Archive for the ‘standards’ Category

Report: Microsoft is scrapping Edge, switching to just another Chrome clone

December 4th, 2018
Report: Microsoft is scrapping Edge, switching to just another Chrome clone

Enlarge (credit: Getty / Aurich)

Windows Central reports that Microsoft is planning to replace its Edge browser, which uses Microsoft's own EdgeHTML rendering engine and Chakra JavaScript engine, with a new browser built on Chromium, the open source counterpart to Google's Chrome. The new browser has the codename Anaheim.

The report is short on details. The easiest thing for Microsoft to do would be to use Chromium's code wholesale—the Blink rendering engine, the V8 JavaScript engine, and the Chrome user interface with the Google Account parts omitted—to produce something that looks, works, and feels almost identical to Chrome. Alternatively, Redmond could use Blink and V8 but wrap them in Edge's user interface (or some derivative thereof), to retain its own appearance. It might even be possible to do something weird, such as use Blink with the Chakra JavaScript engine. We'll have to wait and see.

Since its launch with Windows 10, Edge has failed to gain much market share. The first iterations of Edge were extremely barebones, offering little more than a basic tabbed browser—no extensions, little control over behavior. Early releases of Edge were also not as stable as one might have liked, making the browser hard to recommend. Three years later on and Edge is greatly—but unevenly—improved. The browser engine's stability seems to be much better than it was, and performance and compatibility remain solid (though with the exception of a few corner cases, these were never a real concern).

Read 7 remaining paragraphs | Comments

Posted in browsers, chrome, EDGE, microsoft, standards, Tech, Web, Windows | Comments (0)

The next version of HTTP won’t be using TCP

November 12th, 2018
The next version of HTTP won’t be using TCP

Enlarge (credit: Andy Maguire / Flickr)

The next version of the Hypertext Transfer Protocol (HTTP)—the network protocol that defines how browsers talk to Web servers—is going to make a major break from the versions in use today.

Today's HTTP (versions 1.0, 1.1, and 2) are all layered on top of TCP (Transmission Control Protocol). TCP, defined as part of the core set of IP (Internet Protocol) layers, provides reliable, ordered, and error-checked delivery of data over an IP network. "Reliable" means that if some data goes missing during transfer (due to a hardware failure, congestion, or a timeout), the receiving end can detect this and demand that the sending end re-send the missing data; "ordered" means that data is received in the order that it was transmitted in; "error-checked" means that any corruption during transmission can be detected.

These are all desirable properties and necessary for a protocol such as HTTP, but TCP is designed as a kind of one-size-fits-all solution, suitable for any application that needs this kind of reliability. It isn't particularly tuned for the kinds of scenarios that HTTP is used for. TCP requires a number of round trips between client and server to establish a connection, for example; using SSL over TCP requires subsequent round trips to establish the encrypted connection. A protocol purpose-built for HTTP could combine these negotiations and reduce the number of round trips, thereby improving network latency.

Read 4 remaining paragraphs | Comments

Posted in HTTP, IETF, networking, open standards, Programming, quic, standards, Tech, Web | Comments (0)

Apple, Google, Microsoft, and Mozilla come together to end TLS 1.0

October 16th, 2018
A green exterior door is sealed with a padlock.

Enlarge (credit: Indigo girl / Flickr)

Apple, Google, Microsoft, and Mozilla have announced a unified plan to deprecate the use of TLS 1.0 and 1.1 early in 2020.

TLS (Transport Layer Security) is used to secure connections on the Web. TLS is essential to the Web, providing the ability to form connections that are confidential, authenticated, and tamper-proof. This has made it a big focus of security research, and over the years, a number of bugs that had significant security implications have been found in the protocol. Revisions have been published to address these flaws.

The original TLS 1.0, heavily based on Netscape's SSL 3.0, was first published in January 1999. TLS 1.1 arrived in 2006, while TLS 1.2, in 2008, added new capabilities and fixed these security flaws. Irreparable security flaws in SSL 3.0 saw support for that protocol come to an end in 2014; the browser vendors now want to make a similar change for TLS 1.0 and 1.1.

Read 2 remaining paragraphs | Comments

Posted in apple, browsers, chrome, EDGE, Firefox, google, microsoft, Mozilla, Safari, security, standards, Tech, TLS | Comments (0)

Security Ledger Voted Top Infosec Podcast

March 13th, 2017

In-brief: The Security Ledger Podcast had the honor of being named one of the 35 top podcasts covering information security. In honor of that honor, we’re reprising some of our most popular broadcasts from recent months.  The Security Ledger Podcast had the honor of being named one of the 35 top podcasts covering information security! The…

Read the whole entry… »

Posted in Breaking Security News, Digital Guardian, Podcasts, Reports, standards, Top Stories, trends | Comments (0)

Netherlands Calls for EU Safety Standards for Internet of Things Devices | NL Times

November 23rd, 2016

A report from NL Times about calls from the Dutch Democratic Party (D66) for Europe-wide safety standards for devices connected to the Internet of Things. From the article: Devices that do not meet these standards should be banned, parliamenterian Kees Verhoeven said in an interview with He will submit a proposal addressing this to Dutch parliament next week. The European Commission is currently investigating whether such safety standards are an attainable goal. But the D66 thinks that the Netherlands can already take some steps to increase safety itself, such as a Dutch label that can inform consumers about the security on their devices. “This subject requires real attention, because there are so many devices that are increasingly designed to connect to the internet”, Verhoeven said to the newspaper. “In the Netherlands we can already take steps to ensure that people buy advices that at least have a greater chance […]

Definitive Guide to DLP

Posted in Internet of things, Netherlands, standards, Top Stories | Comments (0)

IBM Launches Watson Internet of Things Consulting Practice

November 23rd, 2016

In-brief: IBM unveiled IoT focused consulting services to encourage use of its Watson IoT platform. The company is targeting industries including automotive, insurance, retail and electronics.  A note over at eWeek that IBM this week unveiled a new Watson IoT (Internet of Things) Consulting Solution. The full IBM announcement can be found here. The new consulting services will make a network of some 1,500 experts available at centers around the globe to help IBM customers develop Internet of Things products that use its Watson IoT platform, IBM said. Among them: data scientists. design and security experts. IBM is targeting industries such as automotive, electronics, industrial products, insurance, retail, telecommunications and transportation, the company said. The Watson IoT platform comprises a range of features, including software development kits (SDKs) that link it to IBM’s Bluemix cloud platform, IBM’s blockchain platform, data from the company’s Weather Company division and more. Recently, the company has added […]

Definitive Guide to DLP

Posted in automobile, Automotive, Big Data, electronics, Insurance, Internet of things, machine learning, Platform, software, standards, Top Stories, watson, Watson IoT | Comments (0)

Open Source IoT Standards IoTivity and AllJoyn Merge

October 11th, 2016

In-brief: Two, prominent Internet of Things standards: IoTivity and AllJoyn are merging, according to an announcement on Wednesday. Industry standards for securing the fast-growing Internet of Things space have been popping up like daisies in the Spring in recent years. That has led to concern about paralysis as would-be think makers weigh the merits of competing standards, or opt for one IoT security standard, only to find their product isolated from other would-be ecosystem partners that opted for a different standard. Those concerns were eased, somewhat, on Monday with word that two of the main IoT security standards groups, the Open Connectivity Foundation (OCF) and the AllSeen Alliance were merging under the OCF banner. The deal will help “advance interoperability between connected devices from both groups,” the OCF said in a statement. Open Connectivity Foundation sponsors the IoTivity open source project. AllSeen Alliance is the creator of the AllJoyn® open source IoT framework. Released in early […]

Definitive Guide to DLP

Posted in AllJoyn, Allseen Alliance, Internet of things, IoTivity, Open Source, Platform, Reports, standards | Comments (0)

Thread Group, Open Connectivity Foundation Collaborate on Connected Home

August 1st, 2016

In-brief: The Thread Group and the Open Connectivity Foundation (OCF) announced that the two alliances will be working together to “advance the adoption of connected home products.” In the crowded field of emergent IoT  standards, there’s been a bit of consolidation, at least in the arena of connected (“smart”) home products. Last week, The Thread Group and the Open Connectivity Foundation (OCF) announced that the two alliances will be working together to “advance the adoption of connected home products.” The two groups note that they share many of the same members. The Thread Group, which was launched in July, 2014,  counts ARM, Freescale, Google’s Nest, Qualcomm and Samsung as supporters.  OCF, which launched in February of this year, also counts Samsung and Qualcomm as members in addition to Microsoft, Intel and others. Companies who belong to both groups will benefit from the liaison, as the groups work toward developing and promoting inter-operable standards […]

Definitive Guide to DLP

Posted in Breaking Security News, connected devices, Internet of things, IoTivity, Open Connectivity Foundation, smart home, standards, Thread Group, Top Stories | Comments (0)

ZigBee, Thread Group to Drive IoT Standards Interoperability

January 8th, 2016

eWeek reports that the ZigBee Alliance and Thread Group, two industry groups working on standards for the Internet of things space will roll out an offering that will integrate the work of both consortiums later in the year. From the article: ZigBee’s Common Application Library will be compatible with the Thread Group’s IP networking layer. A complete solution that includes a certification program will be in place by the third quarter, according to ZigBee officials. The solution that will enable ZigBee-based products to use the Thread networking protocol, according to eWeek. Source: ZigBee, Thread Group to Drive IoT Standards Interoperability

Posted in connected devices, critical infrastructure, Internet of things, smart infrastructure, standards, Thread Group, Top Stories, Zigbee, ZigBee 3 | Comments (0)