The web is enabling all types of systems and solutions to connect to the Internet, but the tools available today do not cover the entire ecosystem. According to Thomas Pornin, author of the BearSSL library and security consultant at NCC Group, embedded systems are becoming a challenge because most programming languages are geared towards web … continue reading
For years, securing your website meant paying a certificate authority for the privilege. But last summer, the Let’s Encrypt Project kicked off, led by the Electronic Frontier Foundation. It sought to provide a free source of SSL certificates, and as of yesterday, that goal has been met. In the time since Let’s Encrypt began its … continue reading
As Apache developers awoke one morning from uneasy dreams, they found themselves transformed in their beds into a giant new version of Apache Kafka. Version 0.9, released yesterday, adds security support for SSL for the first time, as well as new consumer APIs. This latest version of Kafka includes updates that should make it easier … continue reading
The quintessential open-source network mapper, Nmap, was updated to version 7 yesterday. This version includes mature IPv6 support and expanded capabilities for its scripting engine. The biggest draw for security-wary developers and admins alike, however, may be the top-shelf SSL/TLS scanning. With SSL and TLS vulnerable to so many different attacks discovered over the past … continue reading
Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. It’s been close to a year since the Heartbleed bug sent the Internet into a frenzy over security. It spurred the software industry to rally behind OpenSSL—sending in more developers, revamping the … continue reading
It has been almost a year since Telerik announced its cross-platform framework for Android, iOS, and Windows. Today, that NativeScript framework is finally making it into public beta. Valentin Stoychev, product line manager at Telerik, announced that developers can start using the framework to build native mobile apps with CSS and JavaScript. “We have been … continue reading
Security researchers have revealed a new software vulnerability that is leaving Apple and Google users open to a hack attack. The vulnerability, Factoring RSA export keys (also known as the FREAK attack), was found in SSL/TLS—the protocol meant to provide secure Web connections. According to the miTLS team, composed of Inria (a research organization in … continue reading
Nixie: The wearable drone Imagine being able to take a picture while rock climbing, bike riding, hiking, snowboarding and more without having to miss a step. That’s what Nixie aims to do. Nixie is a tiny wearable drone that lives on a user’s wrist and, when launched, can fly around to take photos and videos … continue reading
VMware acquires desktop application delivery startup CloudVolumes Cloud and virtualization software provider VMware has acquired CloudVolumes, a startup focused on desktop application delivery. CloudVolumes’ platform will enable VMware to build real-time application delivery tools across its end-user, datacenter and hybrid cloud platforms. CloudVolumes virtualizes application-management process above the OS, eliminating the need for virtual machine … continue reading
Two big bugs are lingering for far too long. Well, actually one of them was just (finally) patched today … continue reading
