Thursday, June 13, 2013

jQuery 2.0 drops support for old versions of Internet Explorer.

Here are some highlights of the changes that jQuery 2.0 brings:


  1. No more support for IE 6/7/8 : Remember that this can also affect IE9 and even IE10 if they are used in their “Compatibility View” modes that emulate older versions. To prevent these newer IE versions from slipping back into prehistoric modes, you have always use an X-UA-Compatible tag or HTTP header. If you can use the HTTP header it is slightly better for performance because it avoids a potential browser parser restart.
  1. Reduced size: The final 2.0.0 file is 12 percent smaller than the 1.9.1 file. You can now exclude combinations of 12 different modules to create a custom version that is even smaller. 
  1. Custom builds for even smaller files: This feature has been greatly refined and extended since its debut in jQuery 1.8. A new minimal selector engine, basically a thin wrapper around the browser’s querySelectorAll API, lets you shrink the build to less than 10KB when minified and gzipped. 
  1. jQuery 1.9 API equivalence: jQuery 2.0 is API-compatible with 1.9, which means that all of the changes documented in the jQuery 1.9 Upgrade Guide have been applied to jQuery 2.0 as well. If you haven’t yet upgraded to jQuery 1.9, you may want to try that first. Be sure to use the jQuery Migrate plugin.
How to Use It
jQuery 2.0 is intended for the modern web; we’ve got jQuery 1.x to handle older browsers and fully expect to support it for several more years. If you want, you can serve 2.0 to newer browsers and 1.9 to older ones using our conditional comment trick, but that is not required. The simplest way to support older browsers is to use jQuery 1.x on your site, since it works for all browsers.
With the release of jQuery 2.0, there are a few environments where the jQuery will no longer support use of the 1.x line because 2.x is a far better choice. These are typically non-web-site scenarios where support for older IE isn’t relevant. They include:
  • Google Chrome add-ons
  • Mozilla XUL apps and Firefox extensions
  • Firefox OS apps
  • Chrome OS apps
  • Windows 8 Store (“Modern/Metro UI”) apps
  • BlackBerry 10 WebWorks apps
  • PhoneGap/Cordova apps
  • Apple UIWebView class
  • Microsoft WebBrowser control
  • node.js (combined with jsdom or similar)



Dropbox Acquires Recently-Launched Email App Mailbox !

Is it a good service or not?


Dropbox announced that it has acquired email app Mailbox . Like many of you, when we discovered Mailbox we fell in love-it was simple, delightful, and beautifully engineered," 
 
One reason Dropbox may have been interested in Mailbox is because people often use Dropbox instead of attaching large files to emails. Gmail recently rolled out a feature that lets users attach files to emails seamlessly using Google Drive, which arguably reduces the usefulness of Dropbox since you have to visit another site to access your files. 

While there are no signs that Dropbox will announce its own email service, receiving Dropbox attachments inside messages from Mailbox users could be both smart and easy marketing.
Or maybe Dropbox is just eager to bring new, design-focused, cloud-centric companies into the fold. The developer says that 60 million emails are going in and out per day, and the company’s service capacity has grown 2,000x.


Wednesday, June 12, 2013

How HTML5 apps as a programming platform, not a Web page ?

Treat HTML5 apps as a programming platform, not a Web page

HTML5 is the latest version of Hypertext Markup Language. It’s very easy to learn even for a beginner. The interest about HTML5 is increasing day by day and the number of web professionals adopting this technology is also increasing rapidly. HTML5 also reduces the use of scripting languages and it’s more SEO friendly. HTML5 use in Web applications to run on a variety of devices, including tablets, mobile phones, and laptops with touchscreens.



  1. Most Developers Now Prefer HTML5 For Cross-Platform Development :- Now a days most of developers prefer to work with HTML5 instead of native apps for their cross-platform development. Only 15% of developers said they would prefer to use a native-only approach. Mostly developers said they were interested in developing for Windows 8 (66%) and ChromeOS (47%), in Blackberry 10 (13%) and Tizen (8%).
  1. HTML5 application caught up to native, or not :- When we build an HTML5 app, we can't build it like you build a Web page. If you treat it like a Web page, you're going to have slow performance. You have to treat it like a programming platform. That's where our framework comes in, which is you treat the browser as a rendering platform but create all your user interface and all your app logic in JavaScript. That allows you to dynamically add and subtract screen elements on the fly and get much, much better performance. HTML5 is better for native performance for Android and iOS.
  1. Programming HTML5 Applications :- Building Powerful Cross-Platform Environments in JavaScript : HTML5 is not just a replacement for plugins. It also makes the Web a first-class development environment by giving JavaScript programmers a solid foundation for building industrial-strength applications. This practical guide takes you beyond simple site creation and shows you how to build self-contained HTML5 applications that can run on mobile devices and compete with desktop apps.
  1. HTML5 for mobile developers :- HTML5 specification coming to fruition, browser-based mobile apps are rapidly catching up with the natives. It's really the iPad as the tablet device; on phones, it's BlackBerry phones, a little bit of Windows Phone, and iOS and Android. That's the trend for everything.HTML5 has some key specifications from which mobile Web apps can benefit. Here are few note worthy ones :-
  • Canvas drawing (2D Drawing API)
  • Touch events
  • Geolocation API (GPS / Cells or WiFi)
  • Application cache
  • Local Storage
  • Multimedia

Now Days Software engineers spend lots of time not building software. How many of you agree?

Software engineers spend more time on administration and other tasks than they do on actual application design and coding.




















In the survey, design and coding take up more hours than any other single process in a software development project: an average of 19.1 hours per week. Brainstorming and collaboration take up 6.7 hours. Administrative tasks, such as dealing with email and meetings, take up 5.8 hours. Software engineers spend 3.7 hours waiting for tests to complete, 3.5 hours waiting for builds to complete, and 2.7 hours on environment management -- or 9.9 hours in total for these housekeeping functions. Collectively, all the non-design and non-coding tasks take up 22.4 hours per week out of the 41.5 hours worked in total.
The survey also polled others involved in the software development processes, including test engineers, technical architects, project managers/test leads, and product managers.

Friday, June 7, 2013

5 Dangerous Web Application Flaws Coveted By Attackers !

Ninety-nine percent of applications have one or more vulnerabilities. Many of the high-profile data breaches over the past several months were the result of a common Web application vulnerability. While it may be impossible to eliminate all flaws in Web applications, software security experts say eliminating the most commonly targeted errors could help magnify the risk of many automated attacks. These are the following points :-

 
1. Cross site scripting bother continues

Cross site scripting vulnerabilities appear 61 percent & it is the most commonly detected vulnerabilities in Web applications. It enables an attacker to send malicious scripts by shifting the script from an otherwise trusted URL.They can be detected with a Web application security scanner or blocked using a Web application firewall.

2. Information leakage errors a serious threat

Information leakage accounted for only 17 percent of Web applications, but the danger posed by the vulnerability makes finding and eliminating them extremely critical. Web applications can leak information in a kind of ways. Poorly implemented encryption also can yield information to an attacker.


3. Session management most common error

 
Session management vulnerabilities were detected in 80 percent of applications, more than any other application vulnerability class. Attackers can take advantage of poorly implemented session management, enabling them to interject themselves as valid website users. 

4. SQL injection rising

 
SQL injection accounted for 16 percent of all Web applications. While all other classes of vulnerabilities saw declines in but SQL injection has risen. SQL injection is a favorite vulnerability of attackers because automated scripts can be used to get a website to send a malicious SQL command to the underlying database in an effort to expose its content. 
 
Cross Site Request Forgery (CSRF) accounted for 22 percent of all Web applications tested. The class of vulnerabilities that make up CSRF allows attackers to send per-authenticated but unauthorized commands using credentials that the application trusts. Attackers can use a CSRF attack to ride the session of an individual on a particular website by using the victim’s browser credentials. In addition to the browser, an attacker can use a malicious script in a Microsoft Office document or Flash file that exploits CSRF. 

Critical denial-of-service flaw in BIND software puts DNS servers at risk.

The BIND software maintainers support server administrators to disable regular expression support or install patches as soon as possible.

 

BIND is by far the most widely used DNS (Domain Name System) server software on the Internet. It is the de facto standard DNS software for many UNIX-like systems, including Linux, Solaris, various BSD variants and Mac OS X. A flaw in the widely used BIND DNS software can be exploited by remote attackers to crash DNS servers and affect the operation of other programs running on the same machines.
The vulnerability can be exploited by sending specifically crafted requests to vulnerable installations of BIND that would cause the DNS server process -- the name daemon, known as "named" -- to consume excessive memory resources. This can result in the DNS server process crashing and the operation of other programs being severely affected. BIND 10 is not affected by this vulnerability.


Thursday, June 6, 2013

Oracle unveils faster servers with T5 microprocessors.

Oracle has refreshed its SPARC family with the world’s fastest processor and launched the world’s fastest single server for Database, Java and multi-tier applications.


Oracle also announced two new Oracle Optimized Solutions that exploit the performance, reliability and value of SPARC T5 servers, Oracle storage, Oracle Database and Oracle Middle ware. These new solutions help maximize application performance and availability while lowering acquisition cost and operating expenses.
Servers built with Oracle's new T5 microprocessors have beaten several performance records and run business databases and applications much faster than previous versions.

When Oracle bought Sun, a lot of people thought the SPARC microprocessor was a real laggard and would never catch up. We've done better than catch up.

Why developers are turning to API services ?


It Companies and respective developers alike are heavily leveraging API-based access to data and services, especially for mobile and cloud apps. And they're getting an increasing scope of technologies to choose from for managing all those API processes.
Companies acquired Layer 7 Technologies, MuleSoft, Temboo, and WSO2 are tackling the API management need. Some secure API access, some provide an API exchange, and some provide cloud-based conduits to APIs :-
  • Layer 7's API management suite offers back-end data and application integration, mobile capabilities, cloud orchestration, and developer management.
  • MuleSoft's Any Point platform connects applications, APIs, and data sources across on-premise and cloud systems.
  • Temboo offers a library of common-access APIs, with links to systems such as Facebook.
  • WSO2's API Manager enables publishing of APIs, managing a developer community, and routing API traffic.  
In some ways, API management is a follow-up to service-oriented architecture (SOA), an approach to modular, orchestrated software delivery that was the "it" enterprise technology in the mid-2000s but later fell out of favor as too academic and abstract for businesses paying the software architecture bills. Nonetheless, SOA's principles remain as valid as ever and have continued to be used -- especially in cloud offerings -- even as few vendors and developers dare speak the term.
API management vendor Layer 7 also views API management as the SOA successor, with SOA now geared to behind-the-firewall operations and API management to exposing data over the Internet to mobile applications and cloud services. SOA strategies mostly target internal users while open Web APIs target mostly external partners. API management requires developer portals, key management, and metering and billing facilities that SOA management never provided.
Because of the proliferation of API-enabled data access from corporate applications via mobile devices, lighter-weight REST-based APIs are gaining prominence over more-complex SOAP APIs. API management vendors such as WSO2 and Layer 7 have thus added REST support in their tools.