O Control Port Support

New editions will be packaged:

- DE Developer Edition
- FE File Exchange Edition
- ME Modem-only Edition
- PE Personal Edition (Free)

and a DEMO version will be made available for download.

Hector Santos/CTO