AHuxley notes a series of YouTube videos that have gone viral in Russia, in which senior police officer Alexei Dymovsky — in full uniform — details police corruption and calls on Vladimir Putin to act. "[Dymovsky says:] 'Maybe you don't know about us, about simple cops, who live and work and love their work. I'm ready to tell you everything. I'm not scared of my own death. I will show you the life of cops in Russia, how it is lived, with all the corruption and all the rest – with ignorance, rudeness, recklessness, with honest officers killed because they have stupid bosses.' His series of three 2-to-7-minute long videos released over the past week have together garnered 1 million hits on YouTube, and have spread across Russia. Dymovsky was promptly fired after the clips spread across the Internet, and a local prosecutor has opened an investigation into libel. An interior ministry source accused him of working for foreign agents and hinted that the format of Dymovsky's complaint was a problem, using a medium that remains largely free of government control." It's best to visit the Global Post link with NoScript and Flashblock enabled. Here's a Google cache link in case it's needed.

An anonymous reader writes "Cenzic released its report revealing the most prominent types of Web application vulnerabilities for the first half of 2009. The report identified over 3,100 total vulnerabilities, which is a 10 percent increase in Web application vulnerabilities compared to the second half of 2008. Among Web browsers, Mozilla Firefox had the largest percentage of Web vulnerabilities, followed by Apple Safari, whose browser showed a vast increase in exploits, due to vulnerabilities reported in the Safari iPhone browser." It seems a bit surprising to me that this study shows that only 15% of vulnerabilities are in IE.

An anonymous reader writes "Instead of spending the next 10 years trying to find a Flash implementation for Linux or OS X that doesn't drain CPU cycles like there's no tomorrow, NeoSmart Technologies has made an HTML5 viewer for YouTube videos. It loads YouTube videos in an HTML5 video container and streams (with skip/skim/pause/resume) against an MP4 resource, and an (optional) userscript file can update YouTube pages with the HTML5 viewer. The latest versions of Firefox, Chrome, and Safari are supported. Personally, I can't wait until the major video sites default to HTML5 and we can finally say goodbye to Flash."

snydeq writes "Fatal Exception's Neil McAllister questions whether the move to port Flash to the iPhone isn't a last-ditch effort on Adobe's part to remain relevant in the quickly evolving smartphone market. By allowing developers to compile existing Flash apps into native binaries, Adobe believes it has found a way around Apple's requirements that no non-Apple API interpreted code may be downloaded and used in an app, a clause that has also prevented Sun from porting JVM to the iPhone. The resulting apps will be completely stand-alone, with no runtimes and no Flash Player required — if Apple lets Adobe get away with it, no small feat given how protective Apple has been about its app market. But as much as Apple has at stake here, Adobe may actually have more, McAllister writes. 'Already the idea of using Web languages and tools to build smartphone applications is taking hold. Palm has built an entire smartphone platform around the idea. Apple supports the use of Web technologies like AJAX to build applications based on the iPhone's Safari browser. And developers will soon even be able to build Web-based applications for BlackBerry handsets, thanks to a new SDK from Research in Motion. As late to the game as it is, what Adobe needs now is to convince developers that Flash is better than the other options — and that could be a tough sell.'"

An anonymous reader writes "Nine weeks after Moxie Marlinspike presented at Defcon 17, null-prefix certificates that exploit the SSL certificate vulnerability are beginning to appear. Yesterday, someone posted a null-prefix certificate for www.paypal.com on the full-disclosure mailing list. In conjunction with sslsniff, this certificate can be used to intercept communication to PayPal from all clients using the Windows Crypto API, for which a patch is still not available. This includes IE, Chrome, and Safari on Windows. What's worse, because of the OCSP attack that Moxie also presented at Defcon, this certificate cannot be revoked." Update: 10/06 23:19 GMT by KD: Now it seems that PayPal has suspended Marlinspike's account.

WARM3CH writes "AnandTech tested a laptop with an AMD CPU, a laptop with an Intel CPU, and a netbook to compare battery life while running Internet Explorer 8, Opera 10, Firefox 3.5, Safari 4, and Chrome. They tested on simple web pages and flash-infested ones. IE8 had the best battery life on both laptops (followed by FF + AdBlock), and Safari had the worst battery life. On the netbook, Chrome was slightly ahead of IE8. The report concludes: 'Overall, Internet Explorer and Firefox + AdBlock consistently place near the top, with Chrome following closely behind. Opera 10 Beta 3 didn't do as well as Opera 9.6.4, and in a couple quick tests, it doesn't appear that the final release of Opera 10 changes the situation at all. Opera in general — version 9 or 10 — looks like it doesn't do as well as the other major browsers. Safari is at the back, by a large margin, on all three test notebooks. We suspect that Safari 4 does better under OS X, however, so the poor Windows result probably won't matter to most Safari users.'"

appleprophet writes "WebGL is an upcoming standard from the Khronos Group, the same standards body behind OpenCL and OpenGL ES. It defines the use of OpenGL in websites using the standard canvas element. In other words, websites will be able to render hardware accelerated, 3D graphics natively inside of a web page. In the last week, WebKit, the rendering engine behind Safari and Google Chrome, has added initial support for WebGL, which means it probably won't be too long before Macs and iPhones everywhere get OpenGL web apps. This could have big implications for gaming. HTML5 has steadily been encroaching on desktop applications' territory, but I don't think many people expected browser-based, hardware-accelerated graphics this soon."

Frequent contributor Bennett Haselton writes with an idea that he thinks could help keep browsing on Microsoft's browser more secure for users — and benefit Microsoft as a result. "Tests show that IE's malware filter performs well against other browsers that use the Safe Browsing blacklist from Google. But wouldn't IE's filter be even more effective if it used both filter lists at the same time? And are the political obstacles to that really so insurmountable?" Read on for the rest of a plan that seems a lot more than half-baked.

Michael J. Ross writes "There are countless content management systems (CMSs) available for building websites, and they offer varying levels of built-in functionality. But once a site developer has successfully installed any given CMS, a critical form of help (or hindrance) is the CMS's documentation, which for some CMSs is quite impressive, and for others absolutely atrocious. Joomla is a powerful and popular choice for Web developers, but can be daunting to newbies confused by its non-intuitive menu structure and restrictive content hierarchy. The documentation for Joomla is frequently criticized, for various reasons, and that may largely account for the popularity of third-party books — such as Barrie M. North's Joomla! 1.5: A User's Guide, now in its second edition." Read on for the rest of Michael and Ethelyn's review.

An anonymous reader writes "Whether you consider Opera an underdog browser or not, it came out on top in a feature on CNet this weekend. It was up against 'underdog Web browsers' Camino, K-Meleon, Shiira and Arora in a piece loosely aimed at determining whether these browsers are yet ready to steal significant numbers of users from Firefox, Safari, IE etc. Interesting most to me, however, is that it transpires that Shiira, the Mac browser from Japan, is one of the fastest browsers on the planet, beating the original Chrome v1.0, Firefox 3.5 and more in its benchmark tests."

PainMeds writes "Apple's stepped-up and controversial rejections are helping to foster competition in the app store marketplace. According to an article by Wired, developers aren't taking AppStore rejection lying down, but are turning to the hacking community's repository system for the iPhone to launch an app store of their own. The 4-month-old Cydia store is yielding notably higher sales for a few application developers than Apple's AppStore, and is reportedly running on over 4 million Apple iPhone devices, with perhaps 350,000 connected at any one time. In this store, developers are distributing applications they've written that push the limits of Apple's normal AppStore policies, with software to add file downloads to Safari, trick applications into thinking they're on Wi-Fi (for VoIP), and enhance other types functionality. You'll also find the popular Google Voice application, which was recently rejected by Apple. Third party application development has been around since 2007, when the iPhone was originally introduced, and became so popular that O'Reilly Media published a book geared toward writing applications before an SDK was available. The Cydia store acts as both a free package repository and commercial storefront to third-party developers."

An anonymous reader writes with an interesting and impressive demonstration of modern browsers' HTML 5 capabilities. "From the 9elements blog: 'HTML5 is getting a lot of love lately. With the arrival of Firefox 3.5, Safari 4 and the new 3.0 beta of Google Chrome, browsers support some great new features including canvas and the new audio/video tags. [...] We've created a little experiment which loads 100 tweets related to HTML 5 and displays them using a javascript-based particle engine.' The site warns "(beware: sophisticated browser needed)"; Firefox 3.5 seems to work fine.

mysqlbytes writes "Apple has posted an anticipated v10.5.8 patch for Mac OS X, updating a number of components in the operating system, one of their last updates to Leopard. The update brings improvements to Safari, Airport, Bluetooth, among others and rolls out the latest OS X security fixes." Worth glancing at are some of the security-related notes on the update.

Michael J. Ross writes "Slow Web page loading can discourage visitors to a site more than any other problem, regardless of how attractive or feature-rich the given site might be. Consequently, many Web developers hope to achieve faster response times using AJAX (Asynchronous JavaScript and XML), since only portion(s) of an AJAX page need to be reloaded. But for many rich Internet applications (RIAs), such potential performance gains can be lost as a result of non-optimized JavaScript, graphics, and CSS files. Steve Souders — a Web performance expert previously at Yahoo and now with Google — addresses these topics in his second book, Even Faster Web Sites: Performance Best Practices for Web Developers." Read on for the rest of Michael's review.

bstender writes "Most major browsers — including the latest versions of Internet Explorer, Firefox, Safari, Chrome, and Opera — recognize a CSS rule known as @font-face. What that means, in brief, is that Web developers can now easily embed downloadable fonts in their pages. To see an example, load up Firefox 3.5 or Safari 4 and learn more. You'll see three new typefaces — Liza, Auto, and Dolly — used in the body text and headlines." No doubt the licensing issues are just as complex as the font nerd potential.

je ne sais quoi writes "Net Applications normally releases its statistics for browser and operating system usage share on the first of every month. This month, however, the data has not shown up — only a cryptic message stating they are reviewing the data for inexplicable statistical variations and that it will be available soon. Larry Dignan at ZDNet has a blog post that might explain what is happening: Statcounter has released some data that shows a precipitous drop in IE browser use in North America, to the benefit of Firefox, Safari, and Chrome. At the end of May, StatCounter shows IE usage share (for versions 6, 7, and 8 combined) at around 64%; at the beginning of June it is now about 56% — an astounding 8% drop in one month. We should keep in mind the difficulties in estimating browser usage share: this could very well be a change in how browsers report themselves, or some other statistical anomaly. So it will probably be healthy to remain skeptical until trend this is confirmed by other organizations. Have any of you seen drops in IE usage share for Web-sites you administer?"

Ars Technica has a great breakdown of the codec debate for the HTML 5 video element. Support for the new video element seems to be split into two main camps, Ogg Theora and H.264, and the inability to find a solution has HTML 5 spec editor Ian Hickson throwing in the towel. "Hickson outlined the positions of each major browser vendor and explained how the present impasse will influence the HTML 5 standard. Apple and Google favor H.264 while Mozilla and Opera favor Ogg Theora. Google intends to ship its browser with support for both codecs, which means that Apple is the only vendor that will not be supporting Ogg. 'After an inordinate amount of discussions, both in public and privately, on the situation regarding codecs for and in HTML5, I have reluctantly come to the conclusion that there is no suitable codec that all vendors are willing to implement and ship,' Hickson wrote. 'I have therefore removed the two subsections in the HTML5 spec in which codecs would have been required, and have instead left the matter undefined.'"

An anonymous reader writes "This experiment graphs the memory usage of Chrome and Firefox 3.5 (along with Safari and Opera) over a series of 150 Web page loads using an automated script. Firefox 3.5 shows the lowest memory usage in all categories, including average memory usage, maximum memory usage, and final memory usage. Chrome uses over 1 GB of memory due to its process architecture. Safari 4 and Opera show memory usage degradation over time, while Chrome and Firefox 3.5 are more reliable in freeing memory to the OS." IE 8 was not included "because the author could not find a way to prevent it from opening a new window on each invocation of the command."

CWmike writes "Apple patched 46 security vulnerabilities in the iPhone and iPod Touch, half of them in the Safari browser and its WebKit rendering engine, as it released iPhone OS 3.0 on Wednesday. One of the patched WebKit vulnerabilities stands out because of the attention it received in March, when a German college student, Nils, walked away with a $5,000 cash prize for hacking Safari at the Pwn2Own challenge. Nils used a bug in WebKit's handling of SVGList objects to crack Safari."

Lots of big news from WWDC today including updates to almost all of Apple's laptops. They added a 13-inch version to the MacBook Pro line, updated the MacBook Air, and added a few new ports to some of the machines including an SD slot and firewire 800 port. Software updates saw Safari 4 launched, OS X updates including threading changes, Exchange support to mail, calendar, and address book, and OpenCL a new open graphics standard. The iPhone got quite a bit of love in 3.0, much of it just confirming older news. Cut, copy, and paste, shake to undo, developer APIs, Cocoa Touch support for text, landscape mode updates, spotlight, and MMS all made the bullet list. You will now also be able to rent and purchase movies directly from your iPhone. Other new features in 3.0 include the much debated tethering ability, allowing you to use your iPhone as a cellular modem (unfortunately there was no mention of AT&T actually supporting this feature, a wonder there wasn't a riot), integrated TomTom GPS navigation, and game features galore. New functionality also allows you to locate your iPhone via MobileMe, play a sound to help you locate it (regardless if it is set to silent), and even wipe your data remotely. The New iPhone hardware updates, "3GS", adds a 3 megapixel auto-focus camera, voice interfaces, twice the processing power, and hardware encryption. The 3GS comes in 16GB ($199) and 32GB ($299), pushing the 3G (which they are keeping on the market) to $99. Lots of other small updates amidst the bustle, looks like another successful WWDC.