The caching in the browser work just fine in modern browsers. Only in IE6 and maybe IE7 it does not work, all the others adhere to the Cache-Control-header.
Latency, most of these sites care about performance.
SSL/TLS is still a bit slower to make a connection because of the back and forth communication that needs to happen.
Google has done a lot of (backwardscompatible) work on improving that and some other stuff. One of their efforts is called SPDY and can even load a page in less time than normal HTTP: http://www.chromium.org/spdy
(because you don't need to open several TCP-connections, it uses multiplexing)
If you visit gmail in Chrome you might even already be using SPDY as both support it.
Which is not supported by any version of IE and Safari on Windows XP (which still has 51% of the windows marketshare) because they use the windows library and it doesn't support it.
Try again.:-(
If you have the same website and you want different domains with SSL you can still use one IP-address, just use 'subject alternative name' and the certificate can have more than 1 name.
1. Also some browsers now support "Strict Transport Security" which means if you visit a site ones, the browser will automatically visit again with https the next time you visit it (it has a Time To Live value).
2. if more adopt it, so will they or they will die
4. 'only' for as long as Microsoft does not fix SNI-support (name based virtual hosting for SSL/TLS) in Windows XP so IE and Safari can use SNI, ohh, that won't happen. Windows XP has 51% of the Windows marketshare.:-( Or if we all get IPv6 ofcourse... hmm.
The phone company keeps location based information of what mobile phone antenna's your mobile phone is close to, all the time. No one needs GPS for that. It is called triangulation.
I don't mind if developers add features as long as the application isn't slow or becomes slower. In this case Firefox was sometimes slow in previous versions this version uses less memory, less CPU and is more responsive. Also it adds a lot of new features and support for a lot of new HTML-/CSS-/other specs.
I wouldn't mind if it's like that all the time.:-)
Chrome and Opera don't have H.264 either by default. On Windows Microsoft allows you to install something which makes Firefox have H.264 (Windows includes a license for H.264 supposedly, but Microsoft is part of that 'band of brothers' anyway).
Slashdot Mirror
Latency, performance.
When a browser connects to a HTTPS-site it takes longer to establish a connection because some communication needs to go back and forth.
If you just spend half a million on making your site faster would you enable HTTPS by default ?
It all depends, are you Youtube ?
Also have a look at this bulletpoint of Apache 2.4:
"mod_ssl can now be configured to share SSL Session data between servers through memcached"
The caching in the browser work just fine in modern browsers. Only in IE6 and maybe IE7 it does not work, all the others adhere to the Cache-Control-header.
Latency, most of these sites care about performance.
SSL/TLS is still a bit slower to make a connection because of the back and forth communication that needs to happen.
Google has done a lot of (backwardscompatible) work on improving that and some other stuff. One of their efforts is called SPDY and can even load a page in less time than normal HTTP:
http://www.chromium.org/spdy
(because you don't need to open several TCP-connections, it uses multiplexing)
If you visit gmail in Chrome you might even already be using SPDY as both support it.
Actually, it's a bit more complicated. You a new enough Apache and OpenSSL library version.
But current Debian stable ( Squeeze ) does support it.
1. yes, it's called SNI. But is not supported by IE and Safari on Windows XP
Well, that is pretty stupid.
Atleast in 2 years people won't be using old versions of Android anymore, right ? Because they get a new plan and phone.
But I'm pretty certain some large number of users will still be using Windows XP. :-(
Actually no version of IE (that means 6, 7 or 8 or Safari) on Windows XP supports SNI. :-(
They use the system library, it does not use SNI.
Which is not supported by any version of IE and Safari on Windows XP (which still has 51% of the windows marketshare) because they use the windows library and it doesn't support it.
Try again. :-(
If you have the same website and you want different domains with SSL you can still use one IP-address, just use 'subject alternative name' and the certificate can have more than 1 name.
The biggest reason for sites like Amazon to not use HTTPS is latency.
Do you know how performance oriented maintainers of big sites are ?
1. Also some browsers now support "Strict Transport Security" which means if you visit a site ones, the browser will automatically visit again with https the next time you visit it (it has a Time To Live value).
2. if more adopt it, so will they or they will die
4. 'only' for as long as Microsoft does not fix SNI-support (name based virtual hosting for SSL/TLS) in Windows XP so IE and Safari can use SNI, ohh, that won't happen. Windows XP has 51% of the Windows marketshare. :-( Or if we all get IPv6 ofcourse... hmm.
5. You don't even have to shop around. SSL-certs are free: https://www.startssl.com/
"If you read the link where these numbers came from"
Ohhh, is that what it is for. ;-)
I wonder where the University of California gets it's money from.
I meant exploit code in the ads themselfs.
They do take down ads on their adnetwork(s) very fast when it turns out it is actually some kind of exploit code for spyware or similair thing.
Personally I think they worry to much.
Do you know who has access to this information ?
In the Netherlands we have this problems, the police queries this huge database 2.6 million times a year, in a country of 16 million people.
The database contains records for 1 year.
No records on queries are kept.
There are rules which should protect our privacy but the police and government do nothing.
I wouldn't be very surprised if in the US the situation wasn't exactly the same, you just don't know it yet.
The phone company keeps location based information of what mobile phone antenna's your mobile phone is close to, all the time. No one needs GPS for that. It is called triangulation.
You are one of those people that has nothing to hide ?
You think.
There are a lot of arguments which show why that isn't a very good idea:
http://yro.slashdot.org/story/07/07/10/2054219/Privacy-and-the-Nothing-To-Hide-Argument
I think it left out all the psychological reasons. When you think about it, privacy is the only thing that keeps you from going insane.
Well, I think it is because of this fanaticism that he was able to do what he did.
He cared enough about the issues to do something it.
What other programmer do you know who cares so deeply about the license restrictions/freedoms/rights of end-users ?
Because that is what the GPL is about, it is not about Open Source for developers.
Anyway I think the FSF and friends might be on the right track with the freedombox idea.
I don't mind if developers add features as long as the application isn't slow or becomes slower. In this case Firefox was sometimes slow in previous versions this version uses less memory, less CPU and is more responsive. Also it adds a lot of new features and support for a lot of new HTML-/CSS-/other specs.
I wouldn't mind if it's like that all the time. :-)
Jetpack (Mozilla's new development system for addons) solves these problems. It gives addon developers a stable API.
Users don't need to restart when installing addons either.
Chrome and Opera don't have H.264 either by default. On Windows Microsoft allows you to install something which makes Firefox have H.264 (Windows includes a license for H.264 supposedly, but Microsoft is part of that 'band of brothers' anyway).
There are several reasons why this is wrong, Firefox is not available today, but tomorrow.
Also you get $10,000 US with the Safari but Google added $20,000 US (or was it 10 ?) extra for Chrome with process seperation.
So if it was just about what the hackers want then I think Chrome would have been first.
No, the desktop is dead, long live webapps on a Linux kernel and webkit ! ;-)