Apple Addresses iOS ‘Backdoor’ Concerns by Outlining Legitimate Uses for Targeted Services [Updated]

Earlier this week, forensic expert Jonathan Zdziarski attracted attention for his disclosures of what appeared to be “backdoors” in iOS that could allow for covert data collection of users’ information from their devices. While Apple issued a statement denying that anything nefarious was involved, the company has now posted a new support document (via Cabel Sasser) offering a limited description of the three services highlighted in Zdziarski’s talk.

read more

New Standard For Website Authentication Proposed: SQRL (Secure QR Login)

“Steve Gibson has proposed a new standard method for website authentication. The SQRL system (pronounced ‘squirrel’) eliminates problems inherent in traditional login techniques. The website’s login presents a QR code containing the URL of its authentication service, plus a nonce. The user’s smartphone signs the login URL using a private key derived from its master secret and the URL’s domain name. The Smartphone sends the matching public key to identify the user, and the signature to authenticate it. It may be used alongside of traditional username/password to ease adoption.”

Telstra/AFL launch Google Glass app

The Australian Football League, its partner Telstra, and local developer Seventh Beam have teamed up to deliver an app running on Google’s next-generation Glass augmented reality headset that will allow AFL fans to get live information associated with AFL matches — all through their headset.

read more