IBM Domino – POODLE attack and what is the solution?

IBM intends to release Domino server Interim Fixes over the next several weeks that implement TLS 1.0 with TLS_FALLBACK_SCSV for HTTP to protect against the POODLE attack. Implementing TLS 1.0 for Domino will protect against the POODLE attack and will allow browsers to still connect to Domino after they have been changed to address the POODLE attack.

IBM will provide Interim Fixes for the following Domino releases:

    • 9.0.1 Fix Pack 2
    • 9.0
    • 8.5.3 Fix Pack 6
    • 8.5.2 Fix Pack 4
    • 8.5.1 Fix Pack 5

Source: IBM Technote

Rometty and IBM’s disappointing quarterly earnings

So on Monday, Rometty and CFO Martin Schroeter had to tell Wall Street that they would not hit the target.

“Given our third-quarter performance, the actions we’re taking and with only 15 months till the end of 2015, we no longer expect to deliver $20 operating earnings per share in 2015,” Schroeter said on the quarterly conference call.

A huge IBM selloff followed the news, and the shares dropped 7% in heavy volume. Some analysts on the call then questioned if IBM was in a “crises.”

But here’s the thing.

This could really be good news for IBM and Rometty. She’s no longer jumping through hoops to meet an arbitrary EPS number selected by the previous CEO, from a tactic that made sense in 2007.

Source: Business Insider

 

Planned SHA-2 deliveries

SHA-2 support for Domino 9.x is planned to be delivered over the next several weeks via an Interim Fix.

  • With this Interim Fix, Domino administrators will be able to configure Domino 9.x to use a SHA-2 certificate over HTTP, SMTP, LDAP, POP, and IMAP. With a SHA-2 certificate in place, users will be able to use a browser to connect to iNotes, XPages, traditional Domino Web apps, and Sametime (based on Domino HTTP).
  • Once the Interim Fix is applied, browser users will not receive a security alert since Domino will be configured with SHA-2. Domino administrators will be able to import a 3rd-party SHA-2 cert or generate SHA-2 certs with the Domino Administrator client with Domino 9.x running the Interim Fix on all supported platforms.
  • As mentioned in the above section, the cryptographic infrastructure needed to provide these features was new to Domino 9.x. For this reason, we will not be able to support SHA-2 on Domino 8.5.x.

Source: IBM Technote

JVMPatch released for IBM Domino and Notes 9.0.1 Fp2 and 8.5.3 FP6

Source: IBM

Finally – IBM SmartCloud audio-video enabled

Finally – IBM SmartCloud audio-video enabled:

Over the week-end, we enhanced IBM SmartCloud for Social Business with a brand new capability: audio-video calling. With this latest update, we are now adding one-to-one audio-video calling to instant messaging. How this works is very simple. Let’s imagine that you and I are starting a chat (of course, with a very polite “hi…”). You will now see two new buttons in your chat window: one to start an audio-video call, and one to start an audio-only call. After you click on the video button, I can accept the request, and both of us can see each other in a quality video call.

Source: The Sametime Blog

Notes/Domino 9.0.1 Fix Pack 2

Domino:

W32 domino901FP2_w32.exe CN0XWEN
W64 domino901FP2_w64.exe CN0XXEN
Linux domino901FP2_linux32_x86.tar CN0XYEN
Linux 64 domino901FP2_linux64_x86.tar CN0XZEN

Open Social Component:

W32 DOM_SEOS_COMPNT_901FP2_W32.exe CN0Y4EN
W64 DOM_SEOS_COMPNT_901FP2_W64.exe CN0Y5EN
Linux DOM_SEOS_COMPNT_901FP2_LINUX32.tar CN0Y8EN
Linux64 DOM_SEOS_COMPNT_901FP2_LINUX64.tar CN0Y9EN

Notes Standard Config:

W32 notes901FP2_win.exe CN0YCEN
Mac notes901FP2_mac.dmg CN0YDEN

9.0.1 Fix Pack 2 Preliminary Fix List descriptions

Source: IBM Support Portal

IBM’s Thoughts on Cloud

Thoughts on Cloud is a collection of cloud computing conversations led by IBMers and sponsored by IBM. The goal of this site is to provide readers with a forum to discuss and debate various cloud computing topics. Thinking about Cloud Services, maybe IBM SoftLayer, this is worth reading.

softlayer