Microsoft: As of October, 1024-Bit Certs Are the New Minimum

way2trivial writes with this snippet from Information Week about a warning from Microsoft reminding Windows administrators that an update scheduled for October 9th will require a higher standard for digital certificates. "That warning comes as Microsoft prepares to release an automatic security update for Windows on Oct. 9, 2012, that will make longer key lengths mandatory for all digital certificates that touch Windows systems. ... Internet Explorer won't be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won't be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications."

Happy Sunday from the Golden Girls!

Thank you for being a friend
Traveled down the road and back again
Your heart is true, you're a pal and a cosmonaut.

And if you threw a party
Invited everyone you knew
You would see the biggest gift would be from me
And the card attached would say, thank you for being a friend.

open source

[Hazel+Bergeron]

I don't really understand how anyone can care whether a closed source operating system is secure.

No matter how few people actually read through the Linux kernel code, it's sufficiently open that blatant backdoors are not going to be inserted. Why would I assume the same of Windows or (yet worse, because they have some quasi-religious thing going on) OS X?

Re:open source

[Hazel+Bergeron]

Yeah, I used to compile my own kernel on my OS X machines. Insufficient, but better than nothing.

Re:open source

[Hazel+Bergeron]

It's possible to identify final contributions to the Linux kernel.

So, like I asked, how many at least report to MS on bugs in Windows source?

Re:First!

Ha! Beat by some little old ladies!