Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

Submission + - 'Let's Encrypt' project to issue first free digital certificates next month->

An anonymous reader writes: Let’s Encrypt, the first free and open certification authority, will launch to the general public in September, with its first digital certificates issued over the next month. The project is funded by the Internet Security Research Group (ISRG), a new Californian public-benefit group backed by leading tech firms including Mozilla, The Electronic Frontier Foundation (EFF) and Cisco. The platform was announced by the consortium last year with the goal of offering SSL certificates free of charge, promoting the importance of encryption and HTTPS for a secure cyberspace. Let’s Encrypt’s root certificate will be cross-signed by IdenTrust, a public key CA owned by smartphone government ID card provider HID Global. Website operators are generally hesitant to use SSL/TLS certificates due to their cost. An extended validation (EV) SSL certificates can cost up to $1,000. It is also a complication for operators to set up encryption for larger web services. Let’s Encrypt aims to remove these obstacles by eliminating the related costs and automating the entire process.
Link to Original Source

Submission + - Pirate Party founder Rick Falkvinge launches news service->

lillgud writes: Rick Falkvinge, the founder of the first Pirate Party, unveiled a news service to compete against "old media". The storys will be maximum three sentances and distributed as images, thus avoiding ad block. The service is targeted to be operational in Q3 and each writer will be payed in accordance to a revenue sharing model and the calculations points towards each writer targeted to receive €125/month for 12 sentances.
Link to Original Source

Comment Re:If Only (Score 1) 25

Well, it actually doesn't, at least not reliably. With the ability to retroactively alter history, you can never be 100% sure that someone didn't sneak a change into the repository without reviewing every line of every diff. Have fun!

Yes it does. It's called signed tags.

Comment A small step in the right direction (Score 1) 138

I consider this to be really good news, although the Facebook mails might not be the number one prio for applying encryption... besides when used for password recovery.

First it raises awareness about PGP which might cause more people to use PGP to encrypt and sign their emails.
Secondly I hope that more communities (LinkedIn, Twitter etc) follow this and thus raises even more awareness.

When will /. implement a similar mechanism?

Submission + - Facebook Now Supports PGP To Send You Encrypted Emails

An anonymous reader writes: You can now have Facebook encrypt email it sends to you by adding your PGP key to your profile. The PGP feature is "experimental" and will be rolled out slowly. The announcement reads in part: "...today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to 'end-to-end' encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications."

Submission + - Swedish Police Raid The Pirate Bay Again. ->

o_ferguson writes: TorrentFreak is reporting that police in Sweden carried out a raid in Stockholm today, seizing servers, computers, and other equipment. At the same time The Pirate Bay and several other torrent-related sites disappeared offline. Although no official statement has been made, TF sources confirm action against TPB. This is not the first time that this has happened.
Link to Original Source

Comment Re:quick question (Score 2) 212

Irrelevant.
The "certificate authority that issues free certificates to any website" can actually be one or many of the CAs that is popular today. This is just a new protocol for the way to get a certificate signed by one of these CAs. So if some CA issues as a cert to the NSA for your domain right now there is nothing here that prevents that CA for doing it when using this new protocol.

Submission + - A book on node.js worth to read->

piyasde writes: This book was written with an application development and deployment in mind, which is very helpful for developers.
I have done some intranet based applications with node.js in past. Also I have used redis in my other projects. As I have read the book, I acquired knowledge of socket.io, rabbitmq which I had not used earlier.

This book covers topic like handling CSRF (Cross Site Request Forgery), Login with Social Media Accounts (Google,Facebook) using passport.js, Demo Server starting with Python, Session handling, front end tools integration with bower (package manager) etc which are useful in real world business applications.

I have not digged fully with Dom handling with Backbone and React chapter, where I have replaced my frontend with Angular.js.

At the end of the book, there are two extremely helpful chapters like – Javascript Development best practices and debugging and troubleshooting of javascript application.

Link to Original Source

Comment Re:I got an idea (Score 1) 326

No need. FRA will not just monitor email, sms and telephone traffic -- they will also monitor "normal" surfing. This is a much simpler way to (perhaps) trigger some alarms:
#!/bin/sh
WORDS="bomd nuclear+bomb jihad destroy+the+Swedish+government bomb+assembly+guide kill+Fredrik+Reinfeldt"
for i in $WORDS; do
wget -U 'fittfra' http://www.google.com/search?q=$i
done

"More software projects have gone awry for lack of calendar time than for all other causes combined." -- Fred Brooks, Jr., _The Mythical Man Month_

Working...