BT

.NET Framework 4.6.2 Delivers WPF and Security Improvements

by Jeff Martin on  Aug 05, 2016

The latest release of the .NET Framework provides several new features centered around WPF and security- including some long-awaited improvements to ClickOnce deployed applications. Microsoft released a preview of .NET Framework 4.6.2 back in late March and now developers can take advantage of the release’s new features in their own projects.

Modern iOS Application Security

by Sergio De Simone on  Aug 03, 2016

At QCon New York 2016, Trail of Bits CEO and security expert Dan Guido explained how to keep iOS apps secure. This includes correctly using all iOS security provisions, without forgetting that your app might be running on a jailbroken phone.

Microsoft Introduces Project Bletchley: A Modular Blockchain Fabric

by Kent Weare on  Jun 19, 2016

On June 15th, Microsoft announced their vision for an open blockchain platform which will be powered by Azure. Microsoft is calling this initiative Project Bletchley, which focuses on providing the architectural building blocks for constructing an Enterprise Consortium Blockchain Ecosystem.

Dan Guido: Modern iOS Application Security

by Ralph Winzinger on  Jun 17, 2016

As mobile applications increase in popularity and as more transactions are carried out via mobile devices, security is a topic of growing concern. In his talk "Modern iOS Application Security" at QCon New York 2016, Dan Guido takes a closer look at iOS security. While Apple already provides the means to create highly secured applications, there are still threads that may render them useless.

Apple Defends Encryption with TV Interview, Files Counter Lawsuit

by Alex Blewitt on  Feb 26, 2016

Apple has responded to questions raised about its stance with the FBI and CEO Tim Cook has appeared on live TV to defend Apple's stance. They have now filed a lawsuit to have the FBI's case dismissed. InfoQ updates you with the latest on the subject.

Critical Bug Affects OpenSSH Users

by Jeff Martin on  Jan 16, 2016

A critical bug has been revealed that affects users running OpenSSH. The bug affects both the OpenBSD specific version and the portable version used on Linux and several other operating systems. Patches and mitigations are available now.

Postponing the Retirement of SHA-1

by Jeff Martin on  Dec 29, 2015

The need to retire SHA-1 faces obstacles with the access needs of users who have yet to upgrade. Facebook, Twitter, and CloudFlare have proposed an interim solution for users of these legacy devices.

Apple Open-sources Three Cryptographic Libraries

by Sergio De Simone on  Oct 31, 2015

Apple has announced they have open sourced three major components in their OSes’ security subsystem. Apple’s announcement has spun some controversy due to the restrictive nature of the license used for one of the libraries.

Internet Security, TLS, and HTTP/2: A Q&A with ThoughtWorks’ Vuksanovic and Gibson

by Daniel Bryant on  Oct 24, 2015

InfoQ recently sat down with Marko Vuksanovic and Sam Gibson from ThoughtWorks, and asked about their recent study of TLS/HTTPS and HTTP/2 that was published in the ThoughtWorks P2 magazine. Both Vuksanovic and Gibson shared their expertise on a range of security-focused topics, including ubiquitous computing, the workings of TLS/HTTPS, certificate trust, and the security implications of HTTP/2.

Symantec Accidentally Leaks Multiple Google SSL Certificates

by Jeff Martin on  Sep 21, 2015

Symantec’s Thawte unit admits that flawed internal practices allowed multiple Google SSL certificates to be released in an unauthorized manner.

AWS s2n: Open-source TLS Implementation in Less than 6,000 Lines

by Sergio De Simone on  Jul 01, 2015

Amazon Web Services has recently introduced s2n, short for “signal to noise”, an open-source implementation of the TLS/SSL protocols that aims to be “simple, small, fast, and with security as a priority”.

GitHub Revoked Compromised and Unsecure SSH Keys

by Sergio De Simone on  Jun 11, 2015

GitHub has recently started revoking SSH keys that were deemed to be compromised or otherwise insecure. Systems engineer Ben Cartwright-Cox was the author of the research that uncovered the issues. InfoQ has spoken with him.

Microsoft Recommits to Providing SSH for Windows

by Jeff Martin on  Jun 04, 2015 1

The third time may be the charm as Microsoft has announced intentions to produce native SSH client and server tools for the Windows platform. Using OpenSSH as a starting point, Microsoft says their goals for the new toolset includes easier system management of both Windows and Linux systems.

ZeroDB Internals and End-To-End Database Encryption

by Alex Giamas on  Apr 09, 2015

In an article published in their blog, ZeroDB team explains how it works. ZeroDB is an end-to-end encrypted database, which means that the database server does not need to be secure for the data to be safe. The way this works is that query logic is being pushed down to the client. The client also holds the decryption keys for data. The client encrypts data with a symmetric key at time of creation

Amazon releases AWS Key Management Service

by Chris Swan on  Dec 05, 2014

At their re:invent 2014 show Amazon launched AWS Key Management Service (KMS), “a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data, and uses Hardware Security Modules (HSMs) to protect the security of your keys”. At launch the service supported EBS, S3 and Redshift. Additional support for Elastic Transcoder was added in late November.

General Feedback
Bugs
Advertising
Editorial
Marketing
InfoQ.com and all content copyright © 2006-2016 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT