Researchers from the Berkman Center for Internet and Society at Harvard University want to shed some light on the “going dark” debate. The researchers have conducted a study, Don’t Panic: Making Progress on the “Going Dark” Debate, that aims to explore the ramifications of “going dark.” Going dark refers to the inability of U.S. intelligence … continue reading
I’m hoping that, by now, you’ve heard of “Let’s Encrypt,” a free project by the non-profit Internet Security Research Group. The project is currently in public beta, but sometime in the new year, we can expect it to launch for everyone. And the timing couldn’t be better. First, let’s catch everyone up. The EFF, Mozilla, … continue reading
The Apple and Samsung patent infringement case is almost over. Samsung has agreed to pay Apple US$548 million in damages for infringing upon Apple’s mobile patents. The dispute has been ongoing since 2012, when Apple accused Samsung of copying its hardware and software for the Samsung Galaxy Tab 10.1. While Samsung has agreed to pay, … continue reading
Let’s Encrypt has announced its first-ever certificate. Let’s Encrypt is a new certificate authority, made up of tech companies, organizations and researchers, whose goal is to make HTTPS the default protocol for the Web. “Today we mark an important milestone in our march to encrypt all of the Web: the first-ever certificate issued by Let’s … continue reading
Researchers from IBM’s X-Fore Application Security team have discovered a new serialization vulnerability that affect more than 55% of Android phones. According to the researchers, the vulnerability could allow attacks to perform arbitrary code execution and gain access to a user’s device. The vulnerability is nestled within the Android platform, and it affects Android Jelly … continue reading
Google has announced Eddystone, an open-source Bluetooth LE beacon format for developers to integrate into cross-platform applications. Eddystone defines a Bluetooth low energy (BLE) message format for proximity beacon messages, supporting multiple frame types for various application use cases on Android, iOS or other mobile platforms. Google is launching two new APIs along with Eddystone—the … continue reading
Amazon has introduced s2n, a new open-source implementation of the TLS encryption protocol. The s2n implementation, short for “signal to noise,” is a library designed to be small, fast and simple. s2n avoids implementing rarely used TLS options and extensions, and it contains little more than 6,000 lines of code. Amazon plans to integrate s2n … continue reading
As global trading explodes, U.S. software companies are expanding their sales and product development internationally. Whether it’s a small company beginning to sell internationally or a sophisticated company looking to outsource product development, one issue often overlooked or misunderstood is how encryption functionally can impact, and in some cases restrict, international activities. These restrictions arise … continue reading
Microsoft has released version 0.3.0 of Visual Studio Code, its cross-platform code editing tool announced at Build. Visual Studio Code 0.3.0 includes new features and updates to keybinding, the command line, multi-cursor, comment actions, wrapping controls, debugging and more. There is also expanded language support for Rust, JavaScript semantics and syntax, TypeScript 1.5, and smarter … continue reading
Google has announced Preemptible Virtual Machines, a new beta cloud technology for Google Compute Engine. Preemptible VMs are cloud instances that can be shut down at any time for short-term storage capacity at a low fixed cost. Google recommended them for distributed, fault-tolerant workloads that don’t require continuous availability of any single instance. The temporary … continue reading
OpenSSL has issued a new security advisory outlining more than a dozen issues ranging from high to low severity. (Related: OpenSSL to undergo massive security audit) On the heels of announcing a sweeping security audit of the now-stable OpenSSL codebase, the SSL/TLS security protocol underlying much of the Web’s encryption has published warnings for security … continue reading
Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. It’s been close to a year since the Heartbleed bug sent the Internet into a frenzy over security. It spurred the software industry to rally behind OpenSSL—sending in more developers, revamping the … continue reading
