Login
Password
Sources on this Page

> Headlines by Category

 Home / Technology / Security / Authentication & Encryption

You are using the plain HTML view, switch to advanced view for a more complete experience.

Mozilla mandates that new Firefox features rely on encrypted connections

Mozilla this week decreed that future web-facing features of Firefox must meet an under-development standard that requires all browser-to-server-and-back traffic be encrypted.

"Effective immediately, all new features that are web-exposed are to be restricted to secure contexts," wrote Mozilla engineer Anne van Kesteren in a post to a company blog. "A feature can be anything from an extension of an existing IDL-defined object, a new CSS property, a new HTTP response header, to bigger features such as WebVR."

Secure contexts, dubbed a "minimum security level," is a pending standard of the W3 (World Wide Web Consortium), the primary standards body for the web. Secure contexts' main purpose, according to its documentation: "Application code with access to sensitive or private data be delivered confidentially over authenticated channels that guarantee data integrity."

To read this article in full, please click here

More Windows patches, primarily previews, point to escalating problems this month

Never give a sucker an even break. Yesterday, on a very out-of-band Wednesday, Microsoft released preview patches for Windows 8.1 (but not 7!), Server 2012, and Windows 10 1709 (for bricked AMD machines only), with preview cumulative updates for Win10 1703 and 1607. There are also nine different .NET preview patches.

What should you do? Nothing. More accurately, make sure you DON’T install any of them. Fortunately, all of these patches require that you download and install them — and you’d have to be crazy (or an admin trying to shore up some critical servers) to dive into the cesspool.

It’s the same advice I’ve been giving all month. There’s nothing here that you need right now — there are no known exploits for Meltdown or Spectre in the wild, in particular — and machines are dropping like flies.

To read this article in full, please click here

Throwback Thursday: What are the odds?

Internet filter is installed at this site, and in the beginning, there are complaints from users who can't get to their favorite non-business sites, says an IT pilot fish working there.

But after six months and lots of explanations to users, the complaints have stopped. "Then one Saturday evening, a user called me," fish says.

"He called to report that something must be wrong, because he could get to his lottery numbers tonight.

"I told him thanks, and that I would inform the individual in charge of the filter on Monday morning, as it wasn't stopping anything production-critical during the weekend hours.

"I still can't decide which is funnier: the fact that apparently every day for nearly six months this user tried to get to his lottery numbers even though the page should have never loaded again -- or that, when he actually was able to, he reported it as a problem."

To read this article in full, please click here

InSpectre: See whether your PC's protected from Meltdown and Spectre

If you’re wondering whether your computer is susceptible to the latest bête noir, Meltdown and Spectre, you can take the official Microsoft patch and, after a suitable amount of technical drudgery, come away with a result that doesn’t answer much. Or you can try Steve Gibson’s new InSpectre and – with suitable caveats – see some meaningful results and a few hints about catching up.

Microsoft has a complex PowerShell script that details your machine’s exposure to the Meltdown and Spectre security flaws. Running that script on all but the simplest and most up-to-date systems turns into a hair-pulling exercise, and the results are coated in 10 layers of technical gobbledygook.

To read this article in full, please click here

Post Selected Items to:

Showing 10 items of 97

home  •   advertising  •   terms of service  •   privacy  •   about us  •   contact us  •   press release design by Popshop •   © 1999-2018 NewsKnowledge