Last Monday in Spotlight, I pointed you toward an article from the personal blog of security researcher Jonathan Zdziarski, who reported on the existence of several exploitable back doors around security features in Apple's iOS.
Among the many things Apple is notorious about not telling people is the architecture of its iOS system services. While on the surface you'd think Apple is operating in the best interests of security, what this means is that an active open source movement has germinated with the explicit goal of ferreting out ways to establish rootkits and other exploitative, stealth services on iPhones and iPads.
The system Ping Identity has been building (and to some extent, acquiring) to let people log onto services with their mobile phones is now ready for public launch.
If someone steals your phone then logs onto your apps, those apps may think they're working with you. What if the connection between you and those apps could be severed first?
On its face, the U.S. Federal Trade Commission's formal complaint against T-Mobile last Tuesday alleges that the telco charged customers for unnamed data content provided by third parties, that those customers never consented to or more likely, never actually received. It goes on to allege that the carrier pocketed as much as 40 percent of those overcharges.
A tweet-chat session between experts in authentication, some well-known journalists, and myself, reveals the role our own perception plays in the security problem.
The practice most commonly associated with the phenomenon called the "consumerization of IT" may be responsible for a low level of confidence among IT professionals.
While Visual Studio lacks a native way for developers to design and deploy apps for iOS and Android, that gap can now be filled with just a few clicks.
Its first genuine appeal to businesses to please, please let it join the party, is accompanied by a renewed appeal to consumers.
In a deal announced Friday afternoon, the creator of a lucrative method for using mobile devices as authenticators is absorbed into a prominent identity provider.