Language Selection

English French German Italian Portuguese Spanish

Web Browser Developers Work Together on Security

Filed under
KDE

Core KDE developer George Staikos recently hosted a meeting of the security developers from the leading web browsers. The aim was to come up with future plans to combat the security risks posed by phishing, ageing encryption ciphers and inconsistent SSL Certificate practise. Read on for George's report of the plans that will become part of KDE 4's Konqueror and future versions of other web browsers.

In the past few years the Internet has seen a rapid growth in phishing attacks. There have been many attempts to mitigate these types of attack, but they rarely get at the root of them problem: fundamental flaws in Internet architecture and browser technology. Throughout this year I had the fortunate opportunity to participate in discussions with members of the Internet Explorer, Mozilla/FireFox, and Opera development teams with the goal of understanding and addressing some of these issues in a co-operative manner.

Our initial and primary focus is, and continues to be, addressing issues in PKI as implemented in our web browsers. This involves finding a way to make the information presented to the user more meaningful, easier to recognise, easier to understand, and perhaps most importantly, finding a way to make a distinction for high-impact sites (banks, payment services, auction sites, etc) while retaining the accessibility of SSL and identity for smaller organisations.

In Toronto on Thursday November 17, on behalf of KDE and sponsored by my company Staikos Computing Services, I hosted a meeting of some of these developers. We shared the work we had done in recent months and discussed our approaches and strengths and weaknesses. It was a great experience, and the response seems to be that we all left feeling confident in our direction moving forward.

Full Story.

More in Tux Machines

Ubuntu Touch Gets Major Update and the OS Is Now Crazy Fast – Screenshot Tour

Ubuntu Touch has just received a new major update and the developers have made some serious changes to the operating system, which now feels a lot faster and the experience is a lot smoother. Read more

35 Open Source Tools for the Internet of Things

In a nutshell, IoT is about using smart devices to collect data that is transmitted via the Internet to other devices. It's closely related to machine-to-machine (M2M) technology. While the concept had been around for some time, the term "Internet of Things" was first used in 1999 by Kevin Ashton, who was a Procter & Gamble employee at the time. Read more

IoT tinkerers get new Linux hub & open platforms

Cloud Media, the maker of entertainment box Popcorn Hour, launched a project on Kickstarter, Inc. that will add to the growing number of smart hubs for people to connect and control smart devices. Called the STACK Box, it features a Cavium ARM11 core processor, 256MB DDR3 RAM, 512MB flash, SD slot, 802.11n WiFi, Bluetooth LE 4.0, Z-Wave, standard 10/100 Ethernet port, optional X10 wired communication, 5 USB 2.0 ports, RS-232 port, 2 optocoupler I/O, Xbee Bus, Raspberry Pi-compatible 26-pin bus and runs Linus Kernel 3.10. IT also features optional wireless communications for Dust Networks and Insteon with RF433/315, EnOcean, ZigBee, XBee, DCLink, RFID, IR coming soon. Read more

Citrix and Google partner to bring native enterprise features to Chromebooks

Chromebooks are making inroads into the education sector, and a push is coming for the enterprise with new native Chrome capabilities from Citrix. Google and Citrix have announced Citrix Receiver for Chrome, a native app for the Chromebook which has direct access to the system resources, including printing, audio, and video. To provide the security needed for the enterprise, the new Citrix app assigns a unique Receiver ID to each device for monitoring, seamless Clipboard integration across remote and local applications, end user experience monitoring with HDX Insight, and direct SSL connections. Read more