Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy – DarkReading. All the way back from March.  Can’t believe I missed this for so long.

>>Permalink

Google Chrome Extension Powers Android-Based Payments — InformationWeek. Interesting.  I’m going to try and see an implementation of this and see how it works with my new Android-based phone.

>>Permalink

Blizzard has admitted that there is an active and successful attack against their Blizzard Authenticators. Man in the middle attacks circumventing authenticators This makes perfect sense as: OTP tokens such as the Authenticator are obviously susceptible to a live man-in-the-middle (MITM) attack as has been demonstrated as something well beyond “theoritical” a decade ago.  The [...]

>>Permalink

FBI Investigating Web SpycamAs a federal investigation begins, a security researcher has uncovered evidence related to the case and provided a way to identify the surveillance software via FBI Investigating Web Spycam — InformationWeek. This is a case and investigation to keep an eye on.

>>Permalink

Social Engineering Scammers Offer Live Support — InformationWeek. Can’t be too careful out there.

>>Permalink

Tarnovsky figured out a way to break chips that carry a “Trusted Platform Module,” or TPM, designation by essentially spying on them like a phone conversation. Such chips are billed as the industrys most secure and are estimated to be in as many as 100 million personal computers and servers, according to market research firm [...]

>>Permalink

Texas Bank Sues Customer After $800,000 Scam. So either the bank’s supposed “two-factor” solution flat out failed (seriously arguable that an IP address is a legitimate “what you have” factor, IMHO) or they processed it anyway?  It will be interesting to see how this plays out. Looks like another case of sacrificing security at a [...]

>>Permalink

From the Department of Duh, really? Passwords remain weakest link in Web security | Service-Oriented Architecture | ZDNet.com. Frustrating that with all the focus on SSO without security (I’m talking to you OpenID folks) and all the security technologies available to grant both security and SSO (or Reduced Sign-On for you “SSO is impossible” folks) [...]

>>Permalink

Testing now… AdBlock – Google Chrome extension gallery. Bummer.  AdBlock only works with plain Chrome and not with the Chromium version I NEED for true RoboForm support.  The plain Chrome RoboForm extension requires me to use RoboForm Online and I don’t trust those folks to properly secure my authentication credentials.  Will stick with Chromium without [...]

>>Permalink

If this works on the iPad, it would remove one of the things preventing me from considering the iPad… and I really want to consider the iPad.  It is typically “Apple Beautiful”, but if I can’t use it as a more “single platform for everything” to replace my laptop, iPod and phone, then not jumping [...]

>>Permalink