Hello folks.
We are in the middle of upgrading security settings on keyservers and our firewalls, so it is causing a little bit of a delay. In specific, for those of you who are sniffing your own connections, you can tell that the SSH keys were being rejected by the server. No worries, it is fixed.
In addition, I am informed that 2.0.0.5a has been pushed live, even though we are displaying 2.0.0.4a. I'll change that in a bit.
One thing that didn't get implemented in 2.0.0.5a, which mozilla pushed without any beta, was http/https routing past corporate firewalls/proxies for XeroBank Plus. We'll get to that with 2.0.0.5b probably in the next couple days, but it requires some on the fly PuTTY profile generation which is tricky.
Another security idea was instead of relying on file-stored ssh host keys, we wipe them and regenerate them at every instance. So even if the user has somehow added a bad hostkey for an attacker, it gets destroyed when the xB Browser is restarted.
We are also working on a clever way of identifying our customers through support so we can help them if they need help on their account. I think it would work where they request help on something, and if it requires their username or order receipt, they enter in their password and it decrypts the username field so we can find out who they are. Yes, that's right, even our support is anonymized from us! I'm going to think about that for a bit, perhaps there is something even more elegant.
Steve
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment