Wikipedia:Reference desk/Archives/Computing/2011 March 2

Computing desk
< March 1	<< Feb | March | Apr >>	March 3 >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

March 2

Trusted in the sense of Mozilla

If one site's certificate is classified as trusted by Mozilla, that means: (a) their identity is right or (b) Mozilla knows that the identity is right, and that they keep some other policies, which make them trustworthy. (a) implies that a mobster could still apply for a certificate and be declared trustworthy. Quest09 (talk) 02:04, 2 March 2011 (UTC)[reply]

See Certificate authority, from which I think you can get (or derive) your answer. Comet Tuttle (talk) 02:08, 2 March 2011 (UTC)[reply]

A cryptographically secure certificate should be considered a technological version of a "notarized statement verifying identity" - not a statement vouching for their good intentions. Nimur (talk) 16:56, 2 March 2011 (UTC)[reply]

See here for Mozilla policy. Basically the CA files some paperwork and there is a Wikipedia RFA-like online discussion (usually not contentious, but sometimes...) where users can raise any objections they might have, and if everything is in order, the CA gets added. (Added: One of the paperwork requirements is documenting an external audit of the CA's certification processes, which is rather expensive, so you can't really become a CA out of your apartment any more.) The public CA system is not very secure, so if you're building an extranet or something like that, disable all the public roots and use a private CA. 71.141.88.54 (talk) 10:42, 3 March 2011 (UTC)[reply]

I think OP asked for what it would take to get a certificate. Not what it would take to be allowed to issue certificates. So in short, trustworthy means that you can trust that the page you are viewing belongs to the URL you typed in. It does not imply anything about the trustworthiness of the organization or person holding the certificate. Taemyr (talk) 12:28, 3 March 2011 (UTC)[reply]

Oh, I see. Basically there are several levels of authentication that CA's use before issuing certificates, but it only takes the lowest level recognized by Mozilla to get the browser to accept a given cert. The lowest level is email confirmation to some administrative address (like root@whatever.org) at the domain you're buying the certificate for. Those types of certificates cost around $15/year, or even zero if you're willing to accept some annoying conditions like telling the CA your home address. They just show you have some administrative access to the domain. If you look at some sites like paypal.com, you see the domain name in green along with the country code, which is intended to give you a heightened sense of security (whether or not that is justified). Getting that green bar requires an "extended validation" (EV) certificate which is more expensive and requires somewhat more paperwork and headache than a normal certificate. They check out the paperwork and that shows to some extent that the cert holder has a traceable real-world existence. Unless you're running a large retail or a financial site, don't worry about EV. 71.141.88.54 (talk) 04:01, 5 March 2011 (UTC)[reply]

Using the datastore outside of CGI in Google App Engine

I'm trying to use the App Engine datastore in my application outside of the bounds of one of the request handler pages (like main.py or the other files you can specify in app.yaml). Is this possible? When I try to run it, it says my database model does not have a method "put" associated with it, but it has no problems when I run it from a script connected to CGI and request handling. Do you know what I can do to add CGI to those pages without adding request handling? Thanks! — Preceding unsigned comment added by Legolas52 (talk • contribs) 09:20, 2 March 2011 (UTC)[reply]

URIs and URLs (terminology)

I fear that this may be a FAQ. If so, sorry.

As I understand it, URIs were envisaged as including, but not as being exhausted by, URLs and URNs. However, they are in practice no more (or little more) than the union of URLs and URNs. A URL needn't start with "http://", but if it does (and if this works?), then it's either a URL or a URI: Most people would call it a URL, but those sticklers at W3C would call it a URI.

I could be wrong here. But as it is, I don't know why http://en.wikipedia.org/ (for example) shouldn't be called either a URL or a URI. Or to put it more bluntly: Why does W3C bother to kick against the pricks by calling such things URIs?

Yes, the question is merely academic, but it somehow intrigued me all the same. So I went to the article "Universal Resource Identifier" "Uniform Resource Identifier" to take a look. This starts: In computing, a Uniform Resource Identifier (URI) is a string of characters used to identify a name or a resource on the Internet.

There's no "typically" or "usually" anywhere in that. But a short way down in the same article I read A typical URL for [a digital version of a particular book] on a Unix-like operating system would be a file path such as file:///home/username/RomeoAndJuliet.pdf, identifying the electronic book saved in a file on a local hard disk. I know little about webservers, but /home/username doesn't look at all to me like a directory available to the internet or even to an intranet. And if it were available, surely that address would be insufficient for universal access: we'd have to know the name of the network, the name of the computer, etc.

Suppose I build a toy website on my own hard drive, maybe just for my own amusement, maybe in preparation for or as a backup of a real website on the real web. As far as I am concerned, the top page is at file:///Users/morenoodles/website/index.html ; by contrast, you've no idea where it is as you don't know what or where my computer is. Can I call this address a URI or a URL? If not, what can I call it? Now, if I use Safari to open this web-page-not-on-the-web and click on <a href="pix/zebra.jpg">this</a>, I'll see file:///Users/morenoodles/website/pix/zebra.jpg -- thanks to "pix/zebra.jpg", which is what: a "relative URL", a "relative URI", either, something else? Morenoodles (talk) 09:22, 2 March 2011 (UTC) fixed embarrassing typo Morenoodles (talk) 06:13, 4 March 2011 (UTC)[reply]

A URN is the name of a resource, such as en.wikipedia.org, and a URL is the path to the resource, eg. http://'en.wikipedia.org. If you have a file on your computer named testbase.odb at the location C:\testdocs\testbase.odb, testbase is the file's URN, and file://C:\testdocs\testbase.odb is the file's relative URL. A relative URL only works within the resource in which it is contained. An absolute URL works across the entire Internet. Rocketshiporion♫ 11:56, 2 March 2011 (UTC)[reply]

That makes sense! Hmm, but if file://C:/testdocs/testbase.html is a "relative URL" then a link like <a href="testbase.html">this</a> to it from another file in the same directory would employ, uh, a "relative relative URL", perhaps? Certainly it seems intuitively (to me, at least) to have an additional layer of relativeness to it. Morenoodles (talk) 12:05, 2 March 2011 (UTC)[reply]

I'm not sure about whether that can be classified as an additional layer of relativeness, but the URL file://C:\testdocs\testbase.odb is relative in that it only works on your computer. If you typed in file://C:\testdocs\testbase.odb on another computer, it would not lead to the file testbase.odb on your computer. Rocketshiporion♫ 12:12, 2 March 2011 (UTC)[reply]

Well . . . that much I know! Of course the meaning of "absolute" is, well, absolute, and anything less is of course merely relative. Somebody could create a proto-website on his hard drive that was interlinked in terms of the root or C:\ directory and when copied to a web server the result would not work. Somebody else could create a similar site that was interlinked via "../" and so forth and that would work when copied to a web server. Speaking carelessly, I'd tell the former that her problem was that she'd used absolute URLs. But I'd be wrong. I wonder then how best to phrase it. Imagining (for the sake of brevity here) that all one's readers are using Windows: Make sure never to reference any drive letter (e.g. 'C:'), do switch backslashes to slashes, and do rely on '../' to go up one directory, '../..' to go up two, etc." Perhaps. Morenoodles (talk) 12:37, 2 March 2011 (UTC)[reply]

The two confusing senses of "relative" in play here are:

• Relative to the location of the file the link is in (pix/zebra.jpg).
• Relative to the local computer the file is in (file:///C:/.../website/pix/zebra.jpg).

I don't think there's any escaping the need to use a full phrase to specify which you mean (unless it's clear from context).

I have my own theory about why the W3C insist on saying "URI" when they mean URL, but it's not very encyclopedic in tone, so I'll keep it to myself. 81.131.58.108 (talk) 14:57, 2 March 2011 (UTC)[reply]

You wouldn't be wrong; see below. The whole point of relative references (properly defined) is the portability (between machines, copies, and protocols) they provide. --Tardis (talk) 17:11, 2 March 2011 (UTC)[reply]

First, technical points:

1. en.wikipedia.org and testbase are not URNs (nor URIs at all) because they have no scheme components.
2. The backslash \ can never appear literally in a URI, although some user agents will render its percent encoding %5C as a backslash for the user.

It is true that a URN is a name (as its name suggests) and a URL specifies a means of getting to the resource in question; see another section of the RFC, where the confusion over the name "URN" is described.

Since we're talking about terminology, let's now go to fully-pedantic mode. There's a great possibility for confusion here because the standards themselves have changed (note the list of RFCs at the bottom of URI). The last standard (RFC 2396, from 1998) used the terms "absolute URI" and "relative URI", though it also used the phrases "relative reference" and "relative-path reference" (emphasis mine) which corresponds to Morenoodles' "relative relative" idea. (That RFC is hard to read with an eye to precision because it so often switches between "URI" and "[URI] reference"; see the grammar (terminology) translation table in the new standard.) The "file:" scheme still seems to be governed by the officially-obsolete RFC 1738 from 1994; there is an expired draft to update it, but it's mostly just a warning that no one knows how many slashes go at the beginning (despite the fact that 1738 is very clear on this point).

Using the modern terminology from RFC 3986 (2005), <a href="foo/bar">link</a> does not contain a URI at all, but rather a URI reference (in particular the "relative reference" that is the alternative to a URI in that context). The term "absolute URI" in this standard merely means a URI that lacks a fragment (the #foo at the end of some URIs), but since what is sometimes called a "relative URL" isn't a URI at all, they're still not "absolute URIs". (It's fortunate that "relative URLs" are not "absolute URIs"!) But in either standard, anything like file:///c:/foo/bar is absolute, because "absolute" means "does not require a base URI for interpretation" and a base URI would have nothing to add there. (In particular, the empty authority already means "localhost"; it can't be filled in by another URI.)

The fact that a file: URI (with the very common blank authority) is resolved in a fashion that depends on the computer in use is a detail of the resolution policy of that scheme and has nothing to do with the absoluteness of the URI. We can't adopt the definition that "absolute URLs work across the entire Internet", because they mightn't work for a wide variety of reasons: the use of a private network or link-local address (or even loopback address), the use of an alternate DNS root or multicast DNS where the specific identity of the machine is meant to be important, or simple routing restrictions. --Tardis (talk) 17:11, 2 March 2011 (UTC)[reply]

Here's an attempt to actually answer your various questions:

1. Because the W3C thought that using URL and URI semi-interchangeably was confusing. (This is also RFC 3305.) (You say "it's either a URL or URI", which of course just means "it's a URI" since everyone agrees every URL is a URI. And no one would argue that typical HTTP URIs are URLs; it's just a question of whether it's useful to refer to the set of all URLs in preference to the set of all URIs.)
2. Your example is a URL (and thus a URI); the fact that it can't be used by us is why it's a "uniform" and not a "universal" resource identifier (as you wrote). As for whether it's "on the Internet" or not, note that RFC 3986 specifically says that resources need not be Internet-accessible; perhaps our lede should be adjusted to say "often on the Internet" or to say that URIs themselves are often used on the Internet whether or not the resources are found there. (Not to mention the subtle question of whether your computer is part of the Internet (just with heavily-restricted access).)
3. "pix/zebra.jpg" is a relative reference or (more generally) URI reference, as I wrote in my other reply. --Tardis (talk) 17:11, 2 March 2011 (UTC)[reply]

Tardis, thank you for your excellent, thoughtful response. It did come with the prefatory warning let's now go to fully-pedantic mode but this didn't alarm me much: I'd realized that my question would probably call for a pedantic answer. It had also seemed to me that anything starting "http://" (and also working?) could be described as either a URL or a URI, but I wondered if there were after all some meaningful distinction for some cases; that some could be URIs but not URLs. Come to think of it, yes, I'd noticed that in practice addresses (whether correctly called URIs, URLs, both, or neither) starting "file:" didn't seem to be standardized: one can copy a local address from one browser that successfully displays the file to another (running at the same time, and of course by the same user, on the same computer) for that second browser not to be able to find the file. Odd business. Morenoodles (talk) 06:40, 4 March 2011 (UTC)[reply]

Updating Adobe Flash Player

I got the message "You should update Adobe Flash Player right now." It appears to be a Firefox message.

How can I tell if the message is legitimate? More importantly, how to know whether I would be updating from a safe place or a malware site?

I am tempted to remove adobe flash player rather than risk getting more malware. Is there a safe way through this mess?

Thank you, Wanderer57 (talk) 18:14, 2 March 2011 (UTC)[reply]

The safe way to do this is to visit www.adobe.com by typing that address into your address bar and not clicking on some link to visit. Then go to the download section and download the latest Flash player. For the record, that message is probably legitimate; I have seen it a number of times when updating my PCs' Firefox clients. Firefox is doing the public a service by blaring that message at them, because old versions of Flash have known large gaping security holes. Comet Tuttle (talk) 18:37, 2 March 2011 (UTC)[reply]

Thanks very much. Wanderer57 (talk) 02:04, 3 March 2011 (UTC)[reply]

DVD driver

Hi, I know have Windows Vista 32-bit running as a virtual machine, with Ubuntu as the host. I was looking at this page for a DVD driver I could download. 1) how do I know which optical drive I have (it makes you pick I think) and 2) how do I know which one of these is a DVD driver? Thanks, --T H F S W (T · C · E) 23:00, 2 March 2011 (UTC)[reply]

What makes you think you need to download a driver? Doesn't the one that ships in Vista work? -- Finlay McWalter ☻ Talk 23:51, 2 March 2011 (UTC)[reply]

Apparently not. It gives me this notice: "Windows Media Player cannot play the DVD because a compatible DVD decoder is not installed on your computer." How do I get one of these? --T H F S W (T · C · E) 00:07, 3 March 2011 (UTC)[reply]

A DVD decoder is not the same as a DVD driver; a decoder it takes care of the job of decrypting and playing video DVDs. Typically you'd have a DVD decoder (a plugin into the Windows Media framework) which is usually installed by an add-on player like WinDVD, which usually comes with a PC such as yours. But it seems you've wiped that (when you installed Ubuntu natively) and I guess you installed a retail Vista install inside the VM - retail Vista doesn't ship with a DVD decoder. Instead, install VLC media player and use it (and not Windows Media Player) to play DVDs in Vista. -- Finlay McWalter ☻ Talk 00:25, 3 March 2011 (UTC)[reply]

Windows Vista Ultimate and if I'm interpreting this properly Vista Home Premium do come with a DVD decoder. However 'Windows Vista Home Basic, Windows Vista Business, or Windows Vista Enterprise' do not. Nil Einne (talk) 10:21, 3 March 2011 (UTC)[reply]

In addition to the above, it's worth my explaining how hardware virtualisation works. Ubuntu is running on your real, physical, unvirtualised hardware. On that you're running a virtualisation program (I'm guessing either VirtualBox or VMWare). That virtualisation program manufacturers an entirely fictious computer; an OS running in the VM will see imaginary hardware that isn't there (different hard disks, different optical disks, different adapter cards, different USB controllers, etc.). So even though the VM is on a Dell machine, Dell drivers aren't appropriate, as Vista (in your case) is running on the virtual PC instead. Usually this fake PC reports some very standard hardware, so the standard drivers that come by default with an OS like Vista will work out of the box. Both VMWare and VirtualBox supply "Guest Additions", software to run in the virtual machine, which helps integration with the fake PC; in some cases this includes Vista (e.g.) drivers. In summary: don't install Dell drivers on Vista, because Vista isn't really running on a Dell. -- Finlay McWalter ☻ Talk 00:40, 3 March 2011 (UTC)[reply]

So what can I put on here to make it play DVDs? Should AVS Video Converter do it? --T H F S W (T · C · E) 04:51, 3 March 2011 (UTC)[reply]

If you want to use WMP ,I believe with Vista all you may need are codecs for MPEG2 and probably AC-3. In that case something like ffdshow try-outs [1] or the Media Player Classic Home Cinema edition standalone codecs/filters [2] should do the trick. Nil Einne (talk) 10:26, 3 March 2011 (UTC)[reply]

New Core i5's vs Core 2's

In terms of performance, how much better are new middle of the line Core i5's compared to middle-end or high-end Core 2 processors for gaming and heavy multitasking? Acceptable (talk) 23:27, 2 March 2011 (UTC)[reply]