Slashdot Mirror


User: tepples

tepples's activity in the archive.

Stories
0
Comments
68,260
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 68,260

  1. Results with Expires: and lighter AV on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    I agree with your point that in a high-latency environment, the overhead of a HEAD request makes the cache somewhat less useful. But if a resource has an explicit Expires date, the browser can skip the HEAD request.

    And I disagree with antivirus taking 1000 ms to scan every single file. I use MSE on a Windows 7 PC and its successor Windows Defender on a Windows 10 PC, and real-time scans have never taken that long.

    So here's a what-if scenario with a slightly modified set of assumptions:

    1. A 100 kB resource takes more time to transfer than a 50 kB resource.
    2. A lighter weight antivirus takes 100 ms to check a resource instead of 1000 ms.
    3. The browser stores a list of all currently cached resources from each origin.
    4. The server is serving Expires: headers on resources intended to be cached.

    Thus the cradle to grave times for the five situations you mention change as follows:

    1. Resource embedded in document
    connect: 125 ms
    load that origin's list of cached resources from disk: 0 ms (parallel)
    download and parse HTML document including one resource: 1500 s
    total: 1625 ms

    2. Resource on same origin
    connect and load cache list: 125 ms
    download and parse HTML document: 1000 ms
    keep alive: 0 ms
    download one resource: 1000 ms
    total: 2125 ms

    3. Resource on same origin, cached with Expires:
    connect and load cache list: 125 ms
    download and parse HTML document: 1000 ms
    determine that the resource has not expired: <1 ms
    seek to resource on disk: 15 ms
    load resource from cache: 100 ms
    total: 1240 ms

    4. Resource on different origin
    connect and load cache list: 125 ms
    download and parse HTML document: 1000 ms
    connect to other origin and load cache list: 125 ms
    download one resource: 1000 ms
    total: 2250 ms

    5. Resource on different origin, cached with Expires:
    connect and load cache list: 125 ms
    download and parse HTML document: 1000 ms
    load other origin's cache list without connecting: 100 ms
    determine that the resource has not expired: <1 ms
    seek to resource on disk: 15 ms
    load resource from cache: 100 ms
    total: 1340 ms

    Though each hit in scenario 4 and 5 takes longer than scenarios 2 and 3, the idea of putting common script libraries on a shared CDN is that clients will hit scenario 5 in many situations where they would have otherwise hit scenario 2. This is especially true of users who arrive at a site through an inbound link, such as from web search, social media, or an aggregator such as Slashdot, and view only one page, rather than following links from other documents in the same origin.

    Perhaps I should write a program to do more thorough benchmarks of fopen() to see exactly what impact Windows Defender has.

  2. Re:You owe readers nothing nor vice versa on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    Thank you for clarifying what you meant. I'll post numbers based on my own observations, and I look forward to seeing others' benchmarks the next time this issue comes up.

  3. You owe readers nothing nor vice versa on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    If you make a claim in a public forum, and another user presents problems with the facts underlying your claim, I agree that you owe readers nothing. Nor do readers owe you recognition that you have adequately proved your claim.

  4. Re:They're not on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    Are any free web browsers "first class"? Edge and Safari are not only non-free but also paywalled, as Edge requires a Windows license, and Safari requires Mac, iPod touch, iPhone, or iPad hardware. Is Chromium (Chrome with the non-free parts stripped out) "first class"?

  5. Re:They're not on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    We can blame browser publishers for allowing JavaScript by default rather than blocking it by default.

  6. Re:Why they are slow? on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    I can beat any inline script with a native compiled desktop application.

    How fast does the correct output of said Windows application arrive when it is run on a Mac, GNU/Linux PC, iPad, or Android tablet?

  7. Re:Why they are slow? on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    Dell machines are usually designed to be quiet.

    I replaced my Dell laptop's HDD with an OCZ SSD and it got even quieter. How does your calculation fare with an SSD in your Dell?

    wait for virus scan, read cache meta data, determine that our cache file isn't already too old, 1s

    Have you benchmarked a virus scan taking 1000 ms with MSE/Windows Defender installed rather than something as intrusive as Norton or McAfee? How long does this process take on macOS, GNU/Linux, iOS, or Android, which are less likely to need on-access antivirus? And what fraction of web browsing is performed on Windows, especially now that people are dropping wired home Internet in favor of cellular Internet?

    Speaking of cellular Internet, response time of each individual request isn't the only consideration. Time to earn money to pay $10/GB overage fees to the cellular ISP is another important consideration.

    HEAD the web-site file

    How do cache control headers, particularly Cache-Control: and Expires:, affect how often HEAD is needed?

  8. Re:Why they are slow? on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    Buying a "connection [that] is this side of Y2K" may cost hundreds of thousands of dollars in some places. (Source 1 | Source 2)

  9. Re:Why they are slow? on Slashdot Asks: Why Are Browsers So Slow? (ilyabirman.net) · · Score: 1

    Output your logo very quickly, before you do any real server-side work.

    I don't see how that's practical. The HTTP status code (200 vs. 301 vs. 404), the document's <title>, and the <meta> elements making up the document's Open Graph summary have to be sent before the start of the <body> element, where the logo appears.

  10. Re: NYT is Fake News on Germany Considers Fining Facebook $522,000 Per Fake News Item (heatst.com) · · Score: 1

    Even for positions that don't involve maintaining the company's social media presence?

  11. That and people who tried to flesh out Lapine into a full language, where on lay nahl drao koi embleer lendril means something like "we don't need no stinking badgers."

    But then the outcome of CBS/Paramount's lawsuit over Klingon might govern to what extent fans can use a language. It goes to trial a month from now.

  12. Re:Anonymous Overlay Networks - USE THEM :) on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 1

    Man in the middle has been used in the wild for seven years. I've already run into public Wi-Fi hotspots that attempt to MITM the TLS connections of their users, even if only to redirect all users to the TOS page. It wouldn't be too much of a step for an ISP to require subscribers to install the ISP's root certificate so that the ISP can MITM everything.

  13. Re:Anonymous Overlay Networks - USE THEM :) on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 1

    Which home ISPs with a substantial user base have already implemented a protocol whitelisting policy like this?

  14. Re: And yet... on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 1

    I thought Android emulators used AOSP, which lacks Google Play Store and Google Play Services, and that many popular applications were exclusive to Google Play Store and/or dependent on Google Play Services. There is Amazon Appstore, which ships with Fire devices and is available through Unknown sources for other Android devices, both Google Play and AOSP. But I've seen app publishers set a policy on Amazon Appstore to hide an app from non-Fire devices in order to deter emulator use.

  15. Re:Bad year for piracy? on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 1

    The brown envelope encloses the checks payable to the candidate's campaign and the IEOPAC(s) supporting him.

  16. Big-Ass Network violates YouTube TOS on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 2

    If Big-Ass Network used no-name artist's work without an exclusive license, then BAN is obligated to scrub no-name artist's work from the reference material uploaded to the video host's fingerprinting service. Otherwise, BAN is violating the video host's TOS, and no-name artist has grounds to sue BAN for slander of title.

    On the other hand, if BAN's work came first and no-name artist was subconsciously "inspired" by a BAN work, then no-name artist can be held liable because copyright is strict liability. How can this be avoided?

  17. Re:Anonymous Overlay Networks - USE THEM :) on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 4, Interesting

    Then the ISP will be loaded with complaints when each new online multiplayer game comes out, as its datagrams and/or streams will not "match whitelisted protocols."

  18. Re: And yet... on Bad Year For Piracy: 2016 Was The Year Torrent Giants Fell (torrentfreak.com) · · Score: 1

    If you don't already own an Android device, you can always buy an Android device.

  19. Sue the bastards for slander of title on Facebook Developing Copyright ID System To Stem Music Rights Infringement (billboard.com) · · Score: 1

    NBC owns copyright in each episode as a collective work. But under the Content ID TOS, NBC is expected to blank and/or mute portions of said collective work used under nonexclusive license from others or under fair use or other statutory copyright limits before uploading the collective work as reference material.

    Perhaps someone might end up having to take NBC to court for defamation of title before this stuff is reformed.

  20. NBC violated YouTube TOS on Facebook Developing Copyright ID System To Stem Music Rights Infringement (billboard.com) · · Score: 1

    NBC uploads the Tonight Show to YouTube's ContentID system to declare their right to the 'NBC' broadcast. Except of course it contains the musical bit from someone else. Yet NBC is now claiming ownership of something they most certainly don't

    This violates the terms of service of YouTube Content ID. A copyright owner that uploads reference material to Content ID is expected to scrub its uploads of all material to which it does not own the exclusive right.

  21. Re: Ha ha I'd love to see them try on Facebook Developing Copyright ID System To Stem Music Rights Infringement (billboard.com) · · Score: 1

    Then what's a better term that means "a work of real-person fiction published with intent to deceive readers into believing that it describes actual events"?

  22. And wait because we're due for another 20 years extension

    Unlikely. In the past century, there has been only one major change in the underlying rationale of how the U.S. copyright term is set. The Copyright Act of 1978 and the interim extensions that preceded it represented a switch from the 1909 standard to the "life of grandchildren" standard used in the rest of the industrialized world, and the Copyright Term Extension of 1998 (sometimes called the Sonny Bono Act) only reflected that the fact that improved healthcare has caused grandchildren to live longer than when the Berne Convention was first adopted. When the Supreme Court upheld the life expectancy-driven Bono Act in Eldred v. Ashcroft, it warned the people that it was watching for "legislative misbehavior". So if the next seven years bring neither a new rationale nor drastic healthcare improvements, which means the works establishing Mickey and Pooh will enter the public domain in the United States at the end of 2023.

  23. Re:Accidental infringement on Music Streaming Hailed as Industry's Saviour as Labels Enjoy Profit Surge (theguardian.com) · · Score: 1

    That it is very, very, very, very, very, very, very difficult (but not technically impossible) for an unknown artist to get airtime on radio or streaming services unless his/her/their music is "listed" with ASCAP?

    Can you show evidence of that? Because if that's the case, then BMI (ASCAP's biggest competitor here in the States) might have grounds for a suit under antitrust law.

  24. Re:same solution as ever on Destructive KillDisk Malware Turns Into Ransomware (securityweek.com) · · Score: 1

    This fails in two ways. First, particularly sophisticated ransomware has in the past managed to infect the device running the versioning backup software and corrupt old versions. Second, what fraction of home users can be trusted to install and run versioning backup software correctly?

  25. twitter supports TOTP now for like one week LOL

    you can setup it via web

    How do I set that up? In Security and privacy, "Verify login requests" was grayed out because "You need to add a phone to your Twitter account to enable this feature." And the "add a phone" page still doesn't appear to offer TOTP/Google Authenticator or voice call support. Do I specifically need the Twitter app, not another TOTP client?

    Or is it something that Twitter is rolling out to only a subset of its users as an A/B test?