Seems the Wi-Fi Alliance is having yet another crack at coming up with
a really secure protocol, this time to be called WPA3
<http://www.theregister.co.uk/2018/01/09/wi_fi_wpa3/>.
Does anybody care? Remember that on the Internet, security is
implemented between the endpoints, the protocols are designed not to
care that everything in-between might be pawed through by
eavesdroppers, or even active attackers trying to inject fake data.
Windows Notepad has never been able to handle any newline convention
other than the old DOS/Windows/CP/M one (CR-LF). Now, after
so many decades, Microsoft has finally decided to give it “universal
newline” capability, so it can handle lines ending in LF-only
(Unix/Linux) and CR-only (old MacOS)
<http://www.theregister.co.uk/2018/05/08/windows_notepad_unix_macos_line_end…>.
Gee, I wonder how many lines of code that took...
The UN has a plan to try to increase IPv6 adoption
<http://www.theregister.co.uk/2018/05/30/internet_engineers_united_nations_i…>.
However, it does it by essentially saddling IPv6 with all the
limitations of IPv4 that IPv6 was specifically created to overcome.
The UN has been trying for a while to take over governance of the
Internet and its standards. This has been fought off by a US-led effort
in favour of the IETF, ICANN etc -- all the bodies we know and love.
However, the UN can claim some moral high ground in its advocacy for
greater adoption among the developing world -- places where such bodies
tend to be under-represented.
That previous Libre Graphics World article linked to an item on
Tavmjong Bah’s blog <http://tavmjong.free.fr/blog/>. “Mr Inkscape”
himself has posts on the ins and outs of SVG and CSS, and tutorials on
advanced features of Inkscape itself.
From
<http://libregraphicsworld.org/blog/entry/gradient-meshes-and-hatching-to-be…>:
Essentially, we have arrived to the point where development of a
major vector graphics file format for the Web is shaped by
inactivity of Mozilla and Google, while Microsoft and W3C do the
real work, a developer of one design tool [Inkscape] contributes a
lot, but has no say in what goes into the standard, and a vendor
[Adobe] of another design tool is taking a wait-and-see stance.
By the way, it appears Alexandre Prokoudine has given up the battle
with spammers, and has turned off all posting of new comments on his
blog.
'For more than a year, Mozilla Firefox and Google Chrome may have
leaked users’ Facebook usernames, profile pictures, and likes if the
users’ browsers visited malicious websites that employed a
cutting-edge hack, researchers said Thursday.
The data could be extracted through what’s known as a side-channel
vulnerability in the browsers’ implementation of new standards for
cascading style sheets introduced in 2016. One of the new features
known as the “mix-blend-mode” leaked visual content hosted on Facebook
to websites that included an iframe linking to it and some clever code
to capture the data. Normally, a security concept known as the
same-origin policy forbids content hosted on one domain to be
available to a different domain. The vulnerability was significant
because it allowed hackers to bypass this bedrock principle for two of
the Internet’s most widely used browsers.
The leak was independently discovered by two different research teams,
and it was fixed late last year in version 63 of Chrome and two weeks
ago in Firefox 60. While the updated browsers no longer pose a threat
to user privacy, one of the researchers who discovered the
vulnerability said the increasingly powerful graphics capabilities
being added in the HTML5 and CSS standards are likely to make similar
hacks possible in the future.'
-- source: https://arstechnica.com/information-technology/2018/05/chrome-and-firefox-l…
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'The creators of popular encrypted email service ProtonMail have
released a free version of their ProtonVPN software for macOS. From a
report:
Even though the free version does not contain the full features that
you would come to expect from a paid VPN service it is more than
capable of obfuscating IP addresses and your location. While ProtonVPN
has already released Windows and Android versions, according to Dr.
Andy Yen, CEO of ProtonMail, their reason for releasing the free macOS
version "is to make the world a safer place by ensuring that citizens
around the world have access to an Internet free of spying and
censorship. Releasing a free VPN service for macOS is another
important step in that direction."'
-- source: https://apple.slashdot.org/story/18/05/31/1327232
Here's the pricing/features overview:
https://protonvpn.com/pricing
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'Google released earlier today Chrome 67, the latest stable release of
its web browser. According to changelogs released with Chrome 67, this
version adds support for a Generic Sensors API, improves AR and VR
experiences, and deprecates the HTTP-Based Public Key Pinning (HPKP)
security feature. Probably the biggest change in Chrome 67 is the
addition of the Generic Sensors API. As the name implies, this is an
API that exposes data from device sensors to public websites. The new
API is based on the Generic Sensor W3C standard. This API is meant
primarily for mobile use, and in its current version, websites can use
Chrome's Generic Sensors API to access data from a device's
accelerometer, gyroscope, orientation and motion sensors. Another API
that shipped with Chrome is the WebXR Device API. Developers can use
this API to build virtual and augmented reality experiences on Chrome
for mobile-based VR headsets like Google Daydream View and Samsung
Gear VR, as well as desktop-hosted headsets like Oculus Rift, HTC
Vive, and Windows Mixed Reality Headsets.'
-- source: https://tech.slashdot.org/story/18/05/30/1440256
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
