Bluetooth’s Complexity Has Become a Security Risk

May 22, 2019

Bluetooth is the invisible glue that binds devices together. Which means that when it has bugs, it affects everything from iPhones and Android devices to scooters and even physical authentication keys used to secure other accounts. The order of magnitude can be stunning: The BlueBorne flaw, first disclosed in September 2017, impacted 5 billion PCs, phones, and IoT units. As with any computing standard, there's always the possibility of vulnerabilities…


Fido Alliance adds a biometrics certification program to help fight spoofing

September 8, 2018

In a move aimed at upping standards across biometric user verification systems, the industry consortium, Fido Alliance, has launched a certification program for biometrics systems. “The goal of the Biometric Certification Component Program is to provide a framework for the certification of biometric subsystems that can in turn be integrated into FIDO Certified authenticators,” it writes on its website. While biometric verification systems such as fingerprint readers have been pretty widely adopted in…


The Strava Heat Map and the End of Secrets

January 31, 2018

A modern equivalent of the World War II era warning that “loose lips sink ships” may be “FFS don’t share your Fitbit data on duty.” Over the weekend, researchers and journalists raised the alarm about how anyone can identify secretive military bases and patrol routes based on public data shared by a “social network for athletes” called Strava. This past November, the San Francisco-based Strava announced a huge update to…