The Linux Foundation has recently launched the Post-Quantum Cryptography Alliance (PQCA), a collaborative effort aimed at advancing and facilitating the adoption of post-quantum cryptography in response to the emerging threats of quantum computing. This alliance assembles diverse stakeholders, including industry leaders, researchers, and developers, focusing on creating high-assurance software implementations of standardized algorithms. The initiative … continue reading
As a developer, you specialize in code – not security. However, as DevOps continues to blend roles and responsibilities, the typical software developer has become responsible for more and more operational aspects like security. A core component of application and IoT security is code signing. Let’s start with a basic definition. Code signing is a … continue reading
There’s a tiny hill located in the plains of Australia, dubbed Mount Wycheproof. Though it be little, it is registered as the world’s smallest mountain. A group of members of the Google Security Team wanted to set a small, easily-achievable goal, so it was fitting to name their newly open-sourced project after the tiny mountain; … continue reading
The ACM Turing Award, presented by the Association for Computing Machinery, is often referred to as the “Nobel Prize of Computing.” Today, Whitfield Diffie, former chief security officer at Sun Microsystems, and Martin E. Hellman, professor emeritus of electrical engineering at Stanford University, were recipients of the 2015 award for their contributions to modern cryptography. … continue reading
The World Wide Web Consortium (W3C) is putting cybersecurity on its radar. It has announced that it is launching a new working group designed to standardize Web authentication and provide a more secure and flexible solution to password-based logins. “Every other week you see news of a password leak or data leak from another major … continue reading
Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. It’s been close to a year since the Heartbleed bug sent the Internet into a frenzy over security. It spurred the software industry to rally behind OpenSSL—sending in more developers, revamping the … continue reading
Google has officially announced its new tool chain for Android. The core of the new tool chain includes two tools: Jack and Jill. Jack stands for Java Android Compiler Kit, while Jill stands for Jack Intermediate Library Linker. Belgian mobile development software company Saikoa revealed the new compilers in the beginning of the month. Google … continue reading
