| Google puts False Start SSL experiment down, nobody notices Apr 13th 2012, 02:44  Back in September of 2010 Google started experimenting with a new Chrome feature called False Start, which cut the latency of SSL handshakes by up to 30 percent. While the delay in forging a secure connection never seemed like a major concern for most, the pause (which could be several hundred milliseconds long) before a browser starts pulling in actual content was too much to swallow for Mountain View engineers. The tweak to SLL was a somewhat technical one that involved packaging data and instructions normally separated out -- reducing the number of round trips between a host and a client before content was pulled in. Unfortunately, False Start has proven incompatible with a number of sites, in particular those that rely on dedicated encryption hardware called SSL Terminators. Chrome used a blacklist to track unfriendly sites, but maintaining that repository proved more difficult than anticipated and became quite unwieldy. Despite reportedly working with over 99 percent of websites Adam Langley, a Google security researcher, has decided that False Start should be retired with version 20 of the company's browser. The change will likely go unnoticed by most users, but it's always a shame to see efforts to make the web as SPDY as possible fail. Google puts False Start SSL experiment down, nobody notices originally appeared on Engadget on Thu, 12 Apr 2012 22:44:00 EDT. Please see our terms for use of feeds. Permalink  Ars Technica |  Imperial Violet | Email this | Comments | | Calyx Institute to create ISP that keeps customer traffic private, away from prying governmental eyes Apr 13th 2012, 01:22  Wouldn't it be nice if we were free to surf the web free from fear of having our traffic monitored and emails scraped by the NSA? Well, if Nicholas Merrill has his way, we won't have to rely on anonymous browsers or proxy servers -- we'll have a new ISP built from the ground up to protect customer privacy. A non-profit, the Calyx Institute, will run the ISP that'll employ end-to-end encryption on web traffic, plus encrypted emails to prevent anyone other than the user, including the ISP itself, from seeing people's internet activity. Because of this structure, Calyx, quite literally, won't be able to comply with governmental requests to obtain customer traffic data under the Patriot or Foreign Intelligence Surveillance Acts. The best part is, such online privacy may cost as little as $20 a month, and Merrill has hopes to provide a similarly secure VoIP service at some point as well. Of course, the venture will only be possible if Merrill can raise the $2 million needed to get it going -- which is why he's pitching the idea to venture capitalists in Silicon Valley and the general public through crowd-sourced funding site IndieGogo. Want to help out? Hit the the source below to make a donation.
Calyx Institute to create ISP that keeps customer traffic private, away from prying governmental eyes originally appeared on Engadget on Thu, 12 Apr 2012 21:22:00 EDT. Please see our terms for use of feeds. Permalink CNET | IndieGogo, Calyx Institute | Email this | Comments | |
