maemo.org - Talk
Page 2 of 26 1 2 3412 Last »
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Maemo 5 / Fremantle (https://talk.maemo.org/forumdisplay.php?f=40)
-   -   Announcement - PR1.3.1 official security update (https://talk.maemo.org/showthread.php?t=79400)

crash16 2011-10-26 21:32
Re: Announcement - PR1.3.1 official security update
 
Quote:
Originally Posted by patlak (Post 1114233)
Elop has watched inception. He thinks we'll buy a WP out of sheer excitement for the update.
dude! I think you are watching to many movies!:))))

Rob1n 2011-10-26 21:33
Re: Announcement - PR1.3.1 official security update
 
Quote:
Originally Posted by kralde (Post 1114216)
A little question...what is the DigiNotar issue? X_X
The DigiNotar Certificate Authority got hacked and a lot of SSL certificates were issued for common sites (google, microsoft, amazon, etc), allowing the hackers to pretend to be these sites without the user being able to tell there's a problem. It took DigiNotar a long while to find they'd been hacked, and even longer to admit that they didn't really know how many (and which) certificates had been issued.

The end result is that DigiNotar have been blacklisted by all the browsers (which is what this update will add for the Maemo browser), preventing any certificates signed by them from being accepted. The company has since (inevitably) gone out of business.

The suspicion is that Iranian hackers (possibly government sponsored) were behind this - there's certainly evidence of a huge increase in related lookups from Iran shortly after this hack.

You can see a preliminary post-mortem on this attack here.

kralde 2011-10-26 21:36
Re: Announcement - PR1.3.1 official security update
 
wow, pretty good explanation, thanks a lot

PMaff 2011-10-26 21:38
Re: Announcement - PR1.3.1 official security update
 
Quote:
Originally Posted by kralde (Post 1114216)
Amazing...

A little question...what is the DigiNotar issue? X_X
You may want to look at this:
http://talk.maemo.org/showthread.php?t=76178

Alfred 2011-10-26 21:43
Re: Announcement - PR1.3.1 official security update
 
At least nokia cares about our safety...

PMaff 2011-10-26 21:50
Re: Announcement - PR1.3.1 official security update
 
Quote:
Originally Posted by Alfred (Post 1114246)
At least nokia cares about our safety...
Not to be picky but there is a difference between safety and security.
;-)
Simple:
http://en.wikipedia.org/wiki/Safety

http://en.wikipedia.org/wiki/Security
http://en.wikipedia.org/wiki/Computer_security

Mr. Incredible 2011-10-26 21:55
Re: Announcement - PR1.3.1 official security update
 
I'm using CSSU. So I should skip the official Nokia update and wait for the CSSU update, am I right?
Are there any benefits or disadvantages doing so?

Estel 2011-10-26 21:59
Re: Announcement - PR1.3.1 official security update
 
first question: yes.
Second question: no.
Silly Joke: they'll ship flash 10.1 with this update ;)

vetsin 2011-10-26 22:06
Re: Announcement - PR1.3.1 official security update
 
MAG
since it seems like you're in touch with Nokia regarding this Diginotar security issue, is it possible for you to tell them about the Flash security issues posted in this thread: talk.maemo.org/showthread.php?t=77439?
(i'm totally confused why Flash on maemo cannot be updated when it's possible on NITDroid. it's the same device on different OS... is it because Nokia's not willing to pay Adobe or something else?)

PMaff 2011-10-26 22:07
Re: Announcement - PR1.3.1 official security update
 
Quote:
Originally Posted by Estel (Post 1114254)
Silly Joke: they'll ship flash 10.1 with this update ;)
Well now my monitor is full of beer.
;-)


All times are GMT. The time now is 01:18.
Page 2 of 26 1 2 3412 Last »
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8