6/22/2015 9:39:59 AM
Facebook-Connected Apps Must Now Support Certificates Signed with SHA-2
SDK,SHA-2 Standard,Facebook,Baseline Requirements For SSL
https://appdevelopermagazine.com/images/news_images/Sha2-SSL-Facebook-App-Developer-Magazine_30s60t3b.jpg
App Developer Magazine

Facebook-Connected Apps Must Now Support Certificates Signed with SHA-2



Richard Harris Richard Harris in Marketing & Promotion Monday, June 22, 2015
2,612

Facebook is updating its encryption requirements for Facebook-connected apps which means that apps that don't support SHA-2 certificate signatures will no longer be able to connect to Facebook starting on October 1, 2015.

Facebook’s Adam Gross in a recent post on the Facebook developer blog:

These changes are part of a broader shift in how browsers and web sites encrypt traffic to protect the contents of online communications. Typically, web browsers use a hash function to create a unique fingerprint for a chunk of data or a message. This fingerprint is then digitally signed to prove that a message has not been altered or tampered with when passing through the various servers and systems between your computer and Facebook's servers.

For the past two decades, the SHA-1 standard has been the preferred choice across the Internet for calculating message fingerprints. But after identifying security weaknesses in SHA-1, the Certificate Authority and Browser Forum recently published new Baseline Requirements for SSL recommending that all certificate authorities transition away from SHA-1 based signatures, with a full sunset date of January 1, 2016.

We'll be updating our servers to stop accepting SHA-1 based connections before this final date, on October 1, 2015. After that date, we'll require apps and sites that connect to Facebook to support the more secure SHA-2 connections.

We recommend that developers check their applications, SDKs, or devices that connect to Facebook to ensure they support the SHA-2 standard. If your app already supports this standard, then no action is necessary. But if your app relies on SHA-1 based certificate verification, then people may encounter broken experiences in your app if you fail to update it.

Read more: https://developers.facebook.com/blog/post/2015/06/...


475 Tax Deductions for Businesses and Self-Employed Individuals

Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.

A hands-on guide to mastering mobile forensics for iOS and Android

Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.

Gps tracker for kids

The Chirp GPS app is a top-ranked location sharing app available for Apple and Android that is super easy to use, and most of all, it's reliable.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.