Perspectives 4.3.4 Released!
Posted by daveschaefer in Perspectives Firefox on April 23, 2013
As you may have noticed, Perspectives has been updated! This release contains an important compatibility update for Firefox 20, plus a number of other changes:
- Update code for working with invalid certificates in Firefox 20
- Fix a bug to send requeries to the correct notaries
- Make the Preferences and Report Attack windows resizable
- In the Preferences window, set proper default height and width for the Notary Server textboxes
- In the Results window, expand the results box vertically to fill available space (This makes more text visible and keeps the radio buttons in a consistent place)Before:
Old Results Window
After:
New Results Window
Enjoy the update!
As always feedback is welcome. Feel free to leave a comment here or talk to us on the mailing list.
Coming Soon: Notary scanning with SNI
Posted by daveschaefer in Notary Server on March 26, 2013
Soon the heimdal and nine-eyes notaries will be upgraded to scan websites with Server Name Indication. Notaries will display whether they use SNI scanning on their index page:
Notaries will display their SNI status on their index page
This change should only improve notary results and give you more accurate readings for servers that require SNI, but let us know if you run into issues.
Many thanks to Perspectives user Carl for reminding me of this feature and for helping with testing. Thanks!
The status of Perspectives on Chrome
Posted by daveschaefer in Uncategorized on February 11, 2013
Several people have asked if we can resurrect the Perspectives extension for Chrome. Short version: yes, we would love to and plan to, but it will take some work. The long version is below.
History
In 2010 a Perspectives extension was created for the Chrome browser. The extension worked for several months but currently doesn’t display any notary results.
The problem was that Chrome did not provide a way for extensions to get certificate information about websites, which Perspectives requires in order to work. As a work-around the Chrome version of Perspectives used a separate Java applet to retrieve the certificate information from each page.
The upside of this approach was that we were able to port Perspectives to Chrome. One down side is that it required Java to run. Ideally we would like to make Perspectives run on Chrome without requiring Java.
Another downside of the Java approach is that the Perspectives project had to purchase an SSL certificate to sign the Java applet so that people could trust it. The certificate has since expired, which is why the extension no longer displays results. Additionally, since one of the goals of the Perspectives project is to move away from Certificate Authority security model, purchasing a CA certificate to run a version of Perspectives is counterintuitive.
Current work
The great news is that other people want the ability to inspect certificate info from Chrome extensions too, and the Chrome team has created a crytographic API. It should now be possible to make Perspectives run on Chrome, with a bit of work.
Here is the current plan:
Setup Tasks
- Refactor Perspectives’ internal code so it can more easily run on multiple platforms or browsers.
The Perspectives code needs a bit of reorganizing. This will also help us identify exactly what functionality we need from the Chrome API. - Perform a security review, to make sure Perspectives is retrieving and using certificate information in the right ways.
If anything needs changing it’s better to fix it now than later. - Confirm that the Chrome API supports the functionality that we need.
Porting Tasks
- Create a script to convert our existing Perspectives translations to the format required by Chrome.
- Write the Chrome-specific code to implement Perspectives
- Create a Chrome UI
- Test and release!
I will begin work on these tasks after the Perpectives 4.4 update. Questions and comments are welcome. Would you use Perspectives on Chrome? Leave a comment or let me know, so we know how many people are waiting for it.
2012 in Review
Posted by daveschaefer in Uncategorized on January 3, 2013
2012 was a productive year for Perspectives. We:
- Published 4 extension updates
- Rescued Perspectives on SeaMonkey
- Translated Perspectives to three new languages: German, Spanish, and French!
- Finished translating Perspectives into Chinese
- Launched two new network notaries
Many thanks to everyone who has contributed code, translations, suggestions, and ideas. And many thanks to everyone who uses Perspectives! Here’s to making the web a safer place.
We have even grander plans for 2013 to make Perspectives faster and better. Stay tuned!
Perspectives Client 4.3.3 Released!
Posted by daveschaefer in Perspectives Firefox on November 22, 2012
Perspectives 4.3.3 has been released! This is a small update that simply adds heimdal and nine-eyes to the default notary list. Hopefully this will improve notary responses and keep your Perspectives addon running!
The update has been submitted to the Mozilla Addons site, and will be automatically published once it has been reviewed by the Addons team. You can also download it directly via this link.
As always if you have questions or comments feel free to leave a comment here or talk to us on the mailing list.
Perspectives Server 3.1 + Two new notaries
Posted by daveschaefer in Notary Server on October 15, 2012
Perspectives Server version 3.1 is finished! This release adds data caching and some other improvements to make notaries more stable and responsive, and to make running a network notary even easier.
To celebrate I have created two new Perspectives notaries: heimdal.herokuapp.com (which tracks internal performance metrics) and nine-eyes.herokuapp.com (which does not track metrics). You should use them! You can view the notary public keys on their index page and add them to your Perspectives client, or use the following text:
heimdal.herokuapp.com:80 -----BEGIN PUBLIC KEY----- MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAGhzbwVcnEaT2Hb9WD9Wvh9CVYu 86w+8ZMdO4KG506K77IsERfIuh84YkE4qoDnjfR7TCQBvreVl81lIh5UE0kzO84X 673risoBebbGCNjXQNu5mWkq2Qp7SuuemeXaYFmkpc06t2n6NvNcS9JVm8KJRqBK qlwqlFgDuDZPUcYmWoIL4sF9w/3ep9nPSIJYburTdpCaeXPGhMiMzh4E2GnJc3Y2 beezGWtciXUCAwEAAQ== -----END PUBLIC KEY----- nine-eyes.herokuapp.com:80 -----BEGIN PUBLIC KEY----- MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAEw+W1dv0a00gzVqvHa8SafHhpY ESsCIB8kj4bb1ccXr7u6vaiBN83ssaPi1N/ZNDlyOnqZwopoZGkgzUxMUNzg9P6V ph9l7ldMu8XGuwmFoHBgEys633EPcrJcs46lfvNz5JRrYnjh0WMkj0VXvVlYla2g 6aAA80+C7u56D2FodNxWscPNpQWUAHDJOnAWr1CI9CNU/rbl5c85KJ7cW6u+LFBm pXk2xzJ2tq8CAwEAAQ== -----END PUBLIC KEY-----
If all goes well I will add these notaries to the list of defaults to help ease the load on other Perspectives servers. As always, if you have questions or comments just let us know!
*Update:* These notaries have been added to the default notary list in version 4.3.3.
Proposal: Network Notary performance metrics
Posted by daveschaefer in Notary Server on September 18, 2012
We’d like to know more about how Perspectives notaries are performing and what they need to keep up with demand. To learn this we’re proposing a new option for network notaries: tracking performance metrics.
What is a ‘metric’?
A “metric” is a specific piece of information that is measured or counted to help you understand how software behaves. In our case metrics will be used to better understand how well a notary is performing – whether it is healthy and keeping up with demand or having difficulty. Notaries that enable performance metrics will track certain specific events to help their operators keep them online.
Our ‘Ground Rules’ for metrics:
- Metrics should have a purpose.
When taking any measurement it is important to decide what you want to know and what you will do with the information before you consider what to track. Don’t track information simply because “it might be interesting later” – that wastes time measuring the wrong thing and can negatively influence people’s behaviour. Track things with a purpose.
- User privacy is of paramount importance.
We don’t want to track anything that could be abused or that would reveal sensitive information. (If you spot something that has the potential for abuse please let us know!)
Proposed notary metrics:
With our rules in mind, we want to know:
- What kind of demand a notary receives every day, and at what time(s) of day, so we can keep servers up and running.
This means:- Counting how many requests a notary receives
- Noting which sites are requested most often
This data gives us a target when testing to ensure notaries can handle real-life demand. It also helps us gauge what kind of resources (e.g. cache size) are required to run a notary – useful both for planning ahead and so anyone considering running a notary knows what they’ll need.
- How quickly new services are added.
We’ll count each time a site is requested that has never been seen.
- How long it takes to scan all known sites
Notaries scan their list of sites each day to update their key data. Knowing how long the scans run helps us gauge what kind of resources are needed to run a notary server.
- Failures from scanning websites.
If some sites are no longer working they could be removed from the scan list to save time and resources.
We believe that counting these few, specific pieces of data will help us keep the Perspectives notaries running smoothly. We’ll be able to take action when there is a problem, but more importantly we’ll be able to better gauge what a notary needs and prevent problems before they happen.
Logging statistics on these performance metrics should not endanger nor alter your privacy. We remain committed to providing a secure, transparent, and trustworthy service. If you have any feedback on these proposed metrics or other related ideas we would love to hear them! Feel free to leave a comment or ping us on the mailing list.
