Pigskin-Referee writes: At Amazon Web Services, strong encryption is one of our standard features, and an integral aspect of that is the TLS (previously called SSL) encryption protocol. TLS is used with every AWS API and is also available directly to customers of many AWS services including Elastic Load Balancing (ELB), AWS Elastic Beanstalk, Amazon CloudFront, Amazon S3, Amazon RDS, and Amazon SES.
The last 18 months or so has been an eventful time for the TLS protocol. Impressive cryptography analysis highlighted flaws in several TLS algorithms that are more serious than previously thought, and security research revealed issues in several software implementations of TLS. Overall, these developments are positive and improve security, but for many they have also led to time-consuming operational events, such as software upgrades and certificate rotations.
Part of the challenge is that the TLS protocol, including all of its optional extensions, has become very complex. OpenSSL, the de facto reference implementation, contains more than 500,000 lines of code with at least 70,000 of those involved in processing TLS. Naturally with each line of code there is a risk of error, but this large size also presents challenges for code audits, security reviews, performance, and efficiency.
In order to simplify our TLS implementation and as part of our support for strong encryption for everyone, we are pleased to announce availability of a new Open Source implementation of the TLS protocol: s2n. s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, we’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.
Over the coming months, we will begin integrating s2n into several AWS services. TLS is a standardized protocol and s2n already implements the functionality that we use, so this won’t require any changes in your own applications and everything will remain interoperable.
If you are interested in using or contributing to s2n, the source code, documentation, commits and enhancements are all publically available under the terms of the Apache Software License 2.0 from the s2n GitHub repository.
s2n isn’t intended as a replacement for OpenSSL, which we remain committed to supporting through our involvement in the Linux Foundation’s Core Infrastructure Initiative. OpenSSL provides two main libraries: “libssl”, which implements TLS, and “libcrypto,” which is a general-purpose cryptography library. Think of s2n as an analogue of “libssl,” but not “libcrypto.”
Oh and the name? s2n is short for “signal to noise” and is a nod to the almost magical act of encryption—disguising meaningful signals, like your critical data, as seemingly random noise.
Pigskin-Referee writes: June 30, 2015 — Cisco announced its intent to acquire OpenDNS. You can learn more about this exciting announcement on this page. Please find an FAQ below, and links to Cisco’s press release, a letter from our CEO, and other important resources.
Pigskin-Referee writes: Microsoft named its top cloud computing executive, Satya Nadella, as chief executive on Tuesday.
The company also said Bill Gates would step aside as chairman of the board but would remain a technology advisor to the company. John Thompson, who has been the lead independent director, will become chairman.
Nadella's appointment ends a longer-than-expected search for a new leader after Steve Ballmer announced his intention to retire in August.
Nadella is only the third CEO in Microsoft's 39-year history, following co-founder Bill Gates and Ballmer.
The company took to Twitter to introduce its choice as CEO to the world.
Pigskin-Referee writes: The FCC did not have the legal authority to enact 2011 regulations requiring Internet providers to treat all traffic the same, the U.S. Court of Appeals ruled.
WASHINGTON — A U.S. appeals court has struck down the government's latest effort to require internet providers to treat all web traffic equally, meaning mobile carriers and other broadband providers may reach agreements for faster access to specific content crossing their networks.
The Federal Communications Commission's open Internet rules, passed in late 2010, require internet providers to treat all Web traffic equally and give consumers equal access to all lawful content, a principle known as net neutrality.
But the FCC lacked legal authority to enact the regulations, the U.S. Court of Appeals for the District of Columbia Circuit ruled on Tuesday, siding with Verizon Communications Inc that challenged the rules.
Verizon has argued the rules violated the company's right to free speech and stripped control of what its networks transmit and how.
"Even though the commission has general authority to regulate in this arena, it may not impose requirements that contravene express statutory mandates," Judge David Tatel said.
The FCC has classified broadband providers as information service providers as opposed to telecommunications service providers and that distinction created a legal hurdle for the FCC to impose the net neutrality rules.
FCC Chairman Tom Wheeler on Tuesday said the agency was considering "all available options, including those for appeal, to ensure that these networks on which the Internet depends continue to provide a free and open platform for innovation and expression, and operate in the interest of all Americans."
The FCC could appeal the ruling to the full appeals court or to the U.S. Supreme Court. Or it could attempt to rewrite the regulations to clear up its authority over broadband providers — a move urged by consumer advocacy groups.
Supporters of the rules worry that without FCC's rules, internet providers such as Verizon or Comcast Corp would be free to charge websites for faster access to their content or slow down or even block access to particular sites.
"That's just not the way the internet has worked until now," Matt Wood, policy director at public interest group Free Press, told Reuters.
But opponents say the rules inhibit investments, represent government meddling in free Internet and are not necessary to ensure open access to the Internet.
"Today's decision will not change consumers' ability to access and use the Internet as they do now," Randal Milch, Verizon's general counsel and executive vice president for public policy, said in a statement.
"Verizon has been and remains committed to the open Internet which provides consumers with competitive choices and unblocked access to lawful websites and content when, where, and how they want. This will not change in light of the court's decision," Milch said.
Similarly, the Broadband for America coalition representing various internet service providers and CTIA, the wireless industry association, pledged commitments to an open Internet.
Major content providers Netflix Inc and Google Inc who may face new hurdle referred inquiries to the Internet Association representing them.
"The Internet Association supports enforceable rules that ensure an open Internet, free from government control or discriminatory, anticompetitive actions by gatekeepers," the group's President and CEO Michael Beckerman said.
Facing strong resistance from Republicans, Democratic lawmakers on Tuesday pledged to help FCC redraft its rules to regain authority over broadband providers.
Pigskin-Referee writes: Caixa Econômica Federal Turns to Microsoft Solutions for Cost Savings and Improved Interoperability
Established in 1861, Caixa Econômica Federal is not just a bank, it’s an institution that impacts the lives of millions in Brazil. The 100% public company has a key role in promoting urban development and social initiatives across country, giving priority to sectors such as housing and public services and contributing significantly to improve the lives of citizens, especially those of low income.
Recently, Caixa was looking to significantly revitalize its IT solutions to support growth, accelerate decision making, and take advantage of the transformative benefits of cloud solutions and mobile integration. At the same time, they needed to ensure new technologies would work well with existing IT investments, including open source software.
Caixa decided to implement a robust suite of Microsoft solutions, including Windows Server 2012, Windows 8, and Office, to better support its 118,000 employees and 3,000 branches. Now Caixa is realizing a broad range of efficiency improvements – from streamlined communications to enhanced mobile productivity to significant cost savings.
In one year there have been impressive results, including the migration of 140,000 mailboxes, almost 40,000 desktops running Windows 8, and 100,000 users migrated from ISA Sever to Forefront Threat Management Gateway (TMG) Server using Microsoft Reputation Services (MRS).
Employees and management alike are pleased with the improved functionality and business agility. “I believe this will revolutionize the way we work at Caixa,” said Marcelo Xavier, IT Consultant at Caixa.
Caixa’s new Microsoft solutions integrated well with their existing IT, including some legacy and open source solutions, such as OpenLDAP, Expresso Email, Apache web server and PostGreSQL.
Caixa is representative of a broader trend of previously open source customers embracing Microsoft technologies, or a mix of Microsoft and open source solutions. We’re fortunate to regain their business, as organizations have seen Microsoft investing heavily in work with open source vendors and communities, in supporting standard document formats like ODF, in building rich integration with Linux on the desktop and the server, and in mainstreaming the new stack of web standards like HTML5. They like that we have made a commitment to ensure our technology works well with others, combined with the overall platform value we deliver.
Pigskin-Referee writes: Microsoft Office Mobile is the official Office companion optimized for your Android phone. You can access, view and edit your Microsoft Word, Microsoft Excel and Microsoft PowerPoint documents from virtually anywhere. Documents look like the originals, thanks to support for charts, animations, SmartArt graphics and shapes. When you make quick edits or add comments to a document, the formatting and content remain intact.
Pigskin-Referee writes: Those who qualify for TechNet get access to nearly all of Microsoft's software (Office for the Mac being a notable exception), with a limited number of license keys for each application. Microsoft's recently announcement stated that TechNet users could buy or renew a one-year subscription through Aug. 31.
Microsoft hasn't specifically stated that software piracy is the root cause of TechNet's demise. But there's no doubt that a significant number of TechNet subscribers have abused the service. In truth, the program has been rife with petty-level pirating for all of its nearly 20 years.
Back in the early days, packs of TechNet CDs arrived in the mail. It was like manna from the mother ship. And those CDs got passed around.
Today, TechNet's many offerings are simply downloaded as easily copied and shared ISO files. For the most part, the downloads are managed through a sort of honor system. That makes it easy for some subscribers to game the system — i.e., download genuine copies of Microsoft software along with perfectly legitimate keys and then either give the software to family and friends or sell it at the local flea market. Undoubtedly, a few unscrupulous PC resellers sold systems with free TechNet software keys — and charged their customers "discounted" application fees.
Pigskin-Referee writes: The Supreme Court on Monday upheld the police practice of taking DNA samples from people who have been arrested but not convicted of a crime, ruling that it amounts to the 21st century version of fingerprinting.
The ruling was 5-4. Justice Antonin Scalia, a conservative, joined three of the court’s more liberal members — Justices Ruth Bader Ginsburg, Sonia Sotomayor and Elena Kagan — in dissenting.
The five justices in the majority ruled that DNA sampling, after an arrest “for a serious offense” and when officers “bring the suspect to the station to be detained in custody,” does not violate the Fourth Amendment’s prohibition of unreasonable searches.
Pigskin-Referee writes: WASHINGTON — The Supreme Court has sustained Monsanto Co.'s claim that an Indiana farmer violated the company's patents on soybean seeds that are resistant to its weed-killer.
The justices, in a unanimous vote Monday, rejected the farmer's argument that cheap soybeans he bought from a grain elevator are not covered by the Monsanto patents, even though most of them also were genetically modified to resist the company's Roundup herbicide.
Justice Elena Kagan says a farmer who buys patented seeds must have the patent holder's permission. More than 90 percent of American soybean farms use Monsanto's "Roundup Ready" seeds, which first came on the market in 1996.
Pigskin-Referee writes: Microsoft’s crusade to lock Linux companies into patent protection deals has netted Redmond’s first service provider.
Amdocs Software Systems is paying Microsoft to license undisclosed Redmond patents in a deal that "provides mutual access to each company’s patent portfolio".
The deal extends to the Linux servers running in Amdoc’s data centres, with the unidentified boxes receiving a licence under Microsoft’s patent portfolio. Specific terms of the deal were not announced, including how much Amdocs will pay Microsoft.
Until now, Microsoft has focused its efforts on device makers whose systems run Android Linux – HTC, General Dynamics Itronix, Onkyo Corp and Velocity Micro – in addition to Acer, ViewSonic and Casio. To our knowledge, this is Microsoft’s first strike at the server market. Amdocs specialises in customer and network management and service delivery systems for operators such as cable TV companies.
A gifted computer scientist, Mayer suspected that online advertisers might be getting around browser settings that are designed to block tracking devices known as cookies. If his instinct was right, advertisers were following people as they moved from one website to another even though their browsers were configured to prevent this sort of digital shadowing. Working long hours at his office, Mayer ran a series of clever tests in which he purchased ads that acted as sniffers for the sort of unauthorized cookies he was looking for. He hit the jackpot, unearthing one of the biggest privacy scandals of the past year: Google was secretly planting cookies on a vast number of iPhone browsers. Mayer thinks millions of iPhones were targeted by Google.
Pigskin-Referee writes: Google Inc Chief Executive Larry Page has reassured employees about his health, but the company on Friday shed little additional light on an unspecified condition affecting his voice that will sideline him from two high-profile events in the coming weeks.
Page told employees in an email on Thursday that there was "nothing seriously wrong with me," according to a source who had seen an internal staff memo.
The 39-year-old Google co-founder sat out his company's annual shareholders' meeting on Thursday because he had "lost his voice," according to Google Executive Chairman Eric Schmidt, who informed attendees of the news at the start of the event.
Pigskin-Referee writes: Britain's data regulator has reopened its investigation into Google's Street View, saying Tuesday that an inquiry by authorities in the United States raised new doubts about the disputed program.
Steve Eckersley, enforcement chief of the British Information Commissioner's Office, said Google Inc. had questions to answer about Street View, an attention-grabbing project which sent camera-toting vehicles across the globe to create three-dimensional maps of the world's highways and byways.
But the cars weren't just taking pictures: They were scooping up passwords, Web addresses, emails, and other sensitive data transmitted over unsecured wireless networks.
There was outrage on both sides of the Atlantic when the data-slurping was exposed in early 2010, and the Information Commissioner's Office was one of several European agencies which investigated Street View in the aftermath of the scandal. But in November of that year, the ICO gave Google a mere slap on the wrist, saying that while Google had violated British data protection laws it would escape any fines so long as it pledged not to do it again.
At the time, Google insisted that the breach was an accident.
"We did not want this data, have never used any of it on our products and services, and have sought to delete it as quickly as possible," the company claimed back then.
Evidence made public earlier this year by the Federal Communications Commission has since punctured Google's "oops-I-took-your-data" defense.
Pigskin-Referee writes: Microsoft’s decision to remove support for playing DVD movies in Windows 8 has caused some confusion. If the VLC media player can provide DVD support for free, why can’t Microsoft? For starters, Microsoft isn’t French.
Microsoft announced this week that Windows 8 will not support playback of DVD movies unless you explicitly add software that supports that feature.
The economic reasons for doing so are compelling (see Microsoft’s follow-up FAQ for details ), but it’s also a potentially disruptive move for some Windows enthusiasts. So it’s not surprising that some of the initial reactions have been heated and even angry.
I look at the big numbers and walk through the math in a follow-up post; How much do DVD and digital media playback features really cost?