Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Anyone remember Google Web Accelerator? (Score 2) 39

Yeah, I remember it. It's an accelerating web proxy. Opera offers one, too.

And one can even set a compressing proxy at home. What's the difference between "Data saver" and such proxies?

Google's closely follows a lot of stuff that their PageSpeed Module does. On-the-fly HTML/JS/CSS optimization, image conversion to WebP, etc. I don't know if they've extended it beyond that to other areas like recompressing videos (which I believe Opera's service does).

Worth noting that a variant of it has been available in Chrome's mobile browser for awhile now, and there was an unofficial version for the desktop called Data Compression Proxy which was essentially a little hack to run the desktop browser through the mobile service.

As for benefits: If under a pretty strict data cap where you're often touching the limit, it gives a lot of extra breathing room (easily comparable to the savings from an ad blocker). You wouldn't believe how unoptimized a lot of sites are. As a side benefit, if you're on dial-up, connecting through slow fixed wireless in a rural area, are using a poor cell data connection, etc (basically any time you're in a situation where pages are taking 5-10 seconds to load), it actually speeds things up quite a bit. Of course, if you're on true high speed, it'll probably slow things down more often than not since their proxy's going to add at least *some* latency, plus the additional hops if you're not lucky enough to get a nearby cached copy.

In regards to the suggestion of "setting a compressing proxy at home", assuming for the moment that the home isn't where you're having problems with a data cap, sure. But it's going to take a lot of code to match the depth of stuff that either Google's or Opera's services do. Then again, you'd retain a little more privacy. And with your own root certs you could MITM yourself on SSL sites and get the bandwidth savings there too. I suppose it just depends on how much time you have and how badly you want/need it.

Comment Re:Perjury? (Score 5, Informative) 306

Sadly, I don't think that's the case. This is all voluntary agreements between Google and various coorporations that kick in *before* any DMCA stuff. I think what happens is that Google runs video/audio matching programs on behalf of other companies, and when something matches they take it down, notifying the user. The user can then assert that they do in fact have the right to upload the video. Once they do, the video is put back up, and the company is notified. They then file a real DMCA claim. The video is then taken down again, and the user is notified. They can then file a DMCA counterclaim, which would bring the video back but expose them to a lawsuit, or back down, in which case they get a "copyright strike", which leads to the loss of the ability to upload long videos, and eventually being banned from youtube.

I think these voluntary agreements are a perversion of an already pretty nasty law. I've had one of my own videos affected in a somewhat milder fashion: They put advertisements on the video instead of taking it down. That makes it seems like Iæm selling out my viewers to advertisers, but though the video was quite clearly fair use (a video comparing the current and previous world rectord speedruns of a computer game), I would have to consult a lawyer before contesting it, which would take days, and be expensive. The power asymmetry means that Sony etc. can accuse you as much as they want with no worry, while defending oneself is a costly and risky endeavor to normal users.

Just to expand on the process, when a video is first hit with the claim, you can dispute it within YouTube, and have to provide an explanation. What they *don't* tell you is that the company who made the claim (which would be Sony in this case) is the one who reviews it and makes a determination.

If they deny your dispute, you can then appeal from within the YouTube interface, again stating an explanation about why your content is your own, or fair use, or whatever. But this time you get to read a lot more legal scare stuff, AND you have to provide your address & phone number along with the appeal. Yet again, the claimant is the one who reviews this. At this point they either have to retract their claim, or send a formal DMCA takedown notice to keep your video down. Or I suppose they could just directly sue you now that they have your info.

If they go the DMCA takedown route at that point, that's where you can file a DMCA counter-notice, and they'll have to bring you to court if they want to pursue things further. Since you gave them your address & number during step 2, you won't be hard to track down.

The system is completely stacked in favor of the big media companies, and I'm sure it works well for them. Make claims on all kinds of content, and the vast majority of people will be too afraid to challenge it, and many of those people might even assume that they were in the wrong even if they weren't. Next benefit is that the claimant's allowed to put advertising/etc on the video that Joe User made and profit from it. And the very existence of steps #1 and #2 allows big media to skirt around the risks of sending false DMCA notices.

Comment Re:Not perfect, but it's a start... (Score 2) 279

I see a few problems with this approach: 1)Not all content is provided over both HTTP and HTTPS. For multiple reasons, one being performance. Which leads us to the second problem... 2)A HTTPS session incurs a significant overhead for encryption. Which may be no problem for someone like Google. But for someone hosting his/her own (moderately successful) website on a small server, it might just overload said server. 3)Quite possibly the biggest problem with HTTPS is the fact that users have been trained over many years to just click "accept/install certificate" on self-signed certs. Not knowing that if you do this you are no longer secure. And the more we keep forcing HTTPS, the more webmasters will use self-signed certs. Not many people want to go through the hassle of obtaining (and maintaining!) a valid SSL certificate for every single website they run, even if that cert is free. Which will only exacerbate the problem...

True, although the effect of #2 is generally pretty low, and because there's the potential for SPDY to pipeline everything over 1 HTTPS connection, total server load caused by each visitor can actually be lower, depending on the web server.

That said, biggest issues as I see them are:

1) HTTPS still has the extra overhead of establishing an SSL connection, which makes total page load time longer. The aforementioned SPDY can help compensate for this, but the pipelining of SPDY has the most benefit on sites that are poorly optimized to begin with (lots of resources, don't make use of image sprites, etc). Those who have spent time minimizing their page load time aren't likely to jump on the SSL bandwagon anytime soon.

2) An SSL certificate is out of reach for most normal people. Sure, you can get one for free from StartSSL, but trying to use the terminal to generate the .crt, install the key on the server, etc isn't for the non-slashdot crowd. Some providers make things a little easier, but there's only so much handholding that can be done. Even where the average person might muddle their way through and figure it out, the average person also uses shared hosting and will probably need to pay to get it installed, because you can't install it yourself on the vast majority of shared hosts - many also don't have SNI enabled and will also require that you use a dedicated IP for the cert which is extra cost there. This is assuming the user didn't find it easiest just to buy a cert via the host at an inflated price.That's a lot of time, work and extra money for the average Joe who is paying $5 to host his WordPress blog and the depth of his expertise is that he just learned how to install plugins.

3) Client-side MITM has already been happening - I read an article about a school doing it by adding/trusting certs on individual machines and proxying requests through their "fake" server (presumable so they can make sure kids aren't visiting the naughty sites), but can't find the article atm. Not that this is a widespread practise, and just because something isn't bullet-proof doesn't mean you shouldn't use it. But as HTTPS grows in popularity, I wouldn't be at all surprised if we start seeing an increase in malware/toolbars which do something similar.

I see the 2nd item as the biggest roadblock. And if they want adoption to go up quickly, the only way would be to convince Google to use an SSL cert as one of the factors in the SERPs, since that's the only way to get the majority of webmasters & hosts to make a widespread change insanely fast (and to compete price-wise to do the same for the average Joe). Though to be honest, I don't know that abruptly forcing SSL on everyone would be the greatest idea anyway...

Comment Re:"Download Now" ads... (Score 1) 197

I've also had to spend an extraordinary amount of time fighting to keep the naughty "download" Google ads off one of my sites. I eventually gave up - I'd rather throw random affiliate ads at people even if they pay poorly, rather than risking visitors who think that just because my site is trustworthy, that the Google-provided download link must be too. The 10 cents I might get from that 1 ad is probably costing someone else 3 hours of time to scrub the spyware from the all the corners of the victim's computer.

I think it's time Google did some work on this - there must be hundreds of AdSense users like myself blocking off advertisers, they should be using their magic to disable accounts entirely from their system after a few people flag bad ads...

I completely agree. Actually, they already have the tools to trigger manual reviews before an ad is approved (try creating an add in AdWords with "prescription" in it). The only thing stopping them from adding "download" type terms to that system seems to be their move away from the Don't Be Evil mantra to the We Like Money mantra. Ads for spyware-ridden stuff have been out of hand for a while, and I'm sure they know it. I suspect they like it that way, as it keeps minimum bids high. If you have a program and you want it to rank in the ads for it's own search terms , you have to pony up a lot of money even if you offer the program itself for free.

To be fair, Bing isn't any better here. But I think there's a reasonable expectation that Google should be the one trying to set the positive trends, since the others will generally follow.

Comment The rules don't apply. (Score 3, Informative) 128

That whole FTC ruling was directed primary at bloggers (people who use affiliate programs were hooked in there too). Remember, the initial ruling came back in 2009 when searching for some sort of product review usually brought up a bunch of blogs. If you look at , over half of the document references bloggers.

That particular problem doesn't really exist anymore for a number of products/services, because Google's Penguin/Panda updates have shoved most independent "blog" type reviews down a few pages in favour of Amazon (for products), ResellerRatings/RipOffReport (for retailers), and similar sites. Those are way easier to astroturf, so companies just hire "marketing agencies" to take care of those now instead of wasting time chasing after individual unpredictable bloggers who might have their sense of morality kick in at any time.

Aside: Microsoft's a little behind the times, as usual. The "new" way to do things would be to hire a company to make a few YouTube "reviews" and then use their multiple accounts to like them all, while searching for negative ones and disliking them. It's cheaper and easier.

Anyway, technically they could get a warning/fine from the FTC (or those who make the videos could) for what's being done here, but it's pretty unlikely. The video rules to qualify for the CPM bump are a little convoluted, and if the FTC actually pushed for fines, in court MS could make the case that paying out a higher CPM for Xbox videos has a similar outcome to bidding more for specific search terms on AdWords with "-sucks -awful -terrible" as negative keywords and then publicly stating that they bit more for ad clicks from non-negative reviews.

By the way, who *doesn't* assume that there could be some bias in videos from Machinima/partners and similar outlets? Surely I'm not the only one who sees them in the same light as gaming publications where if they say something too negative they suddenly stop getting free/early access to future products or have advertising revenue cut back. It's one thing when you see "Gus's XBOX 1 review" where he's taken video with a handheld camcorder from 2005 and you kind of assume he spent his own money and just wanted to talk about it and you maybe even take what he says at face value. The clean-cut commercialized stuff, you always take with a grain of salt.

Ignoring all that, even if Microsoft were to somehow eat a fine, I doubt they'd care. They sold the original Xbox at a loss for years, and FTC fines at most are a slap on the wrist for the big players. If you're a large corporation, you can usually find a way to make breaking the law profitable even when you're caught.

Slashdot Top Deals

Any given program will expand to fill available memory.