An anonymous reader writes: Google recently announced Chrome will be gradually phasing out support for certificates using SHA-1 encryption. They said, "We need to ensure that by the time an attack against SHA-1 is demonstrated publicly, the web has already moved away from it." Developer Eric Mill has written up a post explaining why SHA-1 is dangerously weak, and why moving browsers away from acceptance of SHA-1 is a lengthy, but important process. Both Microsoft and Mozilla have deprecation plans in place, but Google's taking the additional step of showing the user that it's not secure. "This is a gutsy move by Google, and represents substantial risk. One major reason why it's been so hard for browsers to move away from signature algorithms is that when browsers tell a user an important site is broken, the user believes the browser is broken and switches browsers. Google seems to be betting that Chrome is trusted enough for its security and liked enough by its users that they can withstand the first mover disadvantage. Opera has also backed Google's plan. The Safari team is watching developments and hasn't announced anything."
Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
pbahra writes One of the greatest emotional triggers at any auto-racing event is the noise. In Nascar, it is the earthshaking growl of V8 American muscle. In Formula One, it is the chest-rattling wail of 15,000 rpm. To some the sound is repellent. To others it is like an opera. But what if there is no sound at all? Welcome to the quiet world of Formula E, a global racing series for electric cars, which debuts this month in Beijing.
motang (1266566) writes "Opera released Opera 24 for Linux. Currently it is in testing (developer) mode, and only for 64-bit Ubuntu, but hey it's a start since everyone thought Linux support was abandoned. In my test it is pretty rough around the edges, only has ambiance theme as it has been hard coded, and all the window controls are on the right and not on the left like what Unity has. But it is a start."
An anonymous reader writes This article in The New York Times shows the clash of purists and people who desire to experiment with "new technology" available to them. The geek in me is really curious about this concept of a digital orchestra (with the ability to change tempos, placement of speakers in an orchestra pit, possibly delaying some to line them up ...). I understand that instrumentalists feel threatened, but why not let free enterprise decide the fate of this endeavor instead of trying to kill it by using blackmail and misrepresentation? Isn't there a place for this, even if maybe it is not called opera ... maybe iOpera?
An anonymous reader writes: "It doesn't take a Columbo to figure out that the 'previous employer, a small browser vendor that decided to abandon its own rendering engine and browser stack' is referring to Opera in this comment answering the question 'Do you actually use the product you are working on?' It appears to originate from Andreas Tolfsen, a former Opera developer who is now part of the Mozilla project. From releasing a unified architecture browser including Linux support since 2001, Opera decided to put Linux development on indefinite hold, communicated through blog comments, and focus on Windows and Mac for their browser rewrite centered around the Blink engine that had its first beta release last spring. The promise to bring back the Linux version in due time was met with growing skepticism as the months went by, and clear answers have been avoided in the developer blog. The uncertainty has spawned user projects such as Otter browser in an attempt to recreate the Opera UI in a free application. Tolfsen's statement seem to be in line with what users have suspected all along: Opera for Linux is not something for the near future."
mikejuk writes "Google and Opera split from WebKit to create Blink, their own HTML rendering engine, and everyone was worried about the effect on standards. Now we have the first big example of a split in the form of CSS Regions support. Essentially Regions are used to provide the web equivalent of text flow, a concept very familiar to anyone who has used a desktop publishing program. The basic idea is that you define containers for a text stream which is then flowed from one container to another to provide a complex multicolumn layout. The W3C standard for Regions has mostly been created by Adobe — a long time DTP company. Now the Blink team has proposed removing Regions support to save 10,000 lines of code in 350,000 in the name of efficiency. If Google does remove the Regions code, which looks highly likely, this would leave Safari and IE 10/11 as the only two major browsers to support Regions. Both Apple and Microsoft have an interest in ensuring that their hardware can be used to create high quality magazine style layouts — Google and Opera aren't so concerned. I thought standards were there to implement not argue with." Although mikejuk thinks this is a bad thing, a lot of people think CSS Regions are awful. Mozilla has never intended to implement them, instead offering the CSS Fragmentation proposal as an alternative. One major flaw of CSS Regions is its reliance upon markup that is used solely for layout, violating the separation of content and style that CSS is intended to enforce.
Hugh Pickens DOT Com writes "Dennis Overbye reports in the NY Times that two years ago Richard Dawkins and Lawrence Krauss set off on a barnstorming tour to save the world from religion and promote science. Their adventure is now the subject of The Unbelievers, a new documentary. 'If you think a road trip with a pair of intellectuals wielding laptops is likely to lack drama, you haven't been keeping up with the culture wars,' writes Overbye. The scientists are mobbed at glamorous sites like the Sydney Opera House. Inside, they sometimes encounter clueless moderators; outside, demonstrators condemning them to hellfire. At one event, a group of male Muslim protesters are confronted by counterprotesters chanting, 'Where are your women?' 'Travelogue shots, perky editing and some popular rock music, as well as interview bits with such supportive celebrities as Woody Allen, Cameron Diaz, Sarah Silverman and Ricky Gervais, shrewdly enliven the brainy — but accessible — discourse,' writes Gary Goldstein in the LA Times, 'but mostly the movie is an enjoyably high-minded love fest between two deeply committed intellectuals and the scads of atheists, secularists, free-thinkers, skeptics and activists who make up their rock star-like fan base.' The movie ends at the Reason Rally in Washington, billed as the largest convention of atheists in history. Dawkins looks out at the crowd standing in a light rain and pronounces it 'the most incredible sight I can remember ever seeing' and declares that too many people have been cowed out of coming out as atheists, secularists or agnostics. 'We are far more numerous than anybody realizes.'"
An anonymous reader writes "Remember when Mozilla announced that it would soon block third-party cookies by default? Not so fast. According to a new behind-the-scenes report in the San Francisco Chronicle, 'it's not clear when it will happen — or if it will at all.' Mozilla's leadership is apparently no longer committed to the feature, and the related Cookie Clearinghouse collaboration is delayed well into 2014. Who's to blame? According to Dan Auerbach, Staff Technologist at the Electronic Frontier Foundation, 'The ad industry has a ton of people, basically lobbyists, who spent a lot of time trying to convince Mozilla this was bad for the economy... I think they were somewhat successful.' Not a good showing for the purportedly pro-user organization."
Nerval's Lobster writes with one take on an effort to "make Internet access available to the two-thirds of the world who are not yet connected": "In conjunction with a variety of partners (including Nokia, Opera, Qualcomm and Samsung), Facebook is launching Internet.org, which will try to make Internet access more affordable to more people. The partnership will also work on ways to lower the amount of data necessary to power most apps and Internet experiences, which could help people in areas with poor connectivity access online services, and devise incentives for businesses and manufacturers to offer customers more affordable access. Why would Facebook and its partners want to connect another 5 billion people to the Internet? Sure, there are altruistic reasons — people online can access information that will improve or even save their lives. But for Facebook, more people online equals more ad revenue, which equals more profit. Social networking in the developed world is reaching a saturation point, with a significant percentage of the population already on one (or more) social networks; only by expanding into developing nations can Facebook and its ilk maintain the growth rates that Wall Street demands. In a similar vein, building devices and services accessible via weaker Internet connections would open up a whole new customer base for the app developers and manufacturers of the world. In theory, Internet.org plans on enlisting a variety of nonprofits and 'experts' to help in its effort; but the initial announcement only lists for-profit companies among its constituency. NGOs, academics and the aforementioned experts will apparently arrive 'over time.' So is this effort really charitable, or a cynical attempt to break into new markets?"
sciencehabit writes "The tragic opera Rigoletto may move you to tears, but here's a more literal application of the moving power of sound. Sound waves with frequencies just above human hearing can levitate tiny particles and liquid droplets and even move them around, a team of engineers has demonstrated. The advance could open up new ways to handle delicate materials or mix pharmaceuticals."
wiredmikey writes "Norwegian browser maker Opera Software has confirmed that a targeted internal network infrastructure attack led to the theft of a code signing certificate that was used to sign malware. 'The current evidence suggests a limited impact. The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser,' Opera warned in a brief advisory. The Opera breach signals a growing shift by organized hacking groups to target the internal infrastructure network at big companies that provide client side software to millions of end users."
An anonymous reader writes "Stanford Law School has kicked off a 'Cookie Clearinghouse' web privacy initiative that brings together researchers and browsers. The project aims to provide a centralized and trusted repository for whitelist and blacklist data on web tracking, much like StopBadware does for malware. Mozilla and Opera are collaborating on the initiative, and Mozilla plans to integrate it into Firefox's new default third-party cookie blocking. The leader of an advertising trade group has, of course, denounced the participating browsers as 'oligopolies.'"
hypnosec writes "Opera has released its first Chromium-based, completely re-engineered browser as a preview for Windows and Mac systems (download). The new browser has been given quite a makeover and comes with a refresh of Opera's 'Speed Dial' bookmarking feature. Users can now not only organize their shortcuts into folders, but also group them into folders automatically by simply dragging one bookmark over another. Opera has also included a faster bookmarking tool dubbed 'Stash,' allowing users to return to the links quickly. The new version has combined its search and address bars, allowing users to make searches directly via Amazon, Bing, Google and Wikipedia."
J.J. Abrams’ 2009 reboot of Star Trek was wildly successful. It raked in hundreds of millions at the box office, and revitalized the Star Trek franchise, which had languished for 7 years without a new film and 4 years without a TV presence (after 18 consecutive years of new shows). It also did something no Trek movie had done before; it made Star Trek ‘cool’ in the public consciousness. Combined, those factors ensured Abrams would get another turn at the helm of a Trek movie, and sooner rather than later. With today's release of Star Trek: Into Darkness, that trend is very likely to continue. It's a movie with all the same strengths and weaknesses of its predecessor, and if it worked before, it'll work again. Read on for our review.
AmiMoJo writes "It looks like Mozilla are finally going to remove the much hated blink tag from the Gecko rendering engine that powers Firefox. Work to remove support for the tag, which was always non-standard and is not supported by the most popular HTML layout engines WebKit and Blink (Chrome, Safari, Opera, Android), is progressing and should show up in a future version of the browser." A comment attached to the discussion of this (not completed) move points out the odd possibility that Google's new Blink rendering engine may feature the blink tag via CSS animation, which would be "hilarious/awesome."
An anonymous reader writes "Google on Wednesday made a huge announcement to fork WebKit and build a new rendering engine called Blink. Opera, which only recently decided to replace its own Presto rendering engine for WebKit, has confirmed with TNW that it will be following suit. 'When we announced the move away from Presto, we announced that we are going with the Chromium package, and the forking and name change have little practical influence on the Opera browsers. So yes, your understanding is correct,' an Opera spokesperson told TNW. This will affect both desktop and mobile versions of Opera the spokesperson further confirmed."
New submitter jgb writes "WebKit is, now that Opera decided to join the project, in the core of three of the five major web browsers: Apple's Safari, Google's Chromium and Opera. Therefore, WebKit is also a melting pot for many corporate interests, since several competing companies (not only Google and Apple, but also Samsung, RIM, Nokia, Intel and many others) are finding ways of collaborating in the project. All of this makes fascinating the study of how they are contributing to the project. Some weeks ago, a study showed how they were submitting contributions to the code base. Now another one uncovers how they are reviewing those submitted contributions. As expected, most of the reviews during the whole life of the project were done by Apple, with Google as a close second. But things have changed dramatically during the last few years. In 2012, Google is a clear first, reviewing about twice as much (50%) as Apple (25%). RIM (7%) and Nokia (5%) are also relevant reviewers. Code review is very important in WebKit's development process, with reviewers acting as a sort of gatekeepers, deciding which changes make sense, and when they are conforming to the project practices and quality standards. In some sense, review activity reflects the responsibility each company is taking on how WebKit evolves. In some sense, the evolution over time for this activity by the different companies tells the history of how they have been shaping the project."
Dystopian Rebel writes "A Stanford comp-sci student has found a serious bug in Chromium, Safari, Opera, and MSIE. Feross Aboukhadijeh has demonstrated that these browsers allow unbounded local storage. 'The HTML5 Web Storage standard was developed to allow sites to store larger amounts of data (like 5-10 MB) than was previously allowed by cookies (like 4KB). ... The current limits are: 2.5 MB per origin in Google Chrome, 5 MB per origin in Mozilla Firefox and Opera, 10 MB per origin in Internet Explorer. However, what if we get clever and make lots of subdomains like 1.filldisk.com, 2.filldisk.com, 3.filldisk.com, and so on? Should each subdomain get 5MB of space? The standard says no. ... However, Chrome, Safari, and IE currently do not implement any such "affiliated site" storage limit.' Aboukhadijeh has logged the bug with Chromium and Apple, but couldn't do so for MSIE because 'the page is broken" (see http://connect.microsoft.com/IE). Oops. Firefox's implementation of HTML5 local storage is not vulnerable to this exploit."