Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Game over for WoSign and Startcom? (google.com) 1

Zocalo writes: Over the last several months Mozilla has been investigating a large number of breaches of what Mozilla deems to be acceptable CA protocols by the Chinese root CA WoSign and their perhaps better known subsidiary StartCom, whose acquisition by WoSign is one of the issues in question. Mozilla has now published their proposed solution (GoogleDocs link), and it's not looking good for WoSign and Startcom. Mozilla's position is that they have lost trust in WoSign and, by association StartCom, with a proposed action to give WoSign and StartCom a "timeout" by distrusting any certificates issued after a date to be determined in the near future for a period of one year, essentially preventing them issuing any certificates that will be trusted by Mozilla. Attempts to circumvent this by back-dating the valid-from date will result in an immediate and permanent revocation of trust, and there are some major actions required to re-establish that trust at the end of the time out as well.

This seems like a rather elegant, if somewhat draconian, solution to the issue of what to do when a CA steps out of line. Revoking trust for certificates issued after a given date does not invalidate existing certificates and thereby inconvenience their owners, but it does put a severe — and potentially business ending — penalty on the CA in question. Basically, WoSign and StartCom will have a year where they cannot issue any new certificates that Mozilla will trust, and will also have to inform any existing customers that have certificate renewals due within that period they cannot do so and they will need to go else where — hardly good PR!

What does Slashdot think? Is Mozilla going too far here, or is their proposal justified and reasonable given WoSign's actions, making a good template for potential future breaches of trust by root CAs, particularly in the wake of other CA trust breaches by the likes of CNNIC, DigiNotar, and Symantec?

Submission + - SPAM: How to unlock iphone

jetbabies96 writes: People sometime got stuck in unlocking of their device. Then they try different things to sort out problem. They simply look for free unlock of their device. Iphone users look for the free iphone unlock. Different software has been developed in this regard. The user only has to download the software and leave the remaining work to the software. The main steps for free iphone unlock are very simple.
Link to Original Source

Submission + - Careful, we might nuke you: The consequences of rejecting a nuclear no-first-use (thebulletin.org)

Lasrick writes: Since developing nuclear weapons in 1945, the United States has maintained the right to use them first against another country, regardless of whether that country launched a nuclear attack at the US. Over the past several months President Obama has considered changing that “first-use” optional policy to one under which the US declares that it will only use nuclear weapons in response to a nuclear attack, a 'no-first-use' posture. Press reports now assert that key members of the president’s cabinet all opposed the move, including Defense Secretary Ashton Carter, Secretary of State John Kerry, and Secretary of Energy Ernest Moniz. There are reasonable arguments on both sides of the no-first-use debate, but unfortunately, there may be negative consequences for raising the issue publicly and then rejecting it. Nuclear security expert James Doyle explains what those consequences are.

Submission + - Would you live in a wooden skyscraper? (sciencemag.org)

sciencehabit writes: Scientists and architects across the globe are trying to adapt wood, one of the oldest building materials, for the demands of the modern city. Spurred by new ways to work with wood and concerns about the environmental toll of urban construction, they are trying to push the limits of height for wood construction and win wider acceptance for its use. Engineers have conceived designs for soaring wooden skyscrapers that, at up to 80 stories, would rival their steel-framed cousins. But wood’s true potential for 21st century cities is likely to emerge in the lab, where scientists are conducting myriad torture tests on new designs for wooden walls, beams, ceilings, and floors. Their goal: to see whether wood can overcome concerns about fire safety and strength that, in the past, have consigned wood to low-rises and single family houses.

Submission + - Microsoft ends Tuesday patches (helpnetsecurity.com)

An anonymous reader writes: Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install. Furthermore, these new ‘monthly update packs’ will be combined, so for instance, the November update will include all the patches from October as well.

Slashdot Top Deals

Just go with the flow control, roll with the crunches, and, when you get a prompt, type like hell.

Working...