Akamai has been made aware of the recent Kernel vulnerability that was disclosed by the Netflix Security team on June 17, 2019.  The issue is related to a number of TCP flaws in the Linux and FreeBSD kernels, one of which can be used to send a so-called ping of death to an Internet-facing Linux server and bring about a denial of service. The vulnerability is known as the "SACK Ping of Death".  As part of our early response security procedures,…

Facebook applications created before April 18th, 2017 will automatically update from version 2.8 to version 2.9 on April 18th, 2019. There are no changes necessary to your Janrain applications in order to prepare, as Janrain has already implemented all changes needed to handle the migration to 2.9. If you are using the Facebook API directly with a version 2.8 application, the Facebook changelog https://developers.facebook.com/docs/graph-api/changelog outlines all changes between 2.8 and 2.…

As part of ongoing security upgrades for the Identity Cloud, we are now requiring that all requests to the Configuration API and Console use at least TLS 1.2. If you receive a connection refused error when making requests to the Configuration API, you will need to ensure that your client is using TLS 1.2 or higher, since TLS 1.0 and TLS 1.1 requests will be rejected. For Console users, only old, insecure browsers would not be using TLS 1.2. If your browser does not support TLS 1.2,…

On April 30, 2019, Janrain will be decommissioning the Janrain Capture Dashboard. The Capture dashboard will no longer be accessible from the list of applications customers have access to after logging into dashboard.janrain.com http://dashboard.janrain.com. The Capture Dashboard is replaced by the more feature-rich and easier to use Janrain Console. Console is available at console.janrain.com https://console.janrain.…

In December 2018, LinkedIn announced https://engineering.linkedin.com/blog/2018/12/developer-program-updates that it would be making changes to its Sign In APIs that included shutting off their v1 APIs and disabling the use of OAuth1. Janrain’s current LinkedIn integration relies on both on OAuth1 and the v1 Sign In APIs. We have been building an entirely new LinkedIn (OAuth2) provider in order to support the migration https://docs.microsoft.…