One Charger to charge them all

From DCTVpedia
Jump to navigation Jump to search
One Charger to charge them all
Number 3709
Broadcast Date JANUARY 31, 2020
Episode Length 33:15
Hosts Tom Merritt, Sarah Lane, Roger Chang
Guests Shannon Morse, Len Peralta

Apple has proposed a standardized format for one-time passcodes sent over SMS, used in two factor authentication, while Google launched OpenSK, an open source Rust-based firmware to turn Nordic chip dongles into FIDO U2F and FIDO2-compliant security keys. What will this mean for 2FA and online security?

Guest

Quick Hits

IBM announced that Arvind Krishna will take over as the company's 10th CEO, replacing Virginia “Ginni” Rometty. The change is effective on April 6. Jim Whitehurst, Red Hat’s former CEO, will step up as IBM’s president, Rometty became IBM president and CEO on January 1, 2012.
A beta build of Microsoft Edge shows a new adware blocking feature in testing on the browser. This would block things like toolbars and cryptominers. Edge already offers SmartScreen Filter to protect against phishing and malware, and Microsoft has offed similar unwanted app blocking to enterprise customers through Microsoft Defender Advanced Threat Protection.
Data from Sensor Tower Store Intelligence shows European mobile consumers spent an estimated $11.2 billion across Apple's App Store and Google Play during 2019, an 18.9 percent year-over-year increase in gross revenue from 2018. European spending accounted for 13.5 percent of global mobile app revenue in 2019, which totaled more than $83 billion.
Android Auto now has an option to silence all notifications when a user is driving. The toggle is part of Android Auto's latest update. Notifications will still be persistent on an in-car display until dismissed — but only when this toggle is activated.
The US FCC says it will take action against an unnamed US wireless carrier over the apparent unauthorized sale of real-time location data from users. FCC chairman Ajit Pai said that the FCC’s enforcement bureau “has concluded that one or more wireless carriers apparently violated federal law.”

Top Stories

Amazon reported it earned $6.47 per share on revenue of $87.4 billion, beating analysts expectations of $86.01 billion in revenue on earnings of $4.04. Amazon Web Services revenue grew 34% on the year to $9.95 billion, but saw revenue growth slow for the 6th consecutive quarter. Subscription revenue increased 32% to $5.24 billion. Other revenue, which mostly consists of advertising, increased 41% to $4.78 billion. Amazon announced on its earnings call that Prime members now receive free Amazon Fresh deliveries, which previously cost $14.99 a month. Amazon also said through public financial documents that its federal income tax expense for the year was more than $1 billion, in addition to more than $2 billion in other types of federal taxes, which is a bit of a pushback toward politicians and researchers claiming Amazon does not pay any federal income tax.
Microsoft launched a bug bounty program for its Xbox gaming platform. Anyone can submit bugs on the Xbox Live Network and Services, with payouts ranging from $500 to $20,000 based on severity, quality of the submission, and impact on the service.
The European Parliament voted 582-40 in favor of the resolution on a common charger for mobile radio equipment. The European Commission now has until July to adopt an act related to the charger "harmonization" directive from 2014 or introduce a similar legislative measure. The resolution hopes the adoption of a common charger will cut down on e-waste, and warns against fragmentation in the wireless charging space as well. The resolution specifically calls out wireless saying, "many mobile telephones already use wireless charging methods and that fragmentation in this area should be avoided; calls, therefore, on the Commission to take measures to best ensure the interoperability of different wireless chargers with different mobile radio equipment."
Reuters reports that, according to sources, the FBI is investigating the Israeli spyware company NSO Group for possible attacks against US citizens, companies, as well as gathering intelligence of foreign governments. The investigation reportedly began in 2017 to look into if NSO Group obtained code from US hackers to crack into smartphones. Facebook filed a lawsuit in October against NSO Group accusing it of exploiting a flaw in WhatsApp. Sources say the FBI is now looking into how NSO Group provides technical support to customers, which could possibly be prosecuted under the Computer Fraud and Abuse Act if they had knowledge of improper use. NSO says it is not aware of an inquiry and has not been contacted by US law enforcement about such matters. NSO Group sells its products to governments and has previously said that its government customers are the only ones who could use it for attacks.
Roku announced that seven apps from Fox will stop working, two days before the Super Bowl. Fox Sports was previously working to bring a 4K HDR stream of the Super Bowl to Roku’s streaming sticks, pucks, and TVs. Roku tells The Verge that its distribution agreement with Fox expired and therefore it is forced to remove the apps. Fox said in a statement, "Roku’s tactics are a poorly timed negotiating ploy, fabricating a crisis with no thought for the alarm it generated among its own customers." NFL spokesman Alex Riethmiller tells Fast Company not to worry, the NFL will stream the game through its own free Roku app, just not in 4K.

Discussion

Apple's WebKit team published a proposal on GitHub to standardize the format of one-time passcodes sent over SMS, used in two factor authentication. The format would send a two line SMS, one for human verfication with the code, and confirmation of what website sent it, the second line would have the site URL and the code preceded by a pound sign. The goal is to have browsers and messaging apps recognize the domain automatically from the message, and extract the code to complete the login without user interaction. The proposal claims feedback from Google has been positive, with Google Product Manager Steven Soneff and software engineer Sam Goto providing feedback in development.
Google launched OpenSK, an open source Rust-based firmware to turn Nordic chip dongles into FIDO U2F and FIDO2-compliant security keys. Google says Nordic's dongles are affordable and support all the FIDO2 standards like NFC and Bluetooth LE. Google does plan to expand the project to other chips as well. While Google advises the project be used for testing and research purposes for the moment, Kjetil Holstad, director of product management at Nordic hopes the project will "help the industry gain mainstream adoption of security keys."

Mailbag

I currently work for the state court system in IT and deal with mostly rural courts that are on DSL, satellite, mobile hotspots or nothing at all. It makes IT support a nightmare. It takes a very long time to transfer any software they need and Remote Desktop can be a lag nightmare. The other major issues is the courts are required to upload information to DMV or send over a order of protection to the police and many other important things. A lot of my locations have to drive to the next town over to upload their information and this causes a delay that could put people in danger. The US needs to push for better infrastructure and push ISP to go into rural places to get them internet. The world requires internet and the US is far behind in infrastructure.
Sent by Justin

YouTube

Links



Preceded by:
"Facebook Doesn't Want to be Liked"
One Charger to charge them all
Followed by:
"AirBnB Cautious"