x Take the InfoQ Survey !

Apple Open-sources Three Cryptographic Libraries

by Sergio De Simone on  Oct 31, 2015

Apple has announced they have open sourced three major components in their OSes’ security subsystem. Apple’s announcement has spun some controversy due to the restrictive nature of the license used for one of the libraries.

Internet Security, TLS, and HTTP/2: A Q&A with ThoughtWorks’ Vuksanovic and Gibson

by Daniel Bryant on  Oct 24, 2015

InfoQ recently sat down with Marko Vuksanovic and Sam Gibson from ThoughtWorks, and asked about their recent study of TLS/HTTPS and HTTP/2 that was published in the ThoughtWorks P2 magazine. Both Vuksanovic and Gibson shared their expertise on a range of security-focused topics, including ubiquitous computing, the workings of TLS/HTTPS, certificate trust, and the security implications of HTTP/2.

Symantec Accidentally Leaks Multiple Google SSL Certificates

by Jeff Martin on  Sep 21, 2015

Symantec’s Thawte unit admits that flawed internal practices allowed multiple Google SSL certificates to be released in an unauthorized manner.

AWS s2n: Open-source TLS Implementation in Less than 6,000 Lines

by Sergio De Simone on  Jul 01, 2015

Amazon Web Services has recently introduced s2n, short for “signal to noise”, an open-source implementation of the TLS/SSL protocols that aims to be “simple, small, fast, and with security as a priority”.

ZeroDB Internals and End-To-End Database Encryption

by Alex Giamas on  Apr 09, 2015

In an article published in their blog, ZeroDB team explains how it works. ZeroDB is an end-to-end encrypted database, which means that the database server does not need to be secure for the data to be safe. The way this works is that query logic is being pushed down to the client. The client also holds the decryption keys for data. The client encrypts data with a symmetric key at time of creation

Amazon releases AWS Key Management Service

by Chris Swan on  Dec 05, 2014

At their re:invent 2014 show Amazon launched AWS Key Management Service (KMS), “a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data, and uses Hardware Security Modules (HSMs) to protect the security of your keys”. At launch the service supported EBS, S3 and Redshift. Additional support for Elastic Transcoder was added in late November.

Netflix Releases Open Source Message Security Layer

by Chris Swan on  Nov 24, 2014

Netflix have announced the release of the Message Security Layer protocol (MSL), which they describe as ‘A Modern Take on Securing Communication’. The project is available on github under the Apache 2.0 license, with implementations in Java and JavaScript.

Google to remove support for SSL 3.0

by Alex Blewitt on  Oct 14, 2014 7

Google have announced that they will remove support for the obsolete SSL 3.0 after discovering vulnerabilities that may be exploitable by forcing clients or servers to downgrade. Removing SSL 3.0 may also unlock stalled negotiations with HTTP2. Read on for more details.

CloudFlare Universal SSL - Free Web Security for All

by Chris Swan on  Oct 08, 2014 1

CloudFlare have made SSL available to all free subscribers to its content delivery network (CDN) with Universal SSL. The move addresses both cost and complexity issues that have previously confronted web site and application owners wanting to deploy SSL. CloudFlare takes care of issuing a certificate at no cost to the end user, and enabling SSL becomes a selection from a dropdown menu.

GitHub, BitBucket, Twitter and other Secure Services Affected on Mac OS X By Expired SSL Certificate

by Dio Synodinos on  Jul 27, 2014

On Saturday July 26th, an intermediate certificate issued by DigiCert that was used by online services like GitHub, BitBucket, etc expired. Since this certificate was widely cached in the keychains of many Mac OS X users, this expiration caused any connection via browser or API to raise certificate chain errors.

Cloudera Acquires Big Data Encryption Startup Gazzang

by Jérôme Serrano on  Jul 15, 2014

Hadoop distributor Cloudera pursued its strategy of securing the Hadoop ecosystem by acquiring last month the big data encryption and key management startup Gazzang. The deal will strengthen Cloudera's security offering and lead to the creation of a center of excellence for Hadoop security that will initially be fueled by Gazzang’s engineering team.

Improving Node.js’ SSL Performance at PayPal

by Abel Avram on  Apr 17, 2014

Trevor Livingston, a software engineer working for PayPal, has outlined in a recent post a number of suggestions to improve the outbound SSL performance of Node.js.

Android 4.1.1 Vulnerable to Reverse Heartbleed

by Sergio De Simone on  Apr 15, 2014

Google announced last week that Android 4.1.1 is susceptible to the Heartbleed OpenSSL bug. While Android 4.1.1 is, according to Google, the only Android version vulnerable to Heartbleed, it remains in use in millions of smartphones and tablets. Android 4.1.1 devices have been shown to leak significant amount of data in a "reverse Heartbleed" attack.

Google Cloud SQL now Generally Available

by Chris Swan on  Feb 14, 2014

Google have announced general availability of their Cloud SQL service. At launch the service comes with automatic encryption of customer data, a 99.95% uptime SLA and support for databases up to 500GB in size.

Encrypting Files on Android with Facebook Conceal

by Abel Avram on  Jan 29, 2014 1

Facebook has open sourced Conceal, a set of Java APIs for file encryption and authentication on Android. Conceal uses a subset of OpenSSL’s algorithms and predefined options in order to keep the library smaller, currently being 85KB.

General Feedback
Marketing and all content copyright © 2006-2015 C4Media Inc. hosted at Contegix, the best ISP we've ever worked with.
Privacy policy