RSS

Author Archives: Amr Elsheikh

20 Things I Learned About Browsers And The Web [Thing 20]

19 THINGS LATER…

or, a day in the clouds

And here we are at Thing 20. Let’s recap.

Today’s web is a colorful, visual, practical, nutty, busy, friend-filled, fun and incredibly useful place. Many of us now live a life of cloud computing on the Internet: we read the news, watch movies, chat with friends, and do our daily tasks online with web-based applications right in the browser. Web apps let us do that from anywhere in the world, even if we left our laptops at home.

It’s all possible thanks to the evolution of web standards like HTML, JavaScript, and CSS,as well as browser plug-ins. New capabilities inHTML5 are helping developers create the next generation of truly inventive web apps.

What else is taking shape in the clouds?

  • It takes a modern browser to make the most of the web’s modern features.
  • Modern browsers also help protect against malware and phishing.
  • Open-source sharing has given us better browsers and a faster, richer, more complex web. And open-source brainpower is making the future of the web even brighter.
  • What’s in that bright future? 3D in the browserfaster speeds, and sync across all devices, among other fine things.
  • Being an informed citizen of the web requires some self-education — for instance, learning to control your browser’s privacy settings for various types of content including cookies.
  • You’re also safer on the web when you pay attention to visual cues in the browser, like checking the URLs you’re sent to, and looking for an “https://” secure connection or extended validation.
The final takeaways?
Use a modern browser, first and foremost. Or try a new one and see if it brings you happier browsing that’s better suited to your needs.

The web will keep evolving — dramatically! Support cutting-edge web technologies like HTML5, CSS3 and WebGL, because they’ll help the web community imagine and create a future of great, innovative web apps.

Lastly, try new things. The web is a new and exciting place every day, so try tasks that you didn’t think could be done online — such as researching your ancestry back ten generations, or viewing a real-time webcam image from a climbing basecamp in the Himalayas. You might be surprised by what you find!

If You Find This Articles Helpful Please Share it with your friends and family.

 

Advertisements
 

20 Things I Learned About Browsers And The Web [Thing 19]

OPEN SOURCE AND BROWSERS

or, standing on the shoulders of giants

Today’s Internet stands on the shoulders of giants: the technologists, thinkers, developers, and organizations who continue to push the boundaries of innovation and share what they’ve learned.

This spirit of sharing is at the very heart of open-source software. “Open source”means that the inner workings (or “source code”) of a software are made available to all, and the software is written in an open, collaborative way. Anyone can look into the source code, see how it works, tweak it or add to it, and reuse it in other products or services.

Open-source software plays a big role in many parts of the web, including today’s web browsers. The release of the open-source browser Mozilla Firefox paved the way for many exciting new browser innovations. Google Chrome was built with some components from Mozilla Firefox and with the open-source rendering engine WebKit, among others. In the same spirit, the code for Chrome was made open source so that the global web community could use Chrome’s innovations in their own products, or even improve on the original Chrome source code.

Web developers and everyday users aren’t the only ones to benefit from the faster, simpler, and safer open-source browsers. Companies like Google also benefit from sharing their ideas openly. Better browsers mean a better web experience for everyone, and that makes happier users who browse the web even more. Better browsers also let companies create web apps with the latest cutting-edge features, and that makes users happy, too.

Browsers aren’t the only part of the web that can take the open-source approach. Talk to any group of web developers and you’re likely to hear that they use an open-source Apache HTTP Server to host and serve their websites, or that they developed their code on computers powered by the Linux open-source operating system — just to name a few examples. The good work of the open source community continues to help make the web even better: a web that can be the broad shoulders for the next generation.

 

20 Things I Learned About Browsers And The Web [Thing 18]

EVOLVING TO A FASTER WEB

or, speeding up images, video, and JavaScript on the web

The web today is an amazing visual and interactive stew, teeming with images, photos, videos, and whizzy web apps. Some of the web’s most vivid experiences come from images and videos, from shared photo albums of family vacations to online video coverage from journalists in war zones.

It’s a far cry from the simple text and links that started it all. And it means that every time your browser loads a web page, much more data and complex code needs to be processed.

How much more, and how much more complex? A few astounding statistics:

  • Images and photos now make up about 65% of the information on a typical web page, in terms of bytes per page.
  • 35 hours of video are uploaded to YouTube every minute of the day. (That’s like Hollywood releasing 130,000 new full-length movies every week, though with less popcorn.)
  • JavaScript programs have grown from a few lines to several hundred kilobytes of source code that must be processed each time a web page or application loads.

So won’t all these gushing floods of data slow down page loads on the browser? Will the Internet clog up and turn to molasses soon?

Probably not. Images and photos became commonplace on the web when computer scientists found ways to compress them into smaller files that could be sent and downloaded more easily. GIF and JPEG were the most popular of those early file-compression systems. Meanwhile, plug-ins were invented to work around the early limitations of HTML so that video could be embedded and played in web pages.

Looking ahead, the <video> tag in HTML5 makes it easy for videos to be embedded and played in web pages. Google is also collaborating with the web community on WebM, an effort to build out a free, open-source video format that adapts to the computing power and bandwidth conditions on the web, so quality video can be delivered to a computer in a farm house in Nebraska or a smartphone in Nairobi.

In the meantime, it’s true that web pages with lots of big photos or other images can still be very slow to load. That’s why a few engineers at Google have been experimenting with new ways to compress images even further while keeping the same image quality and resolution. The early results? Very promising. They’ve come up with a new image format called WebP that cuts down the average image file size by 39%.

The engines that run JavaScript code in modern web browsers have also been redesigned to process code faster than ever before. These fast JavaScript engines, such as Google Chrome’s V8, are now a core part of any modern web browser. That means the next generation of fabulously useful JavaScript-based web applications won’t be hampered by the complexity of more JavaScript code.

Another technique that modern browsers like Chrome use to fetch and load web pages much more quickly is called “DNS pre-resolution”. The process of translating a web address into an IP address through a DNS lookup, or vice versa, is often called “resolving.” With DNS pre-resolution, Chrome will simultaneously look up all the other links on the web page and pre-resolve those links into IP addresses in the background. So when you do actually click on one of the links on the page, the browser is ready to take you to the new page instantly. Over time, Chrome also learns from past visits so that the next time you go to a web page that you’ve previously visited, Chrome knows to automatically pre-resolve all the relevant links and elements on the web page.

Someday, browsers might be able to predict, before the page loads, not only which links to pre-resolve, but also which website elements (like images or videos) to pre-fetch ahead of time. That will make the web even quicker.

Soon enough,i hope, loading new pages on the browser will be as fast as flipping the pages of a picture book.

 

20 Things I Learned About Browsers And The Web [Thing 17]

VALIDATING IDENTITIES ONLINE

or, “Dr. Livingstone, I presume?”

In the physical world, you can see the people you share information with. You talk to them face-to-face, or meet them in a trusted place like a bank branch. That’s how you make your first judgments about giving them your trust.

But online, it can be hard to tell who’s behind any website. The visual cues we normally rely on can be faked. For example, a phony webpage could copy the logo, icon, and design of your own bank’s website — almost as if they had set up a fake storefront on your block.

Fortunately, there are tools to help you determine if a website is genuine or not. Some websites have an extended validation certificate that allows you to determine the

name of the organization that runs the web site. The extended validation certificate gives you the information you need to help ensure that you’re not entrusting your information to a fake website.

Here’s an example of extended validation in action in the browser. On a bank’s website that has been verified through extended validation, the bank’s name is displayed in a green box between the lock icon and the web address in the address bar:

Example of the extended validation indicator in Chrome

On most browsers, the extended validation indicator can be found by looking for the name of the organization in the green section of the browser’s address bar. You can also click on the indicator to see the website’s security information and inspect its digital certificate.

To receive extended validation certification, a website owner has to pass a series of checks confirming their legal identity and authority. In the previous example, extended validation on bankofamerica.com verifies that yes, the website is from the actual Bank of America. You can think of this certification as something that ties the domain name of the web address back to some real-world identity.

It’d be wise to share sensitive information with a website only if you trust the organization responsible for the site. So the next time you’re about to perform a sensitive transaction, take a moment to keep a look out for the website’s security information. You’ll be glad you did.

 

 

20 Things I Learned About Browsers And The Web [Thing 16]

IP ADDRESSES AND DNS

or, the phantom phone booth

Do you wonder how your browser finds the right web page when you type a URL into its address bar?

Every URL (say, “www.google.com”) has its own numbered Internet Protocol or IP address.

An IP address looks something like this:

74.125.19.147An IP addressis a series of numbers that tells us where a particular device is on the Internet network, be it the google.com server or your computer. It’s a bit like mom’s phone number: just as the phone number tells an operator which house to route a call to so it reaches your mom, an IP address tells your computer which other device on the Internet to communicate with — to send data to and get data from.

our browser doesn’t automatically know every IP address for the 35 billion (or more) devices on the planet that are connected on the Internet. It has to look each one up, using something called the Domain Name System. The DNS is essentially the “phone book” of the Web: while a phone book translates a name like “Moments Cafe” into the right phone number to call, the DNS translates a URL or web address (like “www.google.com”) into the right IP address to contact (like “74.125.19.147”) in order to get the information that you want (in this case, the Google homepage).

So when you type in “google.com” into your web browser, the browser looks up google.com’s IP address through a DNS and contacts it, waits for a response to confirm the connection, and then sends your request for google.com’s web page to that IP address. Google’s server at that IP address will then send back the requested web page to your computer’s IP address for your browser to display.

In many ways, fetching and loading a web page in the browser is not unlike making a phone call. When you make a phone call, you’d probably look up the number, dial, wait for someone to pick up, say “hello,” and wait for a response before you start the conversation. Sometimes you have to redial if there are problems connecting. On the web, a similar process happens in a split-second; all you see is that you’ve typed “www.google.com” into the browser and the Google home page appears.

In the next article, we’ll look at how we can verify the identity of a website that we fetch and load in the browser through the extended validation certificate.

 

20 Things I Learned About Browsers And The Web [Thing 15]

USING WEB ADDRESSES TO STAY SAFE

or, “my name is URL”

A Uniform Resource Locator — better known as a URL — may sound like a complicated thing. But fret not: it’s simply the web address you type into your browser to get to a particular web page or web application.

when you enter a URL, the website is fetched from its hosting server somewhere in the world, transported over miles of cables to your local Internet connection, and finally displayed by the browser on your computer.

Here are a few examples of a URL:

To get to the news website for the British Broadcasting Corporation (“.co.uk” indicates registration in the United Kingdom)

To get to the search engine Google

To get to the website for Museo Nacional Del Prado, the Madrid-based art museum. (“.es” indicates registration in Spain)

To get to the online banking website for Bank of America (“https://” indicates an encrypted connection)

It’s easy to take URLs for granted, since we type them into our browsers every day. But understanding the parts of a URL can help guard against phishing scams or security attacks.

Let’s look at what’s in a URL in this example:

The first part of a URL is called the scheme. In the example above, HTTP is the scheme and shorthand for HyperText Transfer Protocol.

Next, “www.google.com” is the name of the host where the website resides. When any person or company creates a new web site, they register this hostname for themselves. Only they may use it. This is important, as we’ll see in a moment.

 URL may have an additional path after the hostname, which sends you to a specific page on that host — like jumping right to a chapter or page in a book. Back to our example, the path tells the host server that you want to see the maps web application at http://www.google.com. (In other words, Google Maps.) Sometimes that path is moved to the front of the hostname as a subdomain, such as “maps.google.com”, or “news.google.com” for Google News.

Now let’s talk safety. One way to check if you’re surfing right into a phishing scam or an impostor website is by looking carefully at the URL in your browser’s address bar. Pay particular attention to the hostname — remember, only the legitimate owner of that hostname can use it.

For example, if you click on a link and expect to be directed to the Bank of America website:

LEGITIMATE:

  • www.bankofamerica.com is a legitimate URL, since the hostname is correct.
  • www.bankofamerica.com/smallbusiness is also a legitimate URL since the hostname is correct. The path of the URL points to a sub-page on small business.

SUSPICIOUS:

  • bankofamerica.xyz.com is not Bank of America’s website. Instead, “bankofamerica” is a subdomain of the website xyz.com.
  • http://www.xyz.com/bankofamerica is still not Bank of America’s website. Instead, “bankofamerica” is a path within http://www.xyz.com.

If you’re using a banking website or conducting an online transaction with sensitive information such as your password or account number, check the address bar first! Make sure that the scheme is “https://” and there’s a padlock icon in your browser’s address bar. “https://” indicates that the data is being transported between the server and browser using a secure connection.

Through a secure connection, the full URL for Bank of America’s website should look like this: https://http://www.bankofamerica.com. A secure connection ensures that no one else is eavesdropping or interfering with the sensitive information that you’re sending. So “https://” is a good sign. But remember, it’s still important to make sure that you’re actually talking to a legitimate website by checking the hostname of a URL. (It would defeat the purpose to have a secure connection to a bogus website!)

In the next Article, we’ll look at how a typed URL into the browser’s address bar takes you to the right web page.

 

20 Things I Learned About Browsers And The Web [Thing 14]

HOW MODERN BROWSERS HELP PROTECT YOU FROM MALWARE AND PHISHING

or, beware the ne’er-do-wells!

An up-to-date browser guards you from phishing and malware attacks when you’re browsing the web. It does so by limiting three types of security risk when you’re online:

Risk 1: How often you come into contact with an attacker

You can be exposed to attackers through a malicious fake website, or even through a familiar website that has been hacked. Most modern browsers pre-check each web page you visit and alert you if one is suspected of being malicious. This lets you make an informed judgment about whether you really want to visit that page.

For example, Google Chrome uses Safe Browsing technology, which is also used in several other modern browsers. As you browse the web, each page is checked quickly against a list of suspected phishing and malware websites. This list is stored and maintained locally on your computer to help protect your browsing privacy. If a match against the local list is found, the browser then sends a request to Google for more information. (This request is completely obscured and the browser does not send it in plain text.) If Google verifies the match, Chrome shows a red warning page to alert you that the page you’re trying to visit may be dangerous.

Risk 2: How vulnerable your browser is if it’s attacked

Old browsers that haven’t been upgraded are likely to have security vulnerabilities that attackers can exploit. All outdated software, irrespective of whether it’s your operating system, browser, or plug-ins, has the same problem. That’s why it’s important to use the very latest version of your browser and promptly install security patches on your operating system and all plug-ins, so that they’re always up-to-date with the latest security fixes.

Some browsers check for updates automatically and install updates when initiated by the user. Chrome and some other browsers go one step further: they’re built with auto-update. The browser runs an update check periodically, and automatically updates to the latest version without disrupting your browsing flow. Furthermore, Chrome has integrated Adobe Flash Player and a PDF viewer into the browser, so that both these popular plug-ins are also auto-updated.

Risk 3: How much damage is done if an attacker finds vulnerabilities in your browser

Some modern browsers like Chrome and Internet Explorer are built with an added layer of protection known as a “sandbox.” Just as a real-life sandbox has walls to keep sand from spilling out, a browser sandbox builds a contained environment to keep malware and other security threats from infecting your computer. If you open a malicious web page, the browser’s sandbox prevents that malicious code from leaving the browser and installing itself to your hard drive. The malicious code therefore cannot read, alter, or further damage the data on your computer.

In summary, a modern browser can protect you against online security threats by first, checking websites you’re about to visit for suspected malware and phishing; second, providing update notifications or auto-updating

When a newer, more secure version of the browser is available, and third, using the browser sandbox to curb malicious code from causing further damage to your computer.

In the next few articles, we’ll take a look at how a basic understanding of web addresses can help you make informed decisions about the websites you visit.

 
 
%d bloggers like this: