Active Topics

 


Reply
Thread Tools
Jaffa's Avatar
Jaffa is offline Jaffa
2010-07-26 , 10:40
Posts: 2,535 | Thanked: 6,681 times | Joined on Mar 2008 @ UK
#1
SSL certificate for bugs.maemo.org expired; over a week and still not fixed

bugs.maemo.org hosts the Bugzilla issue tracking system for Maemo, maemo.org and various Extras products. For security, communication is over HTTPS - so that transfered data (usernames, passwords, etc.) is protected from sniffing and replay attacks. On 17th July its SSL certificate -- the digital signature which lets your browser know it's talking to your bank, or your bug system -- expired. Typically, renewal would happen before the certificate expired so that users wouldn't see dire warnings from their browsers, unfortunately, that hasn't happened here. In bug #10951, Andre Klapper said,
There's nothing that the *maemo.org team* currently can do here. Nokia is aware of this problem since Monday, 19th. They are working on it and I ping from time to time as fixing should not take that long but obviously does (don't ask me why).
Users can bypass the security warnings from their browsers, but encouraging them to do so reduces the overall security of the web, and the users of maemo.org. If people think that invalid certificates are "OK" to ignore, they'll do so when their bank's website has been compromised. If Nokia are the hold up here (because, say, the certificates for maemo.org are purchased through a central department), they are causing excessive risk to their users and putting a barrier between developers and their users at a time when Maemo still needs active developers. One is left wondering, though, that since this has happened before when certificates expire why the maemo.org team didn't start the process with a suitable window before the certificate expired.


Voting open for Maemo Coding Competition

The "Maemo Coding Competition" has, under the auspices of Ryan Faulk, been a grass-roots effort to encourage application development for Maemo 5. The entries are now finalised and it's down to the vote. The aim was to attract new developers to the platform:
If you are new to programming or want to learn, here's the excuse to finally make something. Anything. Qt, PyQt, PyGTK, whatever language you like as long as it's functionally complete, runs safely, easily, and is targeted at the N900 platform.
The voting, in seven categories, is now open on talk.maemo.org to anyone with an account.



In this edition...
  1. Front Page
    • SSL certificate for bugs.maemo.org expired; over a week and still not fixed
    • Voting open for Maemo Coding Competition
  2. Applications
    • Telescope (Maemo 5 style task switching for N8x0) makes it to Extras
    • Hermes phone number support for LinkedIn heading to Extras
    • Full-speed Nintendo64 game (F-Zero X) on N900
    • DreamRemote, DreamBox remote control, now with AzBox support
  3. Development
    • maemo.org wiki progress
  4. Community
    • Qt: Bootstrapping openness
  5. Devices
    • Proof of concept MeeGo Netbook UX on Joggler
    • N900 connection sharing options
  6. Announcements
    • BackupMenu - backup & restore complete OS image
    • Expand PR1.2's USSD support with service codes
    • K9Call - Qt based home-screen widget for T9-dialling of contacts
    • ...and 4 more
__________________
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
 

The Following 7 Users Say Thank You to Jaffa For This Useful Post:
Reply

Tags
mwkn_issue, news_digest

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 18:12.

Contact Us - Home - Archive - Top