Submission + - Security.txt Standard Proposed, Similar to Robots.txt (bleepingcomputer.com)

An anonymous reader writes: Ed Foudil, a web developer and security researcher, has submitted a draft to the IETF — Internet Engineering Task Force — seeking the standardization of security.txt, a file that webmasters can host on their domain root and describe the site's security policies. The file is akin to robots.txt, a standard used by websites to communicate and define policies for web and search engine crawlers.

For example, if a security researcher finds a security vulnerability on a website, he can access the site's security.txt file for information on how to contact the company and securely report the issue. According to the current security.txt IETF draft, website owners would be able to create security.txt files that look like this:

#This is a comment
Contact: security@example.com
Contact: +1-201-555-0123
Contact: https://example.com/security
Encryption: https://example.com/pgp-key.tx...
Acknowledgement: https://example.com/acknowledg...
Disclosure: Full

Submission + - The Pirate Bay is secretly running a Bitcoin miner in the background (betanews.com)

Mark Wilson writes: When it comes to the Pirate Bay, it's usually movie studios, music producers and software creators that getannoyed with the site — you know, copyright and all that. But in an interesting twist it is now users who find themselves irked by and disappointed in the most famous torrent site in the world.

So what's happened? Out of the blue, the Pirate Bay has added a Javascript-powered Bitcoin miner to the site. Nestling in the code of the site is an embedded cryptocurrency miner from Coinhive. Users who have noticed an increase in resource usage on their computers as a result of this are not happy.

Submission + - AP Computer Science A Exam Growth Fell as Easier AP CSP Course Launched

theodp writes: According to recently-released College Board AP Program Data, the year-over-year percentage growth in the number of high school students taking the AP Computer Science A Exam in 2017 fell to a nine-year low despite a massive national private/public effort to promote K-12 CS. Touted as "the fastest growing A.P. course" just last April by the NY Times, AP Computer Science A saw only 2,582 more exams administered in 2017 than in 2016, or 4.5% YOY growth. The AP CS A growth slowdown occurred as students embraced AP Computer Science Principles (CSP), a new course created by the College Board at the urging of the NSF to address AP CS A's failure to attract many girls or underrepresented minorities. Computer Science Principles, explained the Times (which dubbed the course Coding Lite), is less coding heavy, more project-oriented and strives to be real-world relevant. Over 44,000 students took the AP CSP exam in its inaugural year, and students enjoyed a pass-rate of 74.5%. As it killed the more rigorous AP CS AB exam in 2008, the College Board cited "our intensified commitment to AP Computer Science A." But with support from the likes of Microsoft, Google, Facebook, and tech-bankrolled Code.org, could the success of AP CSP spell the death knell for AP CS A and perhaps ultimately even Java?

Slashdot Top Deals