Language Selection

English French German Italian Portuguese Spanish

Web Browser Developers Work Together on Security

Filed under
KDE

Core KDE developer George Staikos recently hosted a meeting of the security developers from the leading web browsers. The aim was to come up with future plans to combat the security risks posed by phishing, ageing encryption ciphers and inconsistent SSL Certificate practise. Read on for George's report of the plans that will become part of KDE 4's Konqueror and future versions of other web browsers.

In the past few years the Internet has seen a rapid growth in phishing attacks. There have been many attempts to mitigate these types of attack, but they rarely get at the root of them problem: fundamental flaws in Internet architecture and browser technology. Throughout this year I had the fortunate opportunity to participate in discussions with members of the Internet Explorer, Mozilla/FireFox, and Opera development teams with the goal of understanding and addressing some of these issues in a co-operative manner.

Our initial and primary focus is, and continues to be, addressing issues in PKI as implemented in our web browsers. This involves finding a way to make the information presented to the user more meaningful, easier to recognise, easier to understand, and perhaps most importantly, finding a way to make a distinction for high-impact sites (banks, payment services, auction sites, etc) while retaining the accessibility of SSL and identity for smaller organisations.

In Toronto on Thursday November 17, on behalf of KDE and sponsored by my company Staikos Computing Services, I hosted a meeting of some of these developers. We shared the work we had done in recent months and discussed our approaches and strengths and weaknesses. It was a great experience, and the response seems to be that we all left feeling confident in our direction moving forward.

Full Story.

More in Tux Machines

Of course USA loses in cyber war - NSA and friends made sure it would happen

There is a reason why China and others are trying to move away from Windows to Linux and other alternatives, and it is not to avoid sending its hard earned dollars to Cayman Islands (or whatever tax haven Microsoft is using these days to collect the majority of its income. :) Read more

ASF publishes long-overdue Code Of Conduct

We pride ourselves at The Apache Software Foundation on our principles of "community over code" and "don't be a jerk". But, alas, we've been slow to codify some of these things in public. Part of this, I'm sure, is that it’s easy to think we all just know how we're supposed to treat people, and so you shouldn't have to say, right? Read more

Building a Healthy Web to Hand to Future Generations

The Mozilla project is dedicated to tackling these challenges. Our community makes Firefox products that are loved and used the world over, all in service of our mission to protect the Web. We are also hard at work teaching thousands more people how to help build the Web, developing innovative open source technologies for others to leverage, protecting individual privacy and establishing technical standards. Read more

Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far

The first Linux kernel Release Candidate has been made available in the 3.19 branch and it looks like it's one of the biggest ones so far. Linux Torvalds surprised everyone with an early launch, but it's easy to understand why. Read more