Google protects its current HTTPS traffic against future attacks

Google has modified the encryption method used by its HTTPS-enabled services including Gmail, Docs, and Google+, in order to prevent current traffic from being decrypted in the future when technological advances make this possible.
The majority of today's HTTPS implementations use a private key known only by the domain owner to generate session keys that are subsequently used to encrypt traffic between the servers and their clients.
This approach exposes the connections to so-called retrospective decryption attacks. "In 10 years time, when computers are much faster, an adversary could break the server private key and retrospectively decrypt today's email traffic," explained Adam Langley, a member of Google's security team, in a blog post.
In order to mitigate this relatively low, but real security risk, Google has implemented an encryption property known as forward secrecy, which involves using different private keys to encrypt sessions and deleting them after a period of time.
In this way, an attacker who manages to break or steal a single key won't be able to recover a significant quantity of email traffic that spans months of activity, Langley said. In fact, he pointed out that not even the server admin will be able to decrypt HTTPS traffic retroactively.
Because SSL wasn't designed to support key exchange mechanisms capable of forward secrecy by default, the Google engineers had to design an extension for the popular OpenSSL toolkit. This was integrated into OpenSSL 1.0.1, which has yet to be released as a stable version.
The new Google HTTPS implementation uses ECDHE_RSA for key exchange and the RC4_128 cipher for encryption. Unfortunately, this combination is only supported in Firefox and Chrome at the moment, which means that HTTPS connections on Internet Explorer will not benefit from the added security.
This isn't necessarily a problem with Internet Explorer, which does support a combination of EDH (Ephemeral Diffie--Hellman) key exchange and RC4. EDH also provides forward secrecy, but Google chose ECDHE (Elliptic curve Diffie--Hellman) instead for performance reasons.
The company plans to add support for IE in the future and hopes that its example will encourage other service providers that use HTTPS to implement forward secrecy so that one day it can become the norm for online traffic encryption.

"Steve Jobs had personal moral failures, was no role model",says Dobrin

While everyone is admiring the legacy left behind by Steve Jobs, a professor of applied ethics at Hofstra University has joined the crew of Jobs-knockers, to say that the Apple CEO because of his well-documented bad behaviour.
Blogging on Psychology Today, Arthur Dobrin told readers that he would not be joining in on "the chorus of hosannas" praising Jobs. And that's because Steve was a very naughty boy...
Dobrin writes:
    His heroic status is seriously undermined by his personal moral failures, and it this which prevents me from holding him up as an icon for young people.
Turn away now children...
    Where there is no vision, a people perish, the New Testament says. But it isn't any vision that people need for sustenance. It is a moral vision that is essential.
Top of the hit list is Steve's much-discussed poor treatment of his first daughter; according to the recent Walter Isaacson biography, he had refused to acknowledge paternity until compelled to do so by a court order.
Dobrin pulls other incidents out of the Isaacson tome, including the great man's fussiness about the flowers in his hotel room, his habit of parking in handicapped spaces and tendency to break the speed limit and then yell at cops writing him speeding tickets that they weren't doing it fast enough.
Dobrin also vaguely blames Jobs for the "culture of the internet", though we feel that the decency doyen is on shakier ground here: "The impact of Apple's works on our social life is ambiguous, making us more connected to the larger world and alienated from our immediate surroundings, both at the same time. Just think of the person across from you at a table who is texting a friend from across the world."
Could be something to do with Dobrin's small talk?
However on the fraught question of whether visionary genius must accompanied by Jobs' brand of single-minded narcissism, the psychologist has no further insight to offer us:
Whether genius requires such narcissism is an open question. But if we are to venerate Steve Jobs, let's not be fooled into thinking that he was a good person.

This is getting interesting you would agree!

Oracle WebLogic 12c cloud-themed application server on the way!!!

TopGists can confirm that Oracle is planning to announce the next version of its flagship WebLogic application server during an online event Dec. 1, according to information on the company's website.
WebLogic Server 12c, in which the 'C' appears to be shorthand for "cloud," will succeed version 11g, which was first released in July 2009.
"Today most businesses have the ambition to move to a cloud infrastructure," Oracle said in a statement on its site. "However, IT needs to maintain and invest in their current infrastructure for supporting today's business. With Oracle WebLogic ... we provide you with the best of both worlds."
WebLogic 12c will be key to Oracle's Exalogic application server appliance, which has so far been overshadowed by the Exadata database machine, as well as its recently announced public cloud service.
Customers will be able to build out private clouds with Exalogic as well as use Oracle's WebLogic-based public cloud service, while easily moving the applications back and forth, according to Oracle.
Features of WebLogic 12c include Java EE 6, Active GridLink for RAC (Real Application Clusters), Traffic Director, and Virtual Assembly Builder, Oracle said.
Hasan Rizvi, senior vice president, Oracle Fusion Middleware and Java, is scheduled to speak during the event along with other executives. Oracle is also planning to run a "developer deep dive" event on the same day.
Current pricing for the high-end WebLogic Suite is $45,000 per processor, plus $9,900 in annual support. It wasn't immediately clear whether Oracle will institute a price increase upon 12c's release.
WebLogic 12c will compete with a variety of other Java application servers, including Red Hat's JBoss and IBM's WebSphere, as well as Oracle's own GlassFish, which was acquired through the purchase of Sun Microsystems.
GlassFish costs $5,000 per processor along with $1,100 in yearly maintenance fees, or about half as much as WebLogic Server Standard Edition. There is also a community-supported version of GlassFish available at no charge.

Who could have sponsored the Duqu computer virus project?

As experts learn more about the Duqu computer virus it becomes increasingly clear that the latest high-profile cyber bug poses no direct threat to most people.
But with it’s complex design and mysterious origins, Duqu is still captivating many.
The virus was first discovered by researchers two weeks ago, but appears so sophisticated that it could only have been created by a well-funded team of expert hackers, says Vancouver-based computer security expert Chet Wisniewski.
That knowledge in turn fuels speculation about exactly who might have bankrolled this project.
A government?
A military contractor?
An evil billionaire with political aspirations?
“It’s very sexy and 007-like,” says Wisniewski, a senior security advisor at Sophos Canada. “As researchers we’re all intrigued. It takes a lot of resources to develop something like this.”
On Thursday, security research from the computer security firm Symantec revealed that hackers had been using a Belgian server to mine data from computers infected with the Duqu virus, and said a similar operation had already been shut down in India.
So nine countries, including Sudan, Belgium and Vietnam, have had confirmed reports of the Duqu virus, but Wisniewski says the odds of the bug infecting any individual’s computer are almost non-existent because the bug can’t transfer from machine to machine the way standard viruses do.
And it’s not built to behave the way normal viruses behave, melting hard drives and erasing stored files.
Instead, the people spreading the Duqu virus target specific computers that contain sensitive information they want to steal.
Then they steal it.
In that sense Duqu is less like the viruses that cause regular people headaches and more like the Stuxnet worm, which experts suspect disabled a nuclear reactor where the United States claimed Iran was running a secret nuclear weapons program.
But just how often do virus attacks like these happen?
Almost never, according to the numbers.
Microsoft’s Security Intelligence Report says attacks like Stuxnet and Duqu represent too small a fraction of cyber attacks to represent statistically.
But those figures aren’t air tight.
Winsiewski points out that the people employing the Duqu virus target intelligence agencies, military contractors and chemical companies, all entities unlikely to broadcast news of security breaches.
“If this were to happen to CSIS, they’re not going to go out and say anything about being hacked,” Wisniewski says.

Personally i wouldn't be surprised if none of the speculated above is the sponsor. It could be one of these big software developing firms we all know.

Anyways,let's forget Duqu and enjoy Salah.

Barka de salah to all the moslems in d house.

K Computer: The Fastest computer in the world

Hi Guyz,

It's been a while; you would say. Banky has been damn busy of late. This cashless Lagos project has sucked up all my time in the last few weeks. Thank God the pressure is bearable now.

One gist have got for you is about the fastest computer in the world at the moment.It's called the K Computer and it's topping 10 Petaflops.

The K supercomputer just got a bit quicker—boosting its computational output to 10.5 quadrillion calculations per second and making it the speediest number-crunching system on the planet.

The K Computer was built by the Japanese Ministry of Education, Culture, Sports, Science, and Technology (MoMESST) in conjunction with the Fujitsu Corporation and specifically aimed towards breaking the 10 petaflop barrier.

It employs processing clusters of over 88,000 specially-designed HPC Fujitsu SPARC64 VIIIfx chips as well as 864 server racks to perform its computational feats. The K currently resides at Fujitsu's RIKEN lab in Kobe, Japan.

According to industry benchmarks, the K computer is performing at 93 percent efficiency. However, given that it burned through $9.89 million of electricity yearly when it ran at just one petaflop, I'd rather not see the lab's current utility bill...lol.

Enjoy ur holiday!