Focuses on the use of encryption on the Web.
With never ending news about spying, Internet freedom and such, Mark Nottingham, the web infrastructure developer and the chairman of W3C group, has listed a couple of proposals that relate to the HTTP 2.0 protocol.
Most importantly, if everything goes as planned, HTTP 2.0 will only be used with https:// URIs, thus enhancing the overall security. Not only that but it looks like the web browser makers are the ones pushing for more use of encryption and support the idea, which is a good sign.
It looks like Microsoft is following Google’s steps and will be rewarding those that dedicate their days and nights seeking various security flaws.
According to Katie Moussouris, Senior Security Strategist at Microsoft, the software giant is paying $28,000 in bounties for the vulnerabilities that were discovered in IE11.
If you are wondering what effect money has on people, Microsoft said that during first 30 days of the IE10 beta they did not receive any bulletin class reports, compared to “several” security vulnerabilities reported in Internet Explorer 11.
Better privacy control as long as you trust Google.
If you haven’t heard about the AdID before, it’s because there is no such thing yet. However, according to USAToday, Google is working on an anonymous identifier (AdID), which would eventually replace everyone’s beloved cookies.
As stated in the article, AdID would allow ad companies to target various web browser users but there are certain guidelines that would give consumers more control over their privacy, which does sound good on a paper.
It seems like the release of PirateBrowser has made quite a splash in the tech community.
According to the recent report, the anti-censorship browser by ThePirateBay has been downloaded over 100,000 times and that’s just in the last 72 hours.
For those interested in the PirateBrowser, it should be noted that it only combats censorship and does not actually make the Internet experience fully anonymous.
Now here’s something awesome.
If you don’t feel like entering your real email or phone number when signing up with some (especially dodgy) web site, then MaskMe is the extension you’ve been waiting for.
Here’s how it works:
When you install the add-on and signup on any new website, it will allow you to generate “fake email” address, which then will forward confirmation link (or any other information) to your real inbox. The result? You real email address won’t be sold to email marketers and when you do start receiving spam, you can delete the fake one at any time.
Took us five years to figure that out.
Now here’s something that you wouldn’t expect from the 1st class software. According to Elliott Kember, the software develoepr and director at Riot, Google does an absolutely horrible job at protecting your sensitive data.
As it turns out, extracting your Google Chrome passwords is so easy, it’s actually mind boggling. All you have to do is type chrome://settings/passwords in the URL bar and that’s it. There are no master passwords, security prompts or anything of that nature.
Time to switch or is it?
It’s been a while since the last NSS Labs report and as it turns out, instead of comparing malware block rates like they always do, the guys have decided to do something different: find out which browser has the best built in privacy protection.
As it turns out, Safari and Internet Explorer users are protected better than those of Chrome and Firefox (if we ignore 3rd party extensions and NSA) and here is why:
During today’s WPC 2013 Event, Kevin Turner, Chief Operating Officer at Microsoft, boasted about their achievements in the security department and compared the number of vulnerabilities versus Google and Mozilla.
The slide above is pretty self explanatory but if you are wondering where they got these statistics from, it’s from Secunia’s Vulnerability Review 2013 report, which can be requested in the following page.
Takes one week to notify its users.
Now here is something that is not pleasant for any company or its product(s) users. Opera Software has just informed everyone about a network breach (that was uncovered on June 19th), which has grave consequences for those that were affected.
According to the blog post, attackers have stolen the Opera code signing certificate and used it to sign and distribute some malware distinguished as Opera browser.
The power of the web.
Now here’s an interesting take on leaking private data. Researchers in Germany are working on a new, ad based platform that would allow whistleblowers to share the information without compromising their positions.
And here is how it works: a web site will embed AdLeaks ad, which contains a code capable of encrypting an empty message with the AdLeaks public key and sending it back to their servers.