Professional IT Consulting in Chicago

We offer professional IT solutions and services.

Things we find useful.

Azure Service Fabric takes first tentative steps toward open source

0

(credit: Microsoft)

Microsoft’s embrace of open source software continues, with Azure Service Fabric making the first tentative foray into the open world. Today, the SDK was (mostly) published to GitHub under the MIT license. The team behind the move described it as the “beginning stages” of a wider use of open source.

Service Fabric, first revealed in 2015, grew out of the infrastructure Microsoft developed to build and run large-scale cloud services, including Azure SQL, Cortana, and Skype for Business. It provides scaling and fault tolerance for services, both stateless and stateful, running in containers across clusters of (virtual) machines. It runs in Azure, naturally, but the runtime is also freely downloadable and can be deployed across on-premises Windows systems, or even onto Windows virtual machines in non-Microsoft clouds. A Linux version of the runtime is currently in development, too.

Microsoft has already been using GitHub for tracking feature requests and bugs within Service Fabric. Users of the runtime have expressed a greater interest in the design and features of Service Fabric, and opening up the SDK is seen as the next step in engaging with the community and helping drive the development direction.

Read 3 remaining paragraphs | Comments

Powered by WPeMatico

How ISPs can sell your Web history—and how to stop them

0

Enlarge (credit: Getty Images | KrulUA)

The US Senate yesterday voted to eliminate privacy rules that would have forced ISPs to get your consent before selling Web browsing history and app usage history to advertisers. Within a week, the House of Representatives could follow suit, and the rules approved by the Federal Communications Commission last year would be eliminated by Congress.

So what has changed for Internet users? In one sense, nothing changed this week, because the requirement to obtain customer consent before sharing or selling data is not scheduled to take effect until at least December 4, 2017. ISPs didn’t have to follow the rules yesterday or the day before, and they won’t ever have to follow them if the rules are eliminated.

But the Senate vote is nonetheless one big step toward a major victory for ISPs, one that would give them legal certainty if they continue to make aggressive moves into the advertising market. The Senate vote invoked the Congressional Review Act, which lets Congress eliminate regulations it doesn’t like and prevent the agency from issuing similar regulations in the future. For ISPs, this is better than the FCC undoing its own rules, because it means a future FCC won’t be able to reinstate them.

Read 44 remaining paragraphs | Comments

Powered by WPeMatico

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs

0

Enlarge (credit: Nyttend)

In a severe rebuke of one of the biggest suppliers of HTTPS credentials, Google Chrome developers announced plans to drastically restrict transport layer security certificates sold by Symantec-owned issuers following the discovery they have issued more than 30,000 certificates.

Effective immediately, Chrome plans to stop recognizing the extended validation status of all certificates issued by Symantec-owned certificate authorities, Ryan Sleevi, a software engineer on the Google Chrome team, said Thursday in an online forum. Extended validation certificates are supposed to provide enhanced assurances of a site’s authenticity by showing the name of the validated domain name holder in the address bar. Under the move announced by Sleevi, Chrome will immediately stop displaying that information for a period of at least a year. In effect, the certificates will be downgraded to less-secure domain-validated certificates.

More gradually, Google plans to update Chrome to effectively nullify all currently valid certificates issued by Symantec-owned CAs. With Symantec certificate representing more than 30 percent of the Internet’s valid certificates by volume in 2015, the move has the potential to prevent millions of Chrome users from being able to access large numbers of sites. What’s more, Sleevi cited Firefox data that showed Symantec-issued certificates are responsible for 42 percent of all certificate validations. To minimize the chances of disruption, Chrome will stagger the mass nullification in a way that requires they be replaced over time. To do this, Chrome will gradually decrease the “maximum age” of Symantec-issued certificates over a series of releases. Chrome 59 will limit the expiration to no more than 33 months after they were issued. By Chrome 64, validity would be limited to nine months.

Read 7 remaining paragraphs | Comments

Powered by WPeMatico