Bitbucket is announcing an upgrade in Transport Layer Security, effectively on August 3rd.
I've searched github GitAhead's page and also in libgit2 (github and stackoverflow) about TLS 1.3 support but found nothing.
Does anyone knows if GitAhead will work after that? If not, can anyone point me in some direction to look up the answer?
I believe it will already be fully supported. GitAhead uses its own bundled OpenSSL version 1.1.1 in most cases, which has support for TLS v1.3. On macOS it also uses the system SecureTransport, which I expect will also have support on recent versions of the OS.
Related
I've got an ionic 3 hybrid/cordova app that uses the cordova-plugin-ionic-webview plugin (which will use WKWebView in iOS). I've historically always used an old version of this plugin due to compatibility issues (#1.2.1). Suddenly today, new builds started having issues where my app was sending origin: null for the origin headers on http requests. I've read of others having this issue too, but it's clear by the docs that this plugin has had iterations of doing other flavors of origins (but not null).
I decided to upgrade and see what happened. I upgraded to the latest 2.x version (#2.3.1). I got the same result. I then removed this plugin (which I believe uses a non-WkWebView webview), and everything works again, but I want to use this plugin for the performance benefits.
Up until today I believe the origin was always http://localhost:8080 on iOS. Has anyone else seen the origin get set to null with this plugin? Any ideas why or how to fix it?
I tracked this down to an incompatibility with the 1.11.16 version of the cordova-plugin-code-push plugin. Seems that this plugin is stepping on the origin when the cordova-plugin-ionic-webview plugin is used. This is a fairly recent change - not sure which version made this start happening. The 1.11.14 and 1.11.16 releases both note messing with the ionic wkwebview plugin support.
I opened an issue here: https://github.com/Microsoft/cordova-plugin-code-push/issues/489
I have an NDIS 5.x Passthru driver that was adapted from this sample. Obviously NDIS 6 has been available for quite some time, rendering 5.x obsolete, but backward compatibility has allowed the driver to continue to run in up to and including Windows 8.1 so the code has not been updated.
Now the same driver does not function on Windows 10. (Edited to add: The driver loads, but "netcfg /b" shows that it did not bind to any adapters.) The sys file is the same, installed the same way and with the same signature that works in Win8.1. I can't find any official source that NDIS 5.x compatibility has been removed from Windows 10, but I do find several people with the same problem who are speculating that is the case.
Do we know officially if NDIS 5.x compatibility been removed from Windows 10, and/or is there some kind of compatibility mode that can be activated to allow me to keep using my existing driver until I come up with Plan B?
No, NDIS backward compatibility was not removed in Windows 10. A new network class Installer called NetSetup was added with a shim for the old NetCfg calls. Apparently, there's a bug in the shim that causes drivers like mine to install but not bind to any adapters. They're assigning someone to work on it, and I will update this answer when there's a resolution.
Edited to add: Microsoft has decided not to resolve this issue because few are affected by it.
I packaged my addon and tested in firefox 31 , it worked fine.
I try to install it on firefox 21 , I got an error mentioning invalid package addon/sdk/window
my question is how could i include packages so that it could work on firefox 21?
Any ideas?
Thanks
I dont think that will be supported, as firefox is improving day by day, and changes in the version of SDKs also.
Also, the firefox v21, must not be supporting the SDK packed addons. You should create them using XUL.
cfx has the option --force-use-bundled-sdk to bundle the sdk libraries themselves with the XPI, but that doesn't guarantee that those modules will work in older firefox versions
You could also wrap the module require() in try-catch blocks and use older APIs on failure. I think some modules were renamed over time
Also, FF21 is long out of support. At the time of writing 31.4.0esr is the oldest still maintained release.
I'm starting to dive into a customer requirement that we use FIPS 140-2 for data at rest and data in transit. From my (limited) reading so far, it sounds like iOS 7 and up have FIPS support built in. I've also seen articles on the subject (iOS with FIPS) point to building OpenSSL and including that in your project to get FIPS support. I'm not sure why OpenSSL is necessary if FIPS is already included in iOS 7+. Am I missing something?
At the time of this writing OpenSSL FIPS is pretty much broken for newer Apple devices and versions of iOS past 6, because getting it to compile requires heavy modification of the build process, which is absolutely disallowed for FIPS compliance. You get a library, but not FIPS compliance unless you re-certify. Try stepping through the documented build process to observe the minefield. Community contributions to help resolve the issues have not been incorporated. It is also not very secure because it isn't responsively updated for threats. Heartbleed will be with us for years, but CommonCrypto turns on a dime in comparison, being re-certified as needed and updated along with other OS updates. Use Apple CommonCrypto.
One of the many threads about why it is broken: https://groups.google.com/forum/#!topic/mailing.openssl.users/V_HITNhWaDA
A related(not duplicate) question by me. The only answer breaks FIPS compliance.
Unknown cpu type when compiling OpenSSL FIPS Capable libraries for arm64 or arm7s
Unless you need some functionality that is in OpenSSL that is not in Common Crypto use Common Crypto.
The reason that Apple no longer supplies OpenSSL is due to many instances where SSL is not backward compatible and an Apple supplied current version may not be compatible with an app that was built with an earlier version.
Further, Common Crypto uses the build-in hardware crypto and OpenSSL may not.
Why use OpenSSL for FIPS 140-2 vs relying on CoreCrypto on iOS?
OpenSSL is available on a wider array of iOS platforms. For example, OpenSSL includes iOS 5 through iOS 7 using the A4 through A6 processors. There are more iOS validations, but they have not been given to the public under Certificate 1747. For example, the foundation already has an iOS 8 validation in progress.
In addition, OpenSSL is available on non-Apple platforms. The latter is appealing because the means the same code base can be used on multiple platforms, including Windows, Linux and Android.
Apple got its first validation on May 2013, which meant there was nothing available from Apple from 2010 to summer of 2013. That was a big void. Apple still only provides a validated module up to iOS 7.
And during the time of missing vendor support, Apple made it appear they had a validated module through their marketing literature. (Apple had a "Module In Progress", which is different than a "Validated Module". And it took them years to get it validated, which was kind of unheard of).
As someone who follows these things, Apple's tactics from 2010 through 2013 were clearly meant to confuse those who were looking for FIPS 140 validated modules. (I wrote to the CMVP about Apple's despicable practices. The CMVP will request a Cease and Desist order for vendors like Apple. Apple is not the only vendor to confuse and lie to folks - CipherCloud did it too).
ReSharper 6.0 seems to be conflicting with Symantec Endpoint Protection on my XP Pro SP3 machine at work. It causes the machine to automatically reboot after I randomly do things with ReSharper. If I uninstall 6.0 and install 5.1.3, I see no problem whatsoever.
Anyone else ever encounter this? Anyone know of a solution that would allow me to use 6.0?
I have already posted this question on the forum over at JetBrains (fyi)
JetBrains UPDATE:
There seems to be other people encountering this same issue (without mentioning Symantec). When anything happens to the issue at JetBrains, I will update this question here on stack!
Thanks!
Are you seeing any errors in the Windows Event viewer? What features of SEP are installed on this system? You might try disabling one feature at a time to narrow down the cause of this issue. Also check the SEP logs for anything pointing to ReSharper.
Can you tell me What version of SEP are you running?
P.S. I responded to your tweet, so feel free to DM me there if you wish.