Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Submission + - Introducing s2n, a New Open Source TLS Implementation->

Pigskin-Referee writes: At Amazon Web Services, strong encryption is one of our standard features, and an integral aspect of that is the TLS (previously called SSL) encryption protocol. TLS is used with every AWS API and is also available directly to customers of many AWS services including Elastic Load Balancing (ELB), AWS Elastic Beanstalk, Amazon CloudFront, Amazon S3, Amazon RDS, and Amazon SES.

The last 18 months or so has been an eventful time for the TLS protocol. Impressive cryptography analysis highlighted flaws in several TLS algorithms that are more serious than previously thought, and security research revealed issues in several software implementations of TLS. Overall, these developments are positive and improve security, but for many they have also led to time-consuming operational events, such as software upgrades and certificate rotations.

Part of the challenge is that the TLS protocol, including all of its optional extensions, has become very complex. OpenSSL, the de facto reference implementation, contains more than 500,000 lines of code with at least 70,000 of those involved in processing TLS. Naturally with each line of code there is a risk of error, but this large size also presents challenges for code audits, security reviews, performance, and efficiency.

In order to simplify our TLS implementation and as part of our support for strong encryption for everyone, we are pleased to announce availability of a new Open Source implementation of the TLS protocol: s2n. s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, we’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.

Over the coming months, we will begin integrating s2n into several AWS services. TLS is a standardized protocol and s2n already implements the functionality that we use, so this won’t require any changes in your own applications and everything will remain interoperable.

If you are interested in using or contributing to s2n, the source code, documentation, commits and enhancements are all publically available under the terms of the Apache Software License 2.0 from the s2n GitHub repository.

s2n isn’t intended as a replacement for OpenSSL, which we remain committed to supporting through our involvement in the Linux Foundation’s Core Infrastructure Initiative. OpenSSL provides two main libraries: “libssl”, which implements TLS, and “libcrypto,” which is a general-purpose cryptography library. Think of s2n as an analogue of “libssl,” but not “libcrypto.”

Oh and the name? s2n is short for “signal to noise” and is a nod to the almost magical act of encryption—disguising meaningful signals, like your critical data, as seemingly random noise.

Link to Original Source

Comment Disposal of used Brother cartridges (Score 1) 189

I have two Brother Laser printers. I usually buy genuine Brother refills from Amazon. They come with a postage-paid return sticker. I just put the old item in the box the new one came in, attached the sticker and drop off at Post Office. There is a sticker for UPS also.

Comment Re:Nobody else seems to want it (Score 1) 727

Your answer, while well intentioned, is way over simplified. I am in a position that I am able to talk with the person or persons involved in driver development in many companies. The general consensus is that developing a driver or drivers that offer the same usability that the ones developed for Microsoft is just too expensive and time consuming.

I recently had a conversation with a developer from Brother USA. The individual uses Linux on his person PC at home. He explained that one of the major stumbling blocks were the many flavors of *nix that are available. Developing for all of them, especially the niche market ones like FreeBSD is not feasible. With Microsoft, a driver developed for WinXP might very well still work on Win-8.1, whereas in the *nix world, a driver developed for one flavor of Linux is usually useless on another flavor. If the FOSS world came together and developed one uniform driver model that employed a uniform installation routine, etcetera, then the costs of developing drivers for *nix would no longer be the problem that the presently are.

Not mentioned here, but important to remember is that Microsoft develops drivers for many devices on their own. They are usually "universal" drivers, but at least they offer some limited use of the device it was developed for. In some case, even more than the one written by the device's developer. Microsoft also offers "in-house" support for authors attempting to write drivers for its operating system.

It is also worth noting, that in many instances, the operating system does not offer the support that the device needs to operate to begin with. In the FreeBSD word, it took nearly 10 years for them to get support for "n" protocol drivers, and it is still woefully incomplete.

Submission + - Nadella named new Microsoft CEO; Gates out as chairman->

Pigskin-Referee writes: Microsoft named its top cloud computing executive, Satya Nadella, as chief executive on Tuesday.

The company also said Bill Gates would step aside as chairman of the board but would remain a technology advisor to the company. John Thompson, who has been the lead independent director, will become chairman.

Nadella's appointment ends a longer-than-expected search for a new leader after Steve Ballmer announced his intention to retire in August.

Nadella is only the third CEO in Microsoft's 39-year history, following co-founder Bill Gates and Ballmer.

The company took to Twitter to introduce its choice as CEO to the world.

Link to Original Source

Submission + - US appeals court strikes down net neutrality->

Pigskin-Referee writes: The FCC did not have the legal authority to enact 2011 regulations requiring Internet providers to treat all traffic the same, the U.S. Court of Appeals ruled.

WASHINGTON — A U.S. appeals court has struck down the government's latest effort to require internet providers to treat all web traffic equally, meaning mobile carriers and other broadband providers may reach agreements for faster access to specific content crossing their networks.

The Federal Communications Commission's open Internet rules, passed in late 2010, require internet providers to treat all Web traffic equally and give consumers equal access to all lawful content, a principle known as net neutrality.

But the FCC lacked legal authority to enact the regulations, the U.S. Court of Appeals for the District of Columbia Circuit ruled on Tuesday, siding with Verizon Communications Inc that challenged the rules.

Verizon has argued the rules violated the company's right to free speech and stripped control of what its networks transmit and how.

"Even though the commission has general authority to regulate in this arena, it may not impose requirements that contravene express statutory mandates," Judge David Tatel said.

The FCC has classified broadband providers as information service providers as opposed to telecommunications service providers and that distinction created a legal hurdle for the FCC to impose the net neutrality rules.

FCC Chairman Tom Wheeler on Tuesday said the agency was considering "all available options, including those for appeal, to ensure that these networks on which the Internet depends continue to provide a free and open platform for innovation and expression, and operate in the interest of all Americans."

The FCC could appeal the ruling to the full appeals court or to the U.S. Supreme Court. Or it could attempt to rewrite the regulations to clear up its authority over broadband providers — a move urged by consumer advocacy groups.

Supporters of the rules worry that without FCC's rules, internet providers such as Verizon or Comcast Corp would be free to charge websites for faster access to their content or slow down or even block access to particular sites.

"That's just not the way the internet has worked until now," Matt Wood, policy director at public interest group Free Press, told Reuters.

But opponents say the rules inhibit investments, represent government meddling in free Internet and are not necessary to ensure open access to the Internet.

"Today's decision will not change consumers' ability to access and use the Internet as they do now," Randal Milch, Verizon's general counsel and executive vice president for public policy, said in a statement.

"Verizon has been and remains committed to the open Internet which provides consumers with competitive choices and unblocked access to lawful websites and content when, where, and how they want. This will not change in light of the court's decision," Milch said.

Similarly, the Broadband for America coalition representing various internet service providers and CTIA, the wireless industry association, pledged commitments to an open Internet.

Major content providers Netflix Inc and Google Inc who may face new hurdle referred inquiries to the Internet Association representing them.

"The Internet Association supports enforceable rules that ensure an open Internet, free from government control or discriminatory, anticompetitive actions by gatekeepers," the group's President and CEO Michael Beckerman said.

Facing strong resistance from Republicans, Democratic lawmakers on Tuesday pledged to help FCC redraft its rules to regain authority over broadband providers.

Link to Original Source

Comment Why Continue to Develop So Many Differnt Versions (Score 1) 133

Why does FreeBSD continue to develop two different versions rather than concentrate on making on superior product? They are years behind *nix and a decade behind Microsoft when it comes to drivers, wireless support and printer support. It just defies logic that they spread their all ready meager resources between to products rather than concentrate on making on superior product.

Submission + - Caixa Econômica Federal Turns to Microsoft Solutions for Cost Saving->

Pigskin-Referee writes: Caixa Econômica Federal Turns to Microsoft Solutions for Cost Savings and Improved Interoperability

Established in 1861, Caixa Econômica Federal is not just a bank, it’s an institution that impacts the lives of millions in Brazil. The 100% public company has a key role in promoting urban development and social initiatives across country, giving priority to sectors such as housing and public services and contributing significantly to improve the lives of citizens, especially those of low income.

Recently, Caixa was looking to significantly revitalize its IT solutions to support growth, accelerate decision making, and take advantage of the transformative benefits of cloud solutions and mobile integration. At the same time, they needed to ensure new technologies would work well with existing IT investments, including open source software.

Caixa decided to implement a robust suite of Microsoft solutions, including Windows Server 2012, Windows 8, and Office, to better support its 118,000 employees and 3,000 branches. Now Caixa is realizing a broad range of efficiency improvements – from streamlined communications to enhanced mobile productivity to significant cost savings.

In one year there have been impressive results, including the migration of 140,000 mailboxes, almost 40,000 desktops running Windows 8, and 100,000 users migrated from ISA Sever to Forefront Threat Management Gateway (TMG) Server using Microsoft Reputation Services (MRS).

Employees and management alike are pleased with the improved functionality and business agility. “I believe this will revolutionize the way we work at Caixa,” said Marcelo Xavier, IT Consultant at Caixa.

Caixa’s new Microsoft solutions integrated well with their existing IT, including some legacy and open source solutions, such as OpenLDAP, Expresso Email, Apache web server and PostGreSQL.

Caixa is representative of a broader trend of previously open source customers embracing Microsoft technologies, or a mix of Microsoft and open source solutions. We’re fortunate to regain their business, as organizations have seen Microsoft investing heavily in work with open source vendors and communities, in supporting standard document formats like ODF, in building rich integration with Linux on the desktop and the server, and in mainstreaming the new stack of web standards like HTML5. They like that we have made a commitment to ensure our technology works well with others, combined with the overall platform value we deliver.

Link to Original Source

Submission + - Microsoft released Office Mobile for Android phones.->

Pigskin-Referee writes: Microsoft Office Mobile is the official Office companion optimized for your Android phone. You can access, view and edit your Microsoft Word, Microsoft Excel and Microsoft PowerPoint documents from virtually anywhere. Documents look like the originals, thanks to support for charts, animations, SmartArt graphics and shapes. When you make quick edits or add comments to a document, the formatting and content remain intact.
Link to Original Source

Submission + - Microsoft has announced the retirement of the TechNet Subscriptions service->

Pigskin-Referee writes: Those who qualify for TechNet get access to nearly all of Microsoft's software (Office for the Mac being a notable exception), with a limited number of license keys for each application. Microsoft's recently announcement stated that TechNet users could buy or renew a one-year subscription through Aug. 31.

Microsoft hasn't specifically stated that software piracy is the root cause of TechNet's demise. But there's no doubt that a significant number of TechNet subscribers have abused the service. In truth, the program has been rife with petty-level pirating for all of its nearly 20 years.

Back in the early days, packs of TechNet CDs arrived in the mail. It was like manna from the mother ship. And those CDs got passed around.

Today, TechNet's many offerings are simply downloaded as easily copied and shared ISO files. For the most part, the downloads are managed through a sort of honor system. That makes it easy for some subscribers to game the system — i.e., download genuine copies of Microsoft software along with perfectly legitimate keys and then either give the software to family and friends or sell it at the local flea market. Undoubtedly, a few unscrupulous PC resellers sold systems with free TechNet software keys — and charged their customers "discounted" application fees.

Link to Original Source

Submission + - Supreme Court upholds DNA swabbing of people under arrest->

Pigskin-Referee writes: The Supreme Court on Monday upheld the police practice of taking DNA samples from people who have been arrested but not convicted of a crime, ruling that it amounts to the 21st century version of fingerprinting.

The ruling was 5-4. Justice Antonin Scalia, a conservative, joined three of the court’s more liberal members — Justices Ruth Bader Ginsburg, Sonia Sotomayor and Elena Kagan — in dissenting.

The five justices in the majority ruled that DNA sampling, after an arrest “for a serious offense” and when officers “bring the suspect to the station to be detained in custody,” does not violate the Fourth Amendment’s prohibition of unreasonable searches.

Link to Original Source

Using TSO is like kicking a dead whale down the beach. -- S.C. Johnson

Working...