The limited testing on Messenger, which has more than 900 million users, comes three months after Facebook rolled out end-to-end encryption to its more popular WhatsApp, a messaging application with over 1 billion users that it acquired in October 2014.

The move comes amid widespread global debate over the extent to which technology companies should help law enforcement snoop on digital communications.

End-to-end encryption is also offered on Apple Inc’s iMessage platform as well as apps including LINE, Signal, Viber, Telegram and Wickr.

Facebook Messenger uses the same encryption technology as WhatsApp, which uses a protocol known as Signal that was developed by privately held Open Whisper Systems.

“It seems well designed,” said Matthew Green, a Johns Hopkins University cryptologist who helped review an early version of the protocol for Facebook.

While WhatsApp messages are encrypted by default, Facebook Messenger users must turn on the feature to get the extra additional security protection, which scrambles communications so they can only be read on devices at either end of a conversation.

Facebook said that it was requiring users to opt in to encryption because the extra security is not compatible with some widely used Messenger features.

“Many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone,” the company said in an announcement on its website. “Secret conversations can only be read on one device and we recognize that experience may not be right for everyone.”

Facebook also said that Messenger users cannot send videos or make payments in encrypted conversations.

Courtesy-http://www.thegurureview.net/aroundnet-category/end-to-end-encryption-comes-to-facebook-messenger.html

The idea that IPv6 remains so far behind its saturated incumbent, IPv4, is horrifying given that three continents ran out of IPv4 addresses in 2015. Unfortunately, because the product isn’t ‘end of life’ most internet providers have been working on a ‘not broken, don’t fix it’ basis.

But 2016 looks to be the year when IPv6 makes its great leap to the mainstream, in Britain at least. BT, the UK’s biggest broadband provider, has already committed to switch on IPv6 support by the end of the year, and most premises will be IPv6-capable by April. Most companies use the same lines, but it will be up to each individual supplier to switch over. Plusnet, a part of BT, is a likely second.

IPv6 has a number of advantages over IPv4, most notably that it is virtually infinite, meaning that the capacity problems that the expanded network is facing shouldn’t come back to haunt us again. It will also pave the way for ever faster, more secure networks.

Some private corporate networks have already made the switch. Before Christmas we reported that the UK Ministry of Defence was already using the protocol, leaving thousands of unused IPv4 addresses lying idle in its wake.

IPv6 is also incredibly adaptable for the Internet of Things. Version 4.2 of the Bluetooth protocol includes IPv6 connectivity as standard, making it a lot easier for tiny nodes to make up a larger internet-connected grid.

Google’s latest figures suggest that more than 10 percent of users are running IPv6 connections at the weekend, while the number drops to eight percent on weekdays. This suggests that the majority of movement towards IPv6 is happening in the residential broadband market.

That said, it is imperative that businesses begin to make the leap. As Infoblox IPv6 evangelist Tom Coffeen told us last year, it could start to affect the speed at which you are able to trade.

“If someone surfs onto your site and its only available in IPv4, but they are using IPv6, there has to be some translation, which puts your site at a disadvantage. If I’ve not made my site available in IPv6, I’m no longer in control over where that translation occurs.”

In other words, if you don’t catch up, you will soon get left behind. It was ever thus.

Courtesy-TheInq

The company recommended deleting the apps but did not name them, which may make it hard for people to know which apps put their data at risk.

The apps in question installed their own digital certificates on a person’s Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk.

Most websites and many apps use SSL/TLS (Secure Socket Layer/Transport Security Layer), a protocol that encrypts data traffic exchanged with a user. SSL/TLS is a cornerstone of Web security, ensuring data traffic that is intercepted is unreadable.

It is possible in some cases to interfere with an encrypted connection. Many enterprises that want to analyze encrypted traffic for security reasons will use SSL proxies to terminate a session at the edge of their network and initiate a new one with their own digital certificate, allowing them to inspect traffic for malicious behavior.

In that scenario, employees would likely be more aware or expect that kind of monitoring. But people downloading something from the App Store probably would have no idea of the access granted to their sensitive data traffic.

Apple checks applications to ensure that malicious ones are not offered in its store. Those checks are in large part the reason why Apple has had fewer problems with malicious mobile applications in its store.

Installing digital certificates isn’t itself a malicious action per se, but Apple may be concerned that users are not fully aware of the consequences of allowing an app to do so.

Source-http://www.thegurureview.net/aroundnet-category/apple-removes-data-spying-apps-from-store.html