Microsoft Refuses WebGL Support
Last Thursday, Microsoft posted an official blog post detailing why "WebGL is not a technology they can endorse from a security perspective" and believes it will "become an ongoing source of hard-to-fix vulnerabilities." Some of the reasons Microsoft cites include:
Overly Permissive hardware functionality exposed to the web.
Relies to heavily on third party security.
Problematic system DoS Scenarios.
Oracle seeking Billions from Google
Two weeks ago, new details surrounding Oracle's case against Google over Java patents revealed that the case could cost Google an amount that would far exceed their Android revenues. On Friday it was revealed that Oracle could be seeking "billions" from Google, based on their revenue from Android. Google "calls Oracle's analysis in question", saying that advertising revenue should be taken out of Oracle's calculation. More details can be found over at The H.
Chrome 13 and 14 Add New Security Measures
The two new version Google's Chrome browser will be introducing a number of new security features. Some of the new security features for Chrome 13 include:
Blocking HTTP auth for subresource loads
Built-in Certificate pinning and HSTS
Chrome 14 will block sites that mix scripts from HTTPS and HTTP source by default, and add DNSSEC validations of HTTPS sites. Details on each of these new features can be found at the official Google Chrome blog.
Thank you to user tayyabzzz for this week's top link: a tutorial on how to make a dropdown menu with CSS3!