News

The H-Online: Google plans to turn off online checks for SSL certificate validity in its Chrome browser soon, according to a blog post by Adam Langley, the developer in charge of that element of the browser. Instead, the browser will use the update mechanism to receive lists of revoked certificates. When browsers make a connection, they check whether the certificate presented by the server has already been blocked by the certificate authority, using either the certificate authority’s certificate revocation lists (CRLs) or, directly and interactively, the Online Certificate Status Protocol (OCSP). But that whole process has never been completely reliable, since, if the browser isn’t certain of the validity – if, say, an OCSP request doesn’t work – it simply “looks the other way”. Otherwise, there would be too many false alarms. ...

SophosLabs: The United States, which currently forbids government workers or soldiers to use smartphones to send classified messages, is preparing a modified version of Google’s Android operating system that will meet its security certifications. According to CNN, the army has been testing touchscreen devices at U.S. bases for almost two years. Forty phones were sent to soldiers overseas last year, and another 50 phones and 75 tablets are scheduled to ship to soldiers in March. ...

Mashable: Google just debuted a project dedicated to attacking some of the biggest problems facing civilization, such as global warming, and proposing “radical” ideas for solving them. Solve for X Called “Solve for X,” the idea resembles TED (Technology Entertainment and Design), the series of conferences that feature industry leaders exploring big-picture ideas and how they can improve society. Solve for X, however, appears to be more focused on global problems, using them as opportunities to encourage “moonshot” thinking. ...

gHacks: Users of the popular Bittorrent indexing website BTJunkie who try to access the site’s content in a web browser are not seeing the usual site layout, but a goodbye message instead. The message states that the site operators have decided to close down the service voluntarily after more than seven years of operation. No reason other than that is provided, but it is likely that the decision is linked to recent events, in particular the Pirate Bay case in Sweden where founders of the site recently lost the final appeal and are looking at prison time, and the Megaupload takedown and the fallout that followed. ...

SophosLabs: Microsoft’s Ryan Gavin announced a new strategy to keep the web safe… Keep your Internet Explorer up to date. It is great news for Windows users who don’t appreciate the importance of staying up to date. Microsoft has been struggling with browser stragglers for years. They even ran their own campaign comparing IE 6 to spoiled milk including shameful infopr0n. Old versions of IE leave a considerable number of users vulnerable to old exploits, or in their parlance easy targets. ...

Protect the Internet Help us stop the Internet Blacklist Legislation Mozilla: On November 16th, Congress holds hearings on the first American Internet censorship system. This bill can pass. If it does, the Internet and free speech will never be the same. Join us to stop this bill. Why? A few infringing links are enough to justify censoring an entire site, blocking good content along with the bad. ...

Personally I’ve a feeling facebook is learning too much from Google Plus and its becoming too Google Plus-ish!, As we see they have created new style of lists (give me a feeling like Google Plus circle), redesigned images, new privacy options like Google plus and many more, and now Mashable wrote: Facebook to Launch “Major” Profile Redesign at f8 Here’s what we know so far about the profile redesign: ...

The H-Security: The BitTorrent company has confirmed that its uTorrent servers were hacked on Tuesday 13 September and, for almost two hours, anyone downloading the uTorrent client software from the servers received a scareware fake anti-virus package instead. The malware package has been identified as belonging to the “Security Shield” family of scareware; once installed, it falsely informs a user that malware has been detected on their machine and requests payment in order to clean the system. ...

SophosLabs: Following the widely-publicised disgrace of Dutch digital certificate issuer DigiNotar, a person calling himself ComodoHacker claimed that he’d breached four other Certificate Authorities (CAs), too. Only one of these CAs was named: GlobalSign, the world’s fifth-biggest issuer of digital certificates. In my opinion, GlobalSign would have been justified in ignoring this claim altogether. It comes across as a stream of made-up, self-serving puffery, including bluster like this: You see? I’m so smart, sharp, dangerous, powerful, etc. huh? ...

Google Chrome Blog: It’s that time of the year again for the Chrome team, when we pause on our anniversary to reflect on the amazing life and times of the web. It’s hard to believe that it’s already been three years since we launched our open source web browser, Chrome. In that time, the web community has continued to inspire us, bringing the power of the web into all kinds of apps and experiences, with all modern browsers making great strides in speed, simplicity and security. To pay homage to the goodness of the web, we’ve put together an interactive infographic, built in HTML5, which details the evolution of major web technologies and browsers: ...