Go 1.2’s Coming, iOS7’s Multipath, RSA’s Aaargh and Tails’ Updates – Snippets

Snippets.png

  • Go 1.2’s coming: The first release candidate for Go 1.2 has been released. Lots of changes though the developers say its “a smaller delta from 1.0 to 1.1”. Read up on whats coming in the Go 1.2 Release notes and look out especially for the changes in the use of nil. If you want to test it, downloads are at the project’s Google Code page.
  • iOS7’s Multipath: There’s a difference between having code that works and having code in production and according to NetworkWorld Apple just made that jump with iOS7 and Multipath TCP. MPTCP lets multiple interfaces, such as Ethernet, WiFi and 3G, and different paths work together to get to a connection to a destination. Apple are using MPTCP to talk to their backend services and it’ll be interesting to see how this works out in the field.
  • RSA’s Aaargh: The RSA have reacted to the NIST pulling Dual EC DRBG, the cryptographic algorithm that has been historically dubious and believed to have been compromised by the NSA at specification stage, in for review by issuing an advisory. The advisory’s bad news covers “all versions of RSA BSAFE Toolkits, including all versions of Crypto-C ME, Micro Edition Suite, Crypto-J, Cert-J, SSL-J, Crypto-C, Cert-C, SSL-C”. The really bad news? “The currently released and supported versions of the BSAFE libraries (including Crypto-J 6.1.x and Crypto-C ME 4.0.x) and of the RSA DPM clients and servers use Dual EC DRBG as the default PRNG”. Yes, as a default. Background in this Ars Technica article where one of the comments has the full text of the advisory. If you use RSA crypto, start your audit now.