Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:WebRTC (Score 1) 237

Not for ever - they are working on a method of doing bridge-based WebRTC which is nevertheless end-to-end secure - see https://datatracker.ietf.org/w... . AIUI, the way it works is that it established point-to-point encrypted tunnels between the endpoints for key distribution so the bridge isn't able to decrypt the data even if it wanted to, and yet, you don't need N->N transmission of streams.

Gerv

Submission + - Mozilla Offers More Money To Open Source Projects (mozilla.org)

Gerv writes: Last year, Mozilla started a fund to provide financial support to open source projects they use or rely on, to the tune of $1M. Now, they've extended the program with another $1.25M, and any open source project can apply — as long as what it's doing furthers the Mozilla mission, in the eyes of the awards committee. Deadline for the first round of applications is May 31st.

Comment Re:Choice of words? (Score 1) 86

"What I don't understand (and maybe because I haven't looked too hard) is what "Old POS terminals" have to do with Mozilla."

The certificates they are using chain up to publicly-trusted roots, and so are covered by Mozilla's policies. In 20-year hindsight, that was a bad idea, but it was a decision taken a long time ago.

Comment Re:Current version of Firefox is not vulnerable (Score 3, Informative) 95

Firefox fixed this issue in Firefox 43, not in 44.0.2. In particular, it was "fixed" in Firefox by updating to a version of libgraphite that did not have the problem, and this happend before the issue was even reported to libgraphite.

Hence no CVE for Firefox 43 or 44, because they were never vunerable, and no CVE for Firefox 42, because it was long-superseded by the time the vulnerability was even reported.

The CVE, if you note, is for Firefox 38 ESR, which _was_ vulnerable until the 38.6.1 release.

Slashdot Top Deals

An adequate bootstrap is a contradiction in terms.

Working...