It's 2018, and network middleware still can't handle TLS without breaking encryption

ZDNet

An academic study published last month shows that despite years worth of research into the woeful state of network traffic inspection equipment, vendors are still having issues in shipping appliances that don't irrevocably break TLS encryption for the end user. Encrypted traffic inspection devices (also known as middleware), either special hardware or sophisticated software, have been used in enterprise networks for more than two decades. System administrators deploy such appliances to create a man-in-the-middle TLS proxy that can look inside HTTPS encrypted traffic, to scan for malware or phishing links or to comply with law enforcement or national security requirements. All such devices work in the same way, creating a TLS server on the internal network and a TLS client on the external network. The TLS server receives traffic from the user, it decrypts the connection, allows the appliance to inspect the traffic, and then re-encrypts and relays the connection to the intended server by mimicking the browser via its own TLS client.


Microsoft's blockchain project Bletchley offers services to access off chain data

#artificialintelligence

Marley Gray, director of blockchain business development and strategy at Microsoft, posted an update to GitHub in June 2016 providing an overview of Bletchley. This white paper was published six days after Microsoft's announcement of Project Bletchley on June 15, 2016, and goes on to say that Project Bletchley is a set of tools for supporting SmartContracts on the blockchain, enabling secure access to off-chain information. The project supports open standards for protocol-level implementations of peer-to-peer networking, consensus, database and virtual machines are vital to establish trust within a blockchain ecosystem. Bletchley is a middleware tool set for developers and provides an ecosystem to enable implementing identity, security, cryptography, scale, tooling, management, monitoring and reporting for both on and off the blockchain. What Bletchley offers is performance flexibility for core, kernel and universal protocols.


Machine learning comes to your browser via JavaScript

#artificialintelligence

Developed by a team of MIT graduate students, TensorFire can run TensorFlow-style machine learning models on any GPU, without requiring the GPU-specific middleware typically needed by machine learning libraries such as Keras-js. TensorFire is another step towards making machine learning available to the broadest possible audience, using hardware and software people are already likely to possess, and via advances in how accurate model predictions can be served with a fraction of the resources previously needed. TensorFire works using the WebGL standard, a cross-platform system for rendering GPU-accelerated graphics in browsers. WebGL supports GLSL, a C-like language used to write shaders, which are short programs used to transform data directly on the GPU. Shaders are typically used in the WebGL pipeline to transform how graphics are rendered--for example, to render shadows or other visual effects.


Machine learning comes to your browser via JavaScript

#artificialintelligence

Developed by a team of MIT graduate students, TensorFire can run TensorFlow-style machine learning models on any GPU, without requiring the GPU-specific middleware typically needed by machine learning libraries such as Keras-js. TensorFire is another step towards making machine learning available to the broadest possible audience, using hardware and software people are already likely to possess, and via advances in how accurate model predictions can be served with a fraction of the resources previously needed. TensorFire works using the WebGL standard, a cross-platform system for rendering GPU-accelerated graphics in browsers. WebGL supports GLSL, a C-like language used to write shaders, which are short programs used to transform data directly on the GPU. Shaders are typically used in the WebGL pipeline to transform how graphics are rendered--for example, to render shadows or other visual effects.


New Verizon leak exposed confidential data on internal systems

ZDNet

Security researchers have found yet another data exposure at Verizon. Confidential and sensitive documents, including server logs and several instances of credentials for internal systems, were found on an unprotected Amazon S3 storage server controlled by a Verizon Wireless customer, discovered by security researchers at the Kromtech Security Research Center. The server contained several files, mostly scripts and server logs -- some appeared to show usernames and passwords to internal systems. Other folders contained internal Verizon documents, many of which were marked "confidential and proprietary materials," include detailed server and infrastructure maps, server IP addresses, global router hosts, and several scripts that could be used to gain elevated privileges within the system. A portion of the files were shared with ZDNet for verification.