Ajax Girl

A new YCombinator startup called WebMynd launched today. It’s a Firefox add-on that records every website you visit and saves a virtual copy on your hard drive.

The service doesn’t save just an image of the page or the URL, but the full text site. That means you can also search those virtual pages later when you are looking for something.

Users can turn off recording at any time, and can delete saved pages that they don’t want to have around for any reason. To see saved pages, you click on an icon at the top of the browser and the local saved copies pop up, along with a search bar.

The idea is that, like Gmail, good search means you don’t have to spend a lot of time bookmarking and tagging websites to find them later. WebMynd records everything in the background, and a quick search will locate the page.

The basic add-on is free and keeps pages for a week. Users pay $10 for six months of history or $20 for a full year. After testing this I can tell it’s a service I’ll continue to use to quickly find sites I visited. Simple service, basic business model, and useful. Classic YCombinator stuff.

YCombinator

Loading information about YCombinator…

cb_widget_report_widget(”cb_widget_1201457238″); cb_widget_report_element(”cb_widget_0_1201457238″,”ycombinator”);

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.

Source: TechCrunch
Original Article: http://feeds.feedburner.com/~r/Techcrunch/~3/223706829/

Venture capitalists already don’t much like TheFunded, a site that launched last March that lets entrepreneurs post stories about how they’ve been treated during the fund raising process.

But now they’re really going to be angry - the site is encouraging users to upload term sheets so that people can compare and contrast individual terms from each VC.

Venture capitalists have a lot of leverage negotiating terms that help them increase ROI simply because they have a firm grasp of the market. Things like liquidity preference (how much money they get out before the founders in a sale), veto rights and other preferred stock privileges can affect the long term economics of a deal substantially.

Entrepreneurs generally rely on their attorney and contacts to help them understand the current trends in terms. Now, though, TheFunded will help them by supplying even more information. Entrepreneurs will love this. VCs, not so much.

One catch, though. Entrepreneurs must upload their own term sheets before they can view others. The goal is to encourage participation, not just data downloads.

TheFunded was run anonymously until Adeo Ressi announced that he was behind it in November.

The Funded

Loading information about The Funded…

cb_widget_report_widget(”cb_widget_1201453901″); cb_widget_report_element(”cb_widget_0_1201453901″,”thefunded”);

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.

Source: TechCrunch
Original Article: http://feeds.feedburner.com/~r/Techcrunch/~3/223688200/

I wrote a week ago that I was negotiating to get on the Google plane back from the Davos conference to the Bay Area. One exec said it was looking good, another said they’d try to get me on. But so far, nothing. The plane leaves in about twelve hours and no official invitatation has come.

Meanwhile, I’ve heard that Tim O’Reily, Mitch Kapor, Reid Hoffman and Mark Zuckerberg will be on that flight. Basically, every Davos attendee from the bay area except me managed to hitch a ride back with Google. The plane seats 25 people with a full bed, I’ve been told, and is now completely full.

Oh well, I’m sure my coach ticket on Swiss Air via Frankfurt and New York will be just fine. And I can’t really blame Google - the entire flight I would clearly have been eavesdropping on conversations, rummaging through papers and unattended laptops, and generally making a nuisance of myself in the search for a good story. They probably would have had to make an emergency landing in Greenland just to kick me off. Then I’d be stuck in Greenland, and I’m not even sure if they have the Internet there. We’ve certainly never covered a startup from Greenland.

Crunch Network: CrunchGear drool over the sexiest new gadgets and hardware.

Source: TechCrunch
Original Article: http://feeds.feedburner.com/~r/Techcrunch/~3/223674520/

The World Economic Forum at Davos: 3,000 or so world leaders, celebrities and top CEOs (and a couple of bloggers) gather to discuss the major issues of the day.

At one end of the Congress Center is the main meeting hall. At another, private meeting rooms for the super-VIPs. And nestled right in the middle is the YouTube room.

Actually it isn’t called the YouTube room because there is no branding at Davos except for the WEF. But Google is a major partner to the conference, and this year the WEF added a new feature to reach out to attendees as well as non-attendees - the Davos Question. An entire room has been dedicated to this - five computers line the wall, all pointing to YouTube, where attendees can answer the question.

Between sessions this is clearly the place to be. Every few minutes another celebrity or leader walks through to leave a Davos Question response or go to a private meeting in the rooms beyond. The security detail comes first, giving everyone notice that someone interesting is coming. Then the person him/herself and their entourage.

Bono has been by twice. Pakistan President Pervez Musharraf came by so many times that people stopped noticing (he was in the background of this CNN report, I had to point him out to get the cameras to pan over). Rupert Murdoch strolled in, as did Afghanistan President Hamid Karzai (recording his YouTube video), UK Prime Minister Gordon Brown and former PM Tony Blair, Howard Dean, Michael Dell, Eric Schmidt, Sergey Brin, Chad Hurley, Henry Kissinger and Shimon Peres (the winner of the most intimidating-looking security detail at Davos). All stopped politely for interviews and photos with Forbes, CNN and others (here I am with Peres and Brin, here’s Robert Scoble interviewing Michael Dell).

The entire Forbes team has camped out here for the duration of the event, and editor Carl Lavin wrote his own thoughts about this being the power center of the event. As I sit here now there are no less than four camera crews and a score of journalists milling around.

It didn’t take me long to find the YouTube room, and I’ve spent more time here than anywhere else. This conference is exceptional, and this room is the center of it all. Brilliant move, Google.

Crunch Network: CrunchBoard because it’s time for you to find a new Job2.0

Source: TechCrunch
Original Article: http://feeds.feedburner.com/~r/Techcrunch/~3/223410370/

According to research done by SecureWorks we are facing a Packer 2.0 threat where hackers could use JavaScript packing mechanisms to get access to servers:

Computer hackers have taken advantage of the acceptance of these packers as suboptimal network optimization tactics and are using them as a way to evade and bypass security controls on the gateway and at the host. Consequently, exploits or other malicious code is delivered successfully because of the packer’s ability to bypass anti-virus and IDS/IPS and directly to a user’s vulnerable system.

Much of the debate around the use of JavaScript packers is analogous to the debate around the use of Windows PE executable (EXE file) packers used by malware distributors. While lessons can be found there, the information below focuses on the use of JavaScript packers specifically.

While I am personally a bit confused by the lack of examples and detail information about the exploit procedure the main crux of the matter seems to be that a lot of packers use eval() and we know for a long time that eval is evil.

The article then goes over the different packers in use and lists their problems:

• The inability to easily verify and audit code
• The administrative overhead of repacking code for each change
• Suboptimal compression
• The increased risk of false negatives which may lead to a site being used to spread malicious code
• The increased risk of false positives, which may lead to a site or some of its functions being blocked by security controls
• Noticeable negative impact on client-side performance.

It ends with a list of recommendations what to do instead of relying on packers on the final product:

• Not compressing JavaScript code at all
• Reliance on increases in average available bandwidth
• Reliance on local and network caching
• Not using more JavaScript functions than necessary (smaller library “builds”)
• Using only safe whitespace/comment reduction techniques
• Automatic application of safe techniques as a last step in the publishing process
• The use of mod_deflate/mod_gzip for compressing the HTTP response data
• The use of jar files to package JavaScript (these can be cryptographically signed to further enhance authenticity of code, and hence improve security)

I’ve yet to see the last option in the wild but agree with gzipping and application of compressing in the publishing process rather than using it in the final product. Personally I don’t quite think that relying on increase of average available bandwidth is a safe option though.

What do you do, or - even more interesting - have you encountered security problems by using packers?

Full article: SecureWorks - The Packer 2.0 threat

Source: Ajaxian
Original Article: http://feeds.feedburner.com/~r/ajaxian/~3/223388488/is-using-a-js-packer-a-security-threat

The outlook for corporate IT spending is gloomy, with growth expected to slow from 7 percent last year to 4 percent this year. The $500 billion that U.S. corporations spend every year on hardware and software accounts for about half of all capital outlays. While a belt-tightening might not be good for the IBMs, Dells, and Oracles of the world, Web 2.0 companies should do fine—even thrive. All of those Enterprise 2.0 startups out there, or even Amazon trying to sell Web-based computing infrastructure, are actually at an advantage. Customers are more likely to try cheap cloud computing when they can no longer afford the alternatives.

Now is the time to win new converts. The pay-as-you-go pricing of Web-hosted software might have greater appeal to IT managers on a restricted budget. The software is cheaper upfront, and there is no hardware to buy or expensive IT workers to hire. The greatest cost of technology is maintaining it. Most Web 2.0 companies already know all this. Very few have their own data centers, and most have built their companies on inexpensive, open-source technologies.

The culture of frugality that is still worn as a badge of honor at many Web 2.0 startups will serve them well if (when) an IT-spending slowdown hits. Now, an advertising recession—that’s a different story (and a different post).

Crunch Network: CrunchGear drool over the sexiest new gadgets and hardware.

Source: TechCrunch
Original Article: http://feeds.feedburner.com/~r/Techcrunch/~3/223356552/

Wei Zhu seems to be cooking with gas recently, and has released the JavaScript Client Library for Facebook API, which is a client side JavaScript library that mimics the other language client libraries (PHP, Python, Java, Ruby, etc):

An application that uses this client library should be registered as an iframe type. This applies to either iframe Facebook apps that users access through the Facebook web site or apps that users access directly on the app’s own web sites.

The solution uses a cross domain receiver:

Then, with a few script src’s you can talk to Facebook:

It is good to see a JavaScript API like this. Now you can stay in JavaScript land and write code that works with OpenSocial, Facebook, and more. NOTE: If you live in FBML? No cigar.

Source: Ajaxian
Original Article: http://feeds.feedburner.com/~r/ajaxian/~3/223341741/facebook-releases-javascript-client-library