Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
Mozilla

Submission + - Mozilla Asks All CAs to Audit Security Systems (threatpost.com)

Submitted by Trailrunner7
Trailrunner7 writes: Already having revoked trust in all of the root certificates issued by DigiNotar, Mozilla is taking steps to avoid having to repeat that process with any other certificate authority trusted by Firefox, asking all of the CAs involved in the root program to conduct audits of their PKIs and verify that two-factor authentication and other safeguards are in place to protect against the issuance of rogue certificates.

Mozilla officials have notified all of the CAs involved in the organization's trusted root program for Firefox that they need to perform the audits and other required actions within the next eight days and send the results to Mozilla. The message, also posted to the Mozilla developer security policy group on Google, sends a clear message that Mozilla officials have little interest in seeing a rerun of the DigiNotar episode with another certificate authority.

Submission + - Marlinspike's solution to the SSL CA problem (convergence.io)

Submitted by Trevelyan
Trevelyan writes: In his Blackhat talk on the past and future of SSL (you can find the video and slide if you really try, or just buy them from BH) Moxie Marlinspike explains the problems of SSL today, and the history of how it came to be so. He then goes on to not only propose a soution, but he's implemented it as well: Convergence, it'll let you turn off all those untrustable CAs in you browser and still safely use HTTPS. It even works with self-signed certificates. You still need to trust someone, but not forever like CAs. The system has 'Notaries', which you can ask anonymously for their view on a certificates authenticity. You can pool Notaries for a consensus, and add/remove them at any time.
Open Source

Submission + - Automatic spelling corrections on Github

Submitted by Anonymous Coward
An anonymous reader writes: Github projects may be seeing a different kind of contributor than normal, a small little bot is now crawling projects contribution spelling corrections. It builds on top the github API and existing documentation style checking code. Future directions for the project look beyond spelling mistakes and at automated bug fixing on a large scale.
Image

Your Browser History Is Showing 174

Posted by samzenpus from the wasted-days-and-wasted-art dept.
tiffanydanica writes "For a lot of us our browser history is something we consider private, or at least not something we want to expose to every website we visit. Web2.0collage is showing just how easy it is (with code!) for sites to determine what sites you visit. When you visit the site it sniffs your browser history, and creates a collage of the (safe for work) sites that you visit. It is an interesting application of potentially scary technology (imagine a job application site using this to screen candidates). You can jump right into having your history sniffed if you so desire. While the collages are cool on their own merit, they also serve as an illustration of the privacy implications of browser history sniffing."
Privacy

Submission + - Your browser history is showing

Submitted by tiffanydanica
tiffanydanica writes: For a lot of us our browser history is something we consider private, or at least not something we want to expose to every website we visit.Web2.0collage is showing just how easy it is (with code!)for sites to determine what sites you visit. When you visit the site it sniffs your browser history, and creates a collage of the (safe for work) sites that you visit. It is an interesting application of potentially scary technology (imagine a job application site using this to screen candidates). You can jump right into having your history sniffed if you so desire. While the collages are cool on their own merit, they also serve as an illustration of the privacy implications of browser history sniffing.

Slashdot Top Deals

Men take only their needs into consideration -- never their abilities. -- Napoleon Bonaparte

Close