Daily Video: Mozilla Dials Back on Firefox Opportunistic Encryption

By eWEEK Staff  |  Posted 2015-04-08 Print this article Print

Mozilla dials back on Firefox Opportunistic Encryption; Cisco rolls out threat intelligence, incident response services; IBM, NASA challenge developers to build apps on IBM Cloud; and there's more.

Microsoft Introduces High End Surface Studio All-in-One Desktop

DAILY VIDEO: Microsoft unveils Surface Studio all-in-one for 'creators'; Apple $215.6 billion annual...

Samsung Still Doesn't Know Exact Cause of Samsung Note7 Fires

DAILY VIDEO: Samsung still doesn't know the reasons for Note7 smartphone fires; Samsung offers Korean...

How the Internet Survived Massive DNS Attack

DAILY VIDEO: Why a massive DNS attack didn't shut down the internet; the LinkedIn hacking suspect is...

Analysts Offer Mixed Views on AT&T-Time Warner Deal

DAILY VIDEO: Analysts weigh pros and cons of AT&T-Time Warner deal; massive cyber-attack shows...

Czech Police Arrest Alleged LinkedIn Hacker

DAILY VIDEO: Czech police apprehend alleged LinkedIn hacker; Intel gets a boost in lengthy appeal of...

Yahoo's Earnings Exceed Expectations but Ad Revenue Still Eroding

DAILY VIDEO: Yahoo's earnings report shows ad revenue is still eroding; Intel's record Q3 revenue is...

Snowden Offers Grim Assessment of State of Internet Security, Privacy

DAILY VIDEO: Edward Snowden gives his take on security...

FAA's Samsung Galaxy Note7 Flight Ban Poses Challenges for Travelers

DAILY VIDEO: FAA's Samsung Galaxy Note7...

Salesforce No Longer Plans to Pursue Twitter Acquisition

DAILY VIDEO: Salesforce withdraws from contention to acquire Twitter; HP to cut another 3,000 to...

Samsung Releases Details on How to Exchange Defective Note7 Phones

DAILY VIDEO: Samsung releases Note7 return details following its recall; what the new update process...

Read more about the stories in today's news:


Today's topics include Mozilla's decision to disable "opportunistic encryption," new threat intelligence services from Cisco, a fresh collaboration between IBM and NASA and findings about the vulnerability of the Global 2000.

Mozilla has had a change of heart regarding opportunistic encryption—for now. The company rolled out its open-source Firefox 37 Web browser on March 31, including an important new feature called opportunistic encryption.

However, due to a security issue related to opportunistic encryption, Mozilla disabled the feature in the Firefox 37.0.1 update released April 3. The security issue is located in Mozilla's HTTP Alternative Services implementation, which is connected to the opportunistic encryption capability.

Mozilla plans to re-enable the encryption feature once it resolves the security issue.

Cisco recently announced new threat intelligence and incident response services. These come to Cisco thanks in part to the integration of technologies from ThreatGrid, a company Cisco acquired in May 2014.

Helping to push forward the new threat intelligence capabilities is co-founder and former CTO of ThreatGrid Dean De Beer, who is now principal engineer of Advanced Threat Solutions at Cisco.

Cisco's Advanced Malware Protection platform is now being expanded with the help of ThreatGrid's platform. IBM and NASA are collaborating on a global code-a-thon where developers will be tasked with building applications that bolster space exploration missions and help to improve life on Earth.

IBM announced that it will provide its Bluemix platform for the NASA Space App Challenge Virtual Event to help developers rapidly build apps that contribute to space exploration and solve global challenges.

Nearly three-quarters of the Global 2000 continue to be vulnerable to cyber-attacks because they have not fully hardened their systems against the effects of the OpenSSL Heartbleed vulnerability reported a year ago, according to a report from encryption key management firm Venafi.

Using scans of Global 2000 companies' public-facing systems, the firm found that 74 percent of the businesses are still vulnerable to the fraudulent use of encryption and certificate keys stolen in the days following the disclosure of the Heartbleed vulnerability. Eight months ago, 76 percent of companies were vulnerable, Venafi reported.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel