Microsoft will soon release …scheduled for general release in April 2020.
Furthermore, the new Edge isn’t restricted to Windows 10 PCs, and Microsoft has released versions for Android, iOS and macOS. It appears as though a version for Linux is on the way as well (to the surprise and confusion of open source fans). With all the major platforms covered, the new Edge is well worth considering as your new primary browser.
It’s just a shame that it’s pushed so hard within Windows itself, which can be off-putting if you’ve chosen another browser as your default.
Chrome 77, which is due out in September, sites that use Extended Validation (EV) certificates will no longer have a space in the address bar to display the site owner’s name.
Something similar is happening in desktop Firefox 70, scheduled for an October release, will be the same.
Mozilla and Google are moving the EV information to behind the padlock icon, which users can click on to view certificate information. Mozilla says its change to EV indicators is about “reducing the exposure of EV information while keeping it easily accessible”.
Certificate vendors could charge more for EV certificates to owners of HTTPS websites, such banks and e-commerce sites, which would undergo an extended validation process.
Google explains that its new approach to EV certificate indicators in Chrome 77 is because the Chrome Security UX team “has determined that the EV UI does not protect users as intended”.
“Users do not appear to make secure choices (such as not entering password or credit card information) when the UI is altered or removed, as would be necessary for EV UI to provide meaningful protection,” Google says.
Additionally, EV indicators are an example of “positive indicators”, such as the padlock that still Chrome uses to indicate an HTTPS site.
Chrome will eventually remove the padlock icon for HTTPS sites and has already started instead to emphasize a red ‘Not secure’ warning for all HTTP sites. Firefox 77 will also follow Google Chrome’s lead on ‘not secure’ alerts for HTTP sites.
A group of election security experts have found what they believe to be nearly three dozen backend election systems in 10 states connected to the internet over the last year, including some in critical swing states. These include systems in nine Wisconsin counties, in four Michigan counties, and in seven Florida counties—all states that are perennial battlegrounds in presidential elections.
Some of the systems have been online for a year and possibly longer. Some of them disappeared from the internet after the researchers notified an information-sharing group for election officials last year the researchers told Motherboard.
Votes are generally stored on memory cards inside the voting machines at polling places. After an election, poll workers remove these and they’re driven to county election offices. However, some counties want to get their results faster, so they use wireless modems, either embedded in the voting machines or externally connected to them, to transmit the votes electronically. The system that receives these votes, called an SFTP server, is connected to the internet behind a Cisco firewall.
For security reasons, the SFTP server and firewall are only supposed to be connected to the internet for a couple of minutes before an election to test the transmission, and then for long enough after an election to transmit the votes. But the researchers found some of the systems connected to the internet for months at a time, and year-round for others, making them vulnerable to hackers.
Senator Ron Wyden (D-Oregon) said the findings are “yet another damning indictment of the profiteering election vendors, who care more about the bottom line than protecting our democracy.” It’s also an indictment, he said, “of the notion that important cybersecurity decisions should be left entirely to county election offices, many of whom do not employ a single cybersecurity specialist.”
“Not only should ballot tallying systems not be connected to the internet, they shouldn’t be anywhere near the internet,” he added.
The DEF CON 27 IoT Village, organized by security consulting and research firm Independent Security Evaluators (ISE) will highlight the significant challenges of security and privacy within this universe of devices on August 8-10, Eldorado Ballroom at the Las Vegas Flamingo Hotel.
IoT Village is now the premier platform for the IoT hacking community to inform manufacturers and consumers about new vulnerabilities research. The past six years, IoT Village has established a worldwide reputation at DEF CON, the largest gathering for hackers, and has showcased over 50 speakers who have exposed more than 300 vulnerabilities. IoT Village has educated countless attendees and sponsors about the most innovative techniques to both hack and secure IoT.
A week ago Verizon caused a major BGP misroute that took out huge chunks of the Internet, including CDN company Cloudflare, partially down for a day.
Facebook and its properties WhatsApp and Instagram have suffered widespread outages relating to image display for most of today. The problem seems to be bad timestamp data being fed to the company’s content delivery network (CDN) in some image tags.
Twitter has suffered some as-yet-unexplained disturbances as well. The outages appear to be mostly in the Eastern United States and Europe, with few or no reports shown in other regions on several third-party outage-tracking sites.