LWN.net's Journal
[Most Recent Entries]
[Calendar View]
Thursday, December 3rd, 2015
| Time |
Event |
| 1:50a |
[$] LWN.net Weekly Edition for December 3, 2015
The LWN.net Weekly Edition for December 3, 2015 is available. | | 3:39p |
Security updates for Thursday CentOS has updated jakarta-commons-collections (C6: code
execution) and libreport (C6: information leak).
Debian has updated cups-filters
(code execution).
Fedora has updated keepass (F22:
password locking options removed) and thunderbird (F23: multiple vulnerabilities).
Slackware has updated libpng (two
vulnerabilities) and mozilla (multiple vulnerabilities).
Ubuntu has updated linux-lts-trusty (12.04: two vulnerabilities), openjdk-6 (12.04: multiple vulnerabilities), and qemu (multiple vulnerabilities). | | 6:52p |
Let's encrypt starts public beta testing The Electronic Frontier Foundation has announcedthe public beta test of the Let's Encrypt initiative, which aims to make encrypted web traffic the norm. " There are a number of flaws in the
CA system, but when it comes to encrypting the Web, two in particular stand
out: cost and difficulty. Most CAs today charge for certificates. While
some are very cheap, every dollar of expense means a large swath of people
who can't afford to host a secure website. The larger barrier, though, is
difficulty. Once someone has purchased a certificate, they need to install
it on their website, a time consuming and error-prone process that requires
significant technical skill, which is a cost in itself. Let's Encrypt is
not only free but also automated, in order to make HTTPS encryption more
accessible than ever." | | 10:32p |
PHP 7 has been released PHP 7 has been released. Along with some new language features, the biggest change is said to be much better performance and reduced memory use. " PHP 7.0 brings you unprecedented levels of real-world performance and throughput by utilizing the new and advanced Zend Engine 3.0, designed and refactored for speed and reduced memory consumption. This translates to real-world benefits: greatly decreased response times, superior user experiences, and the ability to serve more users with fewer servers to maximize the power of your PHP 7.0 deployment." We looked at the new features in PHP 7 in an article in this week's edition. | | 10:44p |
Rintel: NetworkManager and privacy in the IPv6 internet On his blog, Lubomir Rintel discusses IPv6 privacy issues and how they are being handled by NetworkManager. " Creation of a privacy stable address relies on a pseudo-random key that’s only known the the host itself and never revealed to other hosts in the network. This key is then hashed using a cryptographically secure algorithm along with values specific for a particular network connection. It includes an identifier of the network interface, the network prefix and possibly other values specific to the network such as the wireless SSID. The use of the secret key makes it impossible to predict the resulting address for the other hosts while the network-specific data causes it to be different when entering a different network.
This also solves the duplicate address problem nicely. The random key makes collisions unlikely. If, in spite of this, a collision occurs then the hash can be salted with a DAD failure counter and a different address can be generated instead of failing the network connectivity. Now that’s clever." | | 11:57p |
Rogaway: The Moral Character of Cryptographic Work This lengthy
paper from Phillip Rogaway tries to describe the moral responsibilities of the cryptographic community — responsibilities that, he believes, that community has failed to live up to. Worth a read. " We need to erect a much expanded commons on the Internet. We need to
realize popular services in a secure, distributed, and decentralized way,
powered by free software and free/open hardware. We need to build systems
beyond the reach of super-sized companies and spy agencies. Such services
must be based on strong cryptography. Emphasizing that prerequisite, we
need to expand our cryptographic commons." |
|