Internet / Intranet CIS-536 Class Class Agenda Miscellaneous Topics Cybersquatting Plug-Ins, Multimedia Development Environments Cybersquatting Cybersquatting Registering a Domain Name Contains or Resembles Well-Know Commercial Names or Names of Individuals With Intent to: Prevent Others From Using the Name Profit by Selling Domain Name to Trademark Owner or Individual Trademark Law Legal Action Only if Domain Name is Used Anticybersquatting Consumer Protection Act November 29, 1999 Civil Lawsuits May be Filed by Trademark Holder Against anyone who Registers, Traffics In, or Uses Domain Name Identical or Confusingly Similar to Protected Trademark Bad Faith Intent to Profit “Confusingly Similar” to be Decided By Courts Cybersquatting (2) Effects Reduce the Number of Domain Names Legitimate Holders May Face Litigation Bad Faith Factors: Harm Goodwill of Trademark Holder Offer to Sell Domain Without Actually Using it in Bona Fide Offering of Goods and Services (or past pattern of such conduct) Obtained Under False Pretenses Acquisition of Multiple Domain Names With Knowledge That They are Similar to Protected Marks Cybersquatting (2) Effects Reduce the Number of Domain Names Legitimate Holders May Face Litigation Bad Faith Factors: Harm Goodwill of Trademark Holder Offer to Sell Domain Without Actually Using it in Bona Fide Offering of Goods and Services (or past pattern of such conduct) Obtained Under False Pretenses Acquisition of Multiple Domain Names With Knowledge That They are Similar to Protected Marks Cybersquatting (3) Absence of Bad Faith: Domain Holder Has Legal Rights to It Domain Name Commonly Used by Its Holder Past Use of Name in Conjunction with Bona Fide Goods or Services Noncommercial or Fair-Use Purposes Name Not Distinctive and Famous When Registered Reasonable Grounds to Believe it was Lawful Penalties Domain Name Cancelled or Forfeited to Rightful Owner Damages Up to $100,000 per Domain Name Jurisdiction Court Where Domain Name Registrar is Located Network Solutions Located in Virginia Domain Name Registrars are Protected Cybersquatting(4) ICANN Policies as a Result Mandatory Arbitration Most Registrars Expected to Adopt it Some Ambiguities in the Law Challenges Expected A Quick Word About Java JavaScript is Interpreted By the Browser Run Within Browser Environment Limited by Browser’s Capabilities Source Code is Part of HTML Page Java is a Completely Separate Language Browser Transfers a Java Program (“Applet”) to the Local Machine and Runs It Output of Java Can Be Displayed Within the Browser Designed to Be Safe For Web Use Otherwise Similar to Transfering exe Programs Compiled Into class Files Pseudo-code: Requires a Java Virtual Machine to Run Source Code Hidden From Users Does Not Have Access to Page Internals (DOM) Including a Java Applet in Your Page Plug-Ins Platform Specific Extensions to Web Browsers Client Side Equivalent to Server Extensions Associated With a File Extension Similar to MS-Windows Associations If Installed, Files With Extension Will Invoke Program on Browser Including a Plug-In in HTML Height, Width Where Data is to Be Displayed in Browser Window Name/Value Pairs are Arguments to the Plug-In Used to Provide Alternative Plug-In Must Be From a Trusted Source Like Any Other Program Has Full Access to Local Computer Plug-In Development Netscape, Microsoft Provide SDK’s Streaming Multimedia Problem: Audio/Video Take a Long Time To Download Technologies Require File to Be Downloaded Before Playing Client Pull: Poor Solution Requires Breaking Up the A/V into Small Files Choppy Results Solution: Stream the Transmission : Play in Near Real Time Play the A/V as It’s Being Sent Requires a Session to Be Efficient HTTP is Stateless (No Sessions) Plug-Ins Don’t Have to Use HTTP Can Use TCP/IP Directly Streaming (2) Streaming Issues Broadcast vs PlayBack Coordination of Video/Sound is Non Trivial Require Significant Compression (Scalable) Lower Resolution as Bandwidth Degrades Many Compression Algorithms Don’t Work in Real Time Must Deal With Differing Bandwidths Server Performance Internet Issues Packet Based Can’t Rely on Consistent Bandwidth Packets May Arrive in Different Order Errors Require Retransmission “Human Processing” Video Can Become Choppy With Minor Inconvenience Lost Packets Can Be Skipped Choppy Audio is Unintelligible Lost Packets Can Not Be Skipped Streaming Tricks Continued Improvements Expected Compression (Hardware and Software) Buffering Buffered Transmission Can Cover Glitches Technology UDP Faster Than TCP Doesn’t Resend Packets in Error New Real Time Control Protocols Developing New Internet Protocols Use Multicasting Packet Transmission Humans Can Deal With 1ms Loss, So: Break Audio Into ms Chunks Packets Too Small to Efficiently Send as 1ms Send ms: 1, 4, 7, 10 in First Packet 2, 5, 8, 11 in Second, etc If One Packet Is Lost Lose 1ms Every 4, Instead of a Contiguous ms Chunk Streaming Multimedia Plug-Ins Server Push (Data) Server Updates HTML Page as Needed Sports Scores, etc Audio Almost There Phone Quality Audio: 64kbps, kbps Compressed CD Quality Audio: 700kbps, 64kbps Compressed RealAudio Broadcast – AM Radio Quality mp3 – Downloads of CD Quality Audio Video Bandwidth Still an Issue 320x240x256 = 2.5 MB Video Refreshes at 30 times per Second 75 Mbps Required for Video Still Pretty Crude Compression Improving All the Time Current: About 100x Other Common Plug-Ins Adobe Acrobat PDF Files – Portable Document Format Portable Distribution of “Printed” Documents Allows Links, Some Text Search Capabilities Viewable/Printable on Multiple Platforms Author Can Restrict Access (e.g Restrict Printing) Proprietary Format Viewers are Freeware VRML Virtual Reality Modeling Language 3-D “Equivalent” of HTML Standalone Browsers or Plug-Ins Netscape, IE Make Plug-Ins Available wrl Extension MIME type: x-world/x-vrml Web 3D Consortium http://www.web3d.org Development Environments Target Customer Novice – (Hide HTML From User) Experienced Developer – Make Process More Efficient HTML Editors Tag Editors Graphical WYSIWYG Editors Validation Site Management Macros/Pre-Processor’s/”Compilers” Shorthand For More Complex Tags Typically Use Custom Tags GUI Development Environment Conversion Tools Convert Pages Designed in Other Environment Into HTML E.g Microsoft Office Common Development Environments Microsoft Frontpage Novice Target Hides Internals From User Netscape Navigator Gold Adobe PageMill Dreamweaver Macromedia Flash Cookies Revisited Cookies Are Name Value Pairs Passed in the HTTP Header Cookies Have Associated Expiration Session (Default) Date / Time Associated With a URL Path, Not a Page! Allows Passing Parameters Between Web Pages Thus Cookies are Used to Provide State Information to a Stateless Protocol Cookie Jar Cookie Storage Internet Explorer c:\windows\cookies Each Has its Own File Netscape Navigator cookies.txt (all kept in the file) Limits 20 Cookies 4K Per Name/Value Pair More Cookies Cookies are Traditionally Set By Server Set-Cookie Browser is Responsible For Maintaining Them Stored On Client’s Computer Passed to Server When Web Site is Revisited HTTP-Cookie Cookie Attributes Name – The Name of the Cookie Subsequent References to Same Name Overwrites Cookie Attributes Value – The Value of the Cookie Identified by Name Expiration – When the Cookie Expires No Date Specified – Cookie Expires at End of Session Past Date/Time – Delete the Cookie Future Date/Time – Delete the Cookie After This Date Example Cookie Bits Example Cookie Set-Cookie: tollhouse=favorite;expires=Thursday, 16-Mar2000 00:00:00 GMT;path=“” Note That Date Must Follow This Format: Weekday, DD-MMM-YYYY HH:MM:SS GMT RFCs specify GMT as the mechanism for handling time problems on the Internet HTTP-Cookie Only Sends Name/Value Pair Cookies - JavaScript Cookies Can be Set in JavaScript document.cookie = “ “ Use Date.toGMTString() to set expiration date E.g document.cookie = “version=1.0; ” + “expires=“ + edate.toGMTString(); To Read a Cookie Value in JavaScript var allcookies= document.cookie; var pos = allcookies.indexOf(“version=“); if (pos != -1) { var start = pos +8; var end = allcookies.indexOf(“;”,start); if (end == -1) end = allcookies.length; var value = allcookies.substring(start,end); vervalue = unescape(value); } Cookie Structure Path Information Default is to Send Cookie to Any URL in the Same Directory or any Subdirectory of the Page Which Set Cookie Path Attribute Can Request That Cookie Be Sent to All URLs in Path (and its Subdirectories) Only Paths That are a Prefix of Current URL are Allowed If Cookies Overlap, All are Sent Ordered by Most Specific to Least Specific Match Domain Attribute – Allows Cookies to Be Shared Across Sites Must Be Part of Same Domain E.g boston.brandeis.edu and lab.brandeis.edu are part of the same domain but may be different servers Secure – Only Sends Cookie If Secure Protocol is Used (e.g SSL) Security Issues Protections: Cookie Can Only Store Information Already Known to Server Can’t Access Hard Disk, etc Data Only – Not Executed by Client Machine Data Can’t Be Shared Across Sites Concerns: Of Course This Assumes That Browser Follows the Rules Browser Can Store Sensitive Information E.g If Server Doesn’t Set Secure Tag, a Credit Card # May Be Passed in Clear to Another Page in Same Path “Invisible” to Users Paths Are Not Always Obvious E.g Multiple Sites Receive Graphics From DoubleClick Server DoubleClick Can Now Gather “Cross-Site” Information Zealous privacy folks advocate turning off cookies ... Legal Action Only if Domain Name is Used Anticybersquatting Consumer Protection Act November 29, 199 9 Civil Lawsuits May be Filed by Trademark Holder Against anyone who Registers, Traffics In,.. .Class Agenda Miscellaneous Topics Cybersquatting Plug-Ins, Multimedia Development Environments Cybersquatting... Browser Designed to Be Safe For Web Use Otherwise Similar to Transfering exe Programs Compiled Into class Files Pseudo-code: Requires a Java Virtual Machine to Run Source Code Hidden From Users Does