InfoQ Homepage Encryption Content on InfoQ
-
NGINX Plus Release 18 Available with Support for Dynamic Certificate Loading
NGINX has released version 18 (R18) of NGINX Plus, their all-in-one load balancer, content cache, and web server. This release includes support for dynamic certificate loading, enhancements to their OpenID Connect implementation, and the ability to specify port ranges for virtual servers.
-
Adiantum Brings Disk Encryption to Low-End Smartphones
Adiantum is a new encryption algorithm for low-end smartphones, smartwatches, and other Android Pie devices that are too slow to use the Advanced Encryption Standard (AES) standard for storage encryption.
-
SaaS Platform for Managing Configurations Enters Private Beta
Config is a new SaaS offering for managing configuration files. Created by Bien David in 2017, the company looks to simplify how teams store and access configurations used by systems, apps, modules, environments, and server instances. InfoQ spoke to the team behind Config to learn more about how these problems are solved.
-
W3C Publishes DRM as a Recommendation
After a divided vote, the World Wide Web Consortium has adopted Encrypted Media Extensions as a full recommendation, formalizing closed-source Digital Rights Management into the specification. In response, the EFF has resigned from the W3C.
-
Stack Overflow Becomes HTTPS by Default
Nick Craver, architecture lead at StackOverflow, has published a blog announcing StackOverflow's migration to HTTPS. Some of the technical challenges along the way included supporting hundreds of domains, migrating URL’s, user generated content, and meeting the sites stringent performance requirements.
-
Google Introduces Cloud-Based Encryption Key Management Service
Google has announced a new service for its Google Cloud Platform (GCP) that allows to create, use, rotate, and destroy symmetric encryption keys. Although the new Cloud Key Management Service (KMS) is integrated with Google's Cloud Identity Access Management and Cloud Audit Logging, keys managed using KMS can be also used independently.
-
Google Pushing for HTTPS
Google wants to push for HTTPS everywhere with a combination of deprecating existing Chrome features in non-secure sites, as well as new features only supported in HTTPS.
-
Lawyer.com: Early Adopter of HTTP/2, Speaks to InfoQ
Lawyer.com recently announced that they are adopting the HTTP/2 protocol. Gerald Gorman, tech entrepreneur, CEO, and co-founder of Lawyer.com, spoke to InfoQ about their technology implementation, their position on microservices and lightweight containers, their unique search engine, and their use of social media.
-
Modern iOS Application Security
At QCon New York 2016, Trail of Bits CEO and security expert Dan Guido explained how to keep iOS apps secure. This includes correctly using all iOS security provisions, without forgetting that your app might be running on a jailbroken phone.
-
Microsoft Introduces Project Bletchley: A Modular Blockchain Fabric
On June 15th, Microsoft announced their vision for an open blockchain platform which will be powered by Azure. Microsoft is calling this initiative Project Bletchley, which focuses on providing the architectural building blocks for constructing an Enterprise Consortium Blockchain Ecosystem.
-
Dan Guido: Modern iOS Application Security
As mobile applications increase in popularity and as more transactions are carried out via mobile devices, security is a topic of growing concern. In his talk "Modern iOS Application Security" at QCon New York 2016, Dan Guido takes a closer look at iOS security. While Apple already provides the means to create highly secured applications, there are still threads that may render them useless.
-
Apple Defends Encryption with TV Interview, Files Counter Lawsuit
Apple has responded to questions raised about its stance with the FBI and CEO Tim Cook has appeared on live TV to defend Apple's stance. They have now filed a lawsuit to have the FBI's case dismissed. InfoQ updates you with the latest on the subject.
-
Postponing the Retirement of SHA-1
The need to retire SHA-1 faces obstacles with the access needs of users who have yet to upgrade. Facebook, Twitter, and CloudFlare have proposed an interim solution for users of these legacy devices.
-
Apple Open-sources Three Cryptographic Libraries
Apple has announced they have open sourced three major components in their OSes’ security subsystem. Apple’s announcement has spun some controversy due to the restrictive nature of the license used for one of the libraries.
-
Internet Security, TLS, and HTTP/2: A Q&A with ThoughtWorks’ Vuksanovic and Gibson
InfoQ recently sat down with Marko Vuksanovic and Sam Gibson from ThoughtWorks, and asked about their recent study of TLS/HTTPS and HTTP/2 that was published in the ThoughtWorks P2 magazine. Both Vuksanovic and Gibson shared their expertise on a range of security-focused topics, including ubiquitous computing, the workings of TLS/HTTPS, certificate trust, and the security implications of HTTP/2.