Daily Video: Mozilla Dials Back on Firefox Opportunistic Encryption

By eWEEK Staff  |  Posted 2015-04-08 Print this article Print

Mozilla dials back on Firefox Opportunistic Encryption; Cisco rolls out threat intelligence, incident response services; IBM, NASA challenge developers to build apps on IBM Cloud; and there's more.

Apple's 'Spaceship' Headquarters Schedule to Open in April

DAILY VIDEO: Apple's futuristic new HQ Set to open doors in April; UPS tests delivery trucks equipped...

Cisco Extends Network Security Portfolio With Firepower 2100 Series

DAILY VIDEO: Cisco provides more firepower to security portfolio; Google to allow independent audit...

Harris Poll Shows Samsung Reputation Hurt by Note7 Smartphone Recall

DAILY VIDEO: Samsung's reputation hurt in latest Harris poll after Note7 debacle; Kubernetes...

New LG G6 Smartphone to Feature Side-by-Side FullVision Display

DAILY VIDEO: LG G6 smartphone getting side-by-side FullVision display; Azure SQL database threat...

Verizon, Yahoo Agree to Reduce Buyout Price to $4.55 Billion

DAILY VIDEO: Verizon negotiates down to $4.55B for Yahoo transaction; Congressional staffers see...

Google Tells RSA Show Audience How it Secures a Billion Android Users

DAILY VIDEO: How Google secures over a billion Android users; Amazon moves into teleconferencing...

Oracle Appeals Ruling in Java Infringement Dispute With Google

DAILY VIDEO: Oracle revives Java copyright infringement dispute with Google; Apple to Mark Smartphone...

Trump Administration Holds Back Executive Order on Cyber-Security

DAILY VIDEO: White House withholds cyber-security order for further revision; Cortana to help Windows...

Kaspersky Finds New Malware Designed to Hide in Memory, Steal Data

DAILY VIDEO: Kaspersky discovers new malware designed to stealthily steal data; Microsoft to shield...

U.S. Court Orders Google to Turn Over Data Stored on Overseas Servers

DAILY VIDEO: Federal court says Google must turn over data in foreign servers; Cisco report: mobile...

Read more about the stories in today's news:


Today's topics include Mozilla's decision to disable "opportunistic encryption," new threat intelligence services from Cisco, a fresh collaboration between IBM and NASA and findings about the vulnerability of the Global 2000.

Mozilla has had a change of heart regarding opportunistic encryption—for now. The company rolled out its open-source Firefox 37 Web browser on March 31, including an important new feature called opportunistic encryption.

However, due to a security issue related to opportunistic encryption, Mozilla disabled the feature in the Firefox 37.0.1 update released April 3. The security issue is located in Mozilla's HTTP Alternative Services implementation, which is connected to the opportunistic encryption capability.

Mozilla plans to re-enable the encryption feature once it resolves the security issue.

Cisco recently announced new threat intelligence and incident response services. These come to Cisco thanks in part to the integration of technologies from ThreatGrid, a company Cisco acquired in May 2014.

Helping to push forward the new threat intelligence capabilities is co-founder and former CTO of ThreatGrid Dean De Beer, who is now principal engineer of Advanced Threat Solutions at Cisco.

Cisco's Advanced Malware Protection platform is now being expanded with the help of ThreatGrid's platform. IBM and NASA are collaborating on a global code-a-thon where developers will be tasked with building applications that bolster space exploration missions and help to improve life on Earth.

IBM announced that it will provide its Bluemix platform for the NASA Space App Challenge Virtual Event to help developers rapidly build apps that contribute to space exploration and solve global challenges.

Nearly three-quarters of the Global 2000 continue to be vulnerable to cyber-attacks because they have not fully hardened their systems against the effects of the OpenSSL Heartbleed vulnerability reported a year ago, according to a report from encryption key management firm Venafi.

Using scans of Global 2000 companies' public-facing systems, the firm found that 74 percent of the businesses are still vulnerable to the fraudulent use of encryption and certificate keys stolen in the days following the disclosure of the Heartbleed vulnerability. Eight months ago, 76 percent of companies were vulnerable, Venafi reported.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel