Facebook Goes End To End
Facebook Inc announced that it began testing end-to-end encryption on its popular Messenger application to prevent snooping on digital conversations.
The limited testing on Messenger, which has more than 900 million users, comes three months after Facebook rolled out end-to-end encryption to its more popular WhatsApp, a messaging application with over 1 billion users that it acquired in October 2014.
The move comes amid widespread global debate over the extent to which technology companies should help law enforcement snoop on digital communications.
End-to-end encryption is also offered on Apple Inc’s iMessage platform as well as apps including LINE, Signal, Viber, Telegram and Wickr.
Facebook Messenger uses the same encryption technology as WhatsApp, which uses a protocol known as Signal that was developed by privately held Open Whisper Systems.
“It seems well designed,” said Matthew Green, a Johns Hopkins University cryptologist who helped review an early version of the protocol for Facebook.
While WhatsApp messages are encrypted by default, Facebook Messenger users must turn on the feature to get the extra additional security protection, which scrambles communications so they can only be read on devices at either end of a conversation.
Facebook said that it was requiring users to opt in to encryption because the extra security is not compatible with some widely used Messenger features.
“Many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone,” the company said in an announcement on its website. “Secret conversations can only be read on one device and we recognize that experience may not be right for everyone.”
Facebook also said that Messenger users cannot send videos or make payments in encrypted conversations.
Courtesy-http://www.thegurureview.net/aroundnet-category/end-to-end-encryption-comes-to-facebook-messenger.html
IPv6 Turns 20, Did You Notice?
IPv6 is 20 years old and the milestone has been celebrated with 10 percent adoption across the world for the first time.
The idea that IPv6 remains so far behind its saturated incumbent, IPv4, is horrifying given that three continents ran out of IPv4 addresses in 2015. Unfortunately, because the product isn’t ‘end of life’ most internet providers have been working on a ‘not broken, don’t fix it’ basis.
But 2016 looks to be the year when IPv6 makes its great leap to the mainstream, in Britain at least. BT, the UK’s biggest broadband provider, has already committed to switch on IPv6 support by the end of the year, and most premises will be IPv6-capable by April. Most companies use the same lines, but it will be up to each individual supplier to switch over. Plusnet, a part of BT, is a likely second.
IPv6 has a number of advantages over IPv4, most notably that it is virtually infinite, meaning that the capacity problems that the expanded network is facing shouldn’t come back to haunt us again. It will also pave the way for ever faster, more secure networks.
Some private corporate networks have already made the switch. Before Christmas we reported that the UK Ministry of Defence was already using the protocol, leaving thousands of unused IPv4 addresses lying idle in its wake.
IPv6 is also incredibly adaptable for the Internet of Things. Version 4.2 of the Bluetooth protocol includes IPv6 connectivity as standard, making it a lot easier for tiny nodes to make up a larger internet-connected grid.
Google’s latest figures suggest that more than 10 percent of users are running IPv6 connections at the weekend, while the number drops to eight percent on weekdays. This suggests that the majority of movement towards IPv6 is happening in the residential broadband market.
That said, it is imperative that businesses begin to make the leap. As Infoblox IPv6 evangelist Tom Coffeen told us last year, it could start to affect the speed at which you are able to trade.
“If someone surfs onto your site and its only available in IPv4, but they are using IPv6, there has to be some translation, which puts your site at a disadvantage. If I’ve not made my site available in IPv6, I’m no longer in control over where that translation occurs.”
In other words, if you don’t catch up, you will soon get left behind. It was ever thus.
Courtesy-TheInq
Apple Removes Data Spying Apps From Store
October 21, 2015 by admin
Filed under Consumer Electronics
Comments Off on Apple Removes Data Spying Apps From Store
Apple has removed several apps from its store that it said could pose a security risk by exposing a person’s Web traffic to untrusted sources.
The company recommended deleting the apps but did not name them, which may make it hard for people to know which apps put their data at risk.
The apps in question installed their own digital certificates on a person’s Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk.
Most websites and many apps use SSL/TLS (Secure Socket Layer/Transport Security Layer), a protocol that encrypts data traffic exchanged with a user. SSL/TLS is a cornerstone of Web security, ensuring data traffic that is intercepted is unreadable.
It is possible in some cases to interfere with an encrypted connection. Many enterprises that want to analyze encrypted traffic for security reasons will use SSL proxies to terminate a session at the edge of their network and initiate a new one with their own digital certificate, allowing them to inspect traffic for malicious behavior.
In that scenario, employees would likely be more aware or expect that kind of monitoring. But people downloading something from the App Store probably would have no idea of the access granted to their sensitive data traffic.
Apple checks applications to ensure that malicious ones are not offered in its store. Those checks are in large part the reason why Apple has had fewer problems with malicious mobile applications in its store.
Installing digital certificates isn’t itself a malicious action per se, but Apple may be concerned that users are not fully aware of the consequences of allowing an app to do so.
Source-http://www.thegurureview.net/aroundnet-category/apple-removes-data-spying-apps-from-store.html
USB 3.1 Coming Later This Year
The emerging USB 3.1 standard is on track to reach desktops as hardware companies release motherboards with ports that can transfer data twice as fast as the previous USB technology.
MSI recently announced a 970A SLI Krait motherboard that will support the AMD processors and the USB 3.1 protocol. Motherboards with USB 3.1 ports have also been released by Gigabyte, ASRock and Asus, but those boards support Intel chips.
USB 3.1 can shuffle data between a host device and peripheral at 10Gbps, which is two times faster than USB 3.0. USB 3.1 is also generating excitement for the reversible Type-C cable, which is the same on both ends so users don’t have to worry about plug orientation.
The motherboards with USB 3.1 technology are targeted at high-end desktops. Some enthusiasts like gamers seek the latest and greatest technologies and build desktops with motherboards sold by MSI, Asus and Gigabyte. Many of the new desktop motherboards announced have the Type-C port interface, which is also in recently announced laptops from Apple and Google.
New technologies like USB 3.1 usually first appear in high-end laptops and desktops, then make their way down to low-priced PCs, said Dean McCarron, principal analyst of Mercury Research.
PC makers are expected to start putting USB 3.1 ports in more laptops and desktops starting later this year.
Cloud Storage Specs Approved
The International Organization for Standardization (ISO) has ratified the Cloud Data Management Interface (CDMI), a set of protocols defining how businesses can safely transport data between private and public clouds.
The Storage Networking Industry Association’s (SNIA) Cloud Storage Initiative Group submitted the standard for approval by the ISO last spring. CDMI is the first industry-developed open standard specifically for data storage as a service.
“There is strong demand for cloud computing standards and to see one of our most active consortia partners contribute this specification in such a timely fashion is very gratifying,” Karen Higginbottom, chairwoman of the ISO committee, said in a statement. “The standard will improve cloud interoperability.”
The CDMI specification is a way to create an interface for accessing data in the cloud by preserving metadata about information that an enterprise stores in the cloud. With metadata associated with the information, companies can retrieve data no matter where it’s stored.
“With the metadata piece, it’s also complementary with existing interfaces. The standard can be used with Amazon, for file or block data and it can use any number of storage protocols, such as NFS, CIFS or iSCSI,” said SNIA Chairman Wayne Adams.
Based on a RESTful HTTP protocol, CDMI provides both a data path and control path for cloud storage and standardizes a common interoperable format for securely moving data and its associated data requirements from cloud to cloud. The standard applies to public, private and hybrid deployment models for storage clouds.
Microsoft and Others Enable IPv6
The so-called worldwide launch of IPv6 has been set for 6 June 2012, when companies will permanently enable IPv6 connectivity in their products and services.
Following the relative success of 2011′s IPv6 day, a number of firms including Cisco, Facebook, Google, Microsoft and Yahoo have pledged support for “World IPv6 Launch” day, which has been set as 6 June 2012. On that day the companies have pledged to permanently enable IPv6 connectivity to their associated products and services.
IP address allocation bodies such as ARIN and RIPE have been pushing IPv6 adoption for years but it took last year’s dramatic exhaustion of IPv4 addresses to jolt companies into action. IPv6 day was supported by many of the firms taking part in the IPv6 launch later this year, to drum up awareness and see how much disruption there will be when IPv6 connectivity is enabled.
Daniel Karrenberg, chief scientist at RIPE NCC said, “Operational experience and measurements on World IPv6 Launch will help content providers and ISPs to identify and rectify any potential problems with delivering services over IPv6.”