Site News

Mozilla Launches BrowserID to Combat OpenID and Passwords

The Mozilla Foundation, creators of the FireFox suite of Web tools has announced the new Identity Management system called BrowserID. According to Mozilla BrowserID wil make passwords a thing of the past and unique identification as easier as verifying your email address.

BrowserID unlike the competing OpenID allows users to use multiple IDs for different sites and removes the indentity provider out of your session, increasing the level of privacy available to uers. Mozilla spokesmen say thee are three major goals for BrowserID including:

  • Decentralized - A user's authentication to a website occurs in relative isolation. No network transactions with third parties are needed, so it is efficient and privacy-protecting. Additionally, any email address may be used, and any email provider may provide first class BrowserID support for their users.
  • Ownership-Based Authentication - In BrowserID, the browser manages authentication material which can be used without a password - making authentication with BrowserID more reliant on ownership factors, and less on knowledge factors.
  • Usable today, and better tomorrow - An HTML5 implementation provides a functional system today, and BrowserID is designed with adoption by browser vendors in mind. Native support in browsers will afford improvements in both user experience and security.

BrowserID uses asymmetric cryptography and digital signatures to allow browsers to create signed assertions about the user's identity, and by identity providers to vouch (via signing of a key-email pair) for a user's identity in a disconnected fashion. BrowserID uses cross document messaging to communicate between documents served from different domains, which makes a usable implementation of BrowserID possible right now without modifications to existing browsers.

 

These features mean that BrowserID will support every platform by using a Public\Private key Pair. The ISP or identity manager retains the Public Key while the Private key is kept on the user's system. By querying this key, the web site can authenticate users without a need for maintaining passwords; a major source of security issues on the Internet at present with users choosing easily decyphered passwords. This will remove the need for complexity checks and salted passwords.

A system like this may have prevented the recent spree of hacks by the group known as Anonymous (LulzSec\Anti-Sec) by requiring the email of the user which will be unique and verifiable by simple Telnet commands. 

 

Many projects are already underway to enable BroswerID on sites like WordPress and languages such as PHP. Mozilla promises to eable every type of alternate authenication a spossible so that sites can use oth BrowserID and traditional login methods. I feell that this is a boon for security and privacy on an Internet fraught with pitfalls. And to keep witht he Open Source nature of FireFox, the system will work with all major browserws with no changes.

 

For more info visit here and here

Internet Explorer The Best At Blocking Malware?

That's the report coming out of NSS Labs' latest showdown. According to the site:

In Q2 2011, NSS Labs performed the first test of web browser protection against socially-engineered malware targeting European users. Socially Engineered Malware remains the most common security threat facing Internet users today and European users have found themselves particular targets of malware authors over the last 12 months. According to the EU’s statistics office, Eurostat, almost one third of internet users in the European Union were victims of malware infections in 2010 despite the majority having security software installed.

Several different types of malware was tudied over the period from Q2 2010 to  Q2 2011. Browsers tested included:

Apple Safari 5, Google Chrome 10, Internet Explorer 8 Internet Explorer 9, FIrefox 4, Opera11

From the report:

According to the EU’s statistics office, Eurostat, almost one third of internet users in the European Union  were victims of malware infections in 2010 despite the majority having security software installed. Of the 27 EU countries surveyed (totaling over 200,000 users), those with the highest malware infections include Bulgaria (58%), Slovakia (47%), Hungary (46%), Italy (45%) and Estonia (43%.)

The SmartScreen Filter protection offered by Windows Internet Explorer 9 has two components: URL Reputation, which is included in IE8 and Application Reputation, which is new to IE9.  IE9 caught an exceptional  92% of the live threats with SmartScreen  URL  reputation, and an additional 8% with Application Reputation.   IE9 with SmartScreen offers the best protection of any browser against socially engineered malware.  Protection against malware targeting European users matched our broader findings from the Q3 2010 global test.Windows  Internet Explorer 8  caught 90% of the live threats, an exceptional score that also matched our broader findings from the Q3 2010 global test.Apple Safari 5 caught 13% of the live threats.  Protection offered was near identical to that of Chrome and Firefox.Mozilla Firefox 4 caught 13% of  the  live threats,  far fewer than Internet Explorer 8 or Internet Explorer 9.  Results were 6% less than the 19% protection rate observed in our Q3 2010 global test, indicating either an overall drop in protection for Firefox or regional weakness in Europe.Google Chrome 10 caught 13% of the live threats, considerably more than the 3% observed during the Q3 2010 global test and a welcome improvement.Opera 11 caught 5% of the live threats, providing a measurable amount protection against sociallyengineered malware for the first time.

 

So according to this report, MS didn't stop with the desktop when they began to overhaul Windows security. But then when Bil Gates is said to get millions of spammails everyday, you do have a lot of opportunity to test many different "strains." It would seem as though education would solve even more of these issues. If more peopel were aware of malware and how it's spread there would much less opportunity for users and corporatiosn to be burdened by the existence of such malware and exploits.

 

Click here for the Full Report (PDF)

Adobe Releases 64-bit Flash with 7.1

After nearly a year, Adobe has released it's first 64 bit version of the popular Flash software and tools. This release supports Windows, Mac and Linux distros. New features in the software include

  • 64-bit OS support
  • 7.1 Surround sound
  • Stage3D for rue GPU accelereated models
  • G.711 audio compression for telephony
  • H.264/AVC SW Encoding
  • Socket Progress Events for creating FTP like applications with buffer support
  • Asynchronous bitmap decoding which enables faster page loading

There are also many updates to the AIR runtime to enable a more seamless experience across devices, operating systems.

Click here to download the Beta

I Just Cancelled My Clear 4G

Well I just cancled my Clear 4G account.  It started off great.  I was getting 20mb download speeds on my mobile device, and although my home Motorola modem was flaky after first it started working fine.  Well then the fun comes.  As 4G devices get more popular it was clear that in Central Austin, North Central or Allendale to be more precise, there was too many users, and not enough bandwidth.  If I wanted to stream Netflix forget about it.  If I wanted to stream my security cameras from Tek Republik, well, forget that too.  Then the heat of the Summer came, and in addition to Clear throttling Netflix, or anything, it became obvious that the towers were going down, and it has been widely theorized that this was due to the heat.  What was a great deal for two devices at $55 a month for unlimited bandwidth is no longer the case.  

I'm trying Time Warner again 35MB down, and 5MB up for $49.99 in the hopes it works right.  It is going to take them a whopping 11 days to get the install done, and I can not do it apparently.  I don't like that at all.

Grande and Uverse are available across 2222 from me at my sisters house.  Grande has 110MB down for $110 a month.  Yeah, I'm not joking.  I've been trying to get Grande for 5 and half years, as long as I've had their fiber at Tek Republik.  They have not moved past 2222 in that amount of time.  Literally a few hundred feet.  So why are we stuck with Time Warner, or ATT DSL in Allendale?  Why after 5 years is there still no fiber.  Why can't they cross the road?  After spending hours on the phone yesterday with ATT, and Grande, I have no answers.

What I do have though is a lawyer and a porn video company claiming we torrented a racy video over Clear, and distributed it, and we owe them $50.  I don't use torrent.  Sorry, it is full of viruses.  What I do is stream video.  In fact I never downloaded MP3s, and I couldn't care less about watching movies.  I don't have the spare time to manage data. I have two businesses to run.  I have a daughter to raise, and a child on the way.  I want to stream.  Of course I think my extensive DVD, CD, and Blu Ray collection attests to that.  As does my Netflix, Pandora, Hulu, Amazon Video, and Last.FM.  

So who pulled this video down?  Is it someone who hacked my network?  Is it a past roomate?  Its not my 6 year old daughter.  It is not my wife.  It is not me.  My laptop at home is used for email, Netflix, and for my daughter to play games.  In fact since I've gotten a Roku it has mostly been used for email, and web browsing.  Not that I'm ever home.  I'm usually at work or onsite somewhere.  Anyway, if you get a call from 786-879-7449 its probably them.  Some anonymous lawyer aid with no real proof you did anything.  I'm going to fight it.  

GLOBALFOUNDRIES 28nm Design Ecosystem

As reported by SemiWiki GF is set to present their new 28nm HKMG process and ecosystem at DAC in San Diego next week.

 

“We have been in production of real HKMG products for months,” said Mojy Chian, senior vice president of design enablement at GLOBALFOUNDRIES. “We have been leveraging this experience by collaborating with ecosystem partners to build this knowledge into the design infrastructure and tools we provide to customers at 28nm. This focus on early design-technology co-optimization and silicon validation will translate to accelerated time-to-market for the next generation of power-sensitive consumer electronics and mobile devices.”

 

More Articles...

Page 5 of 61

5
Sunday, November 23, 2014

Login Form



Who's Online

We have 708 guests online