Tag Archives: Duo Security

Alternative fixes released for Android 'master key' vulnerability

July 17, 2013 Bartle Doo Leave a comment

More fixes are appearing for a pair of highly dangerous vulnerabilities exposed earlier this month in the Android mobile operating system.

Security vendor Webroot and ReKey, a collaboration between Northeastern University in Boston and vendor Duo Security, released software on Tuesday that detects if an Android device is vulnerable and applies a patch.

Google, which manages the open-source Android project, quickly issued patches for the so-called “master key” vulnerabilities, one of which was found by Bluebox Security and another one that appeared on a Chinese-language forum.

But mobile phone manufacturers and operators are often very slow in releasing patches to their users, a problem that is likely to become more critical as mobile device use rises.

To read this article in full or to leave a comment, please click here

Source: FULL ARTICLE at PCWorld

Computers

Security experts laud Apple for following Microsoft, others on two-factor authentication

March 24, 2013 Bartle Doo Leave a comment

Security experts are commending Apple for following the lead of rivals like Facebook, Google and Microsoft by offering two-step authentication to help customers secure their Apple IDs against hacking.

The new feature rolled out this week is designed to block unauthorized changes to iCloud or iTunes accounts, and keep hackers who steal Apple IDs from purchasing digital content or hardware using the credit cards stored in customers’ iTunes and Apple Store accounts.

iTunes users in particular have complained for years about security so lax that hackers have easily hijacked their accounts to run up big bills.

“Always exciting to see a major consumer-oriented service roll out some sort of two-factor authentication,” said Jon Oberheide, co-founder and CTO of Duo Security, a developer of authentication software, in an email. “Rolling your own two-factor definitely isn’t a trivial task, both from an upfront engineering cost and continued support and maintenance, despite the perceived ease from an external view.”

To read this article in full or to leave a comment, please click here

Computers

Application-specific passwords weaken Google's two-factor authentication, researchers say

February 26, 2013 Bartle Doo Leave a comment

Researchers from two-factor authentication provider Duo Security found a loophole in Google’s authentication system that allowed them to bypass the company’s 2-step login verification by abusing the unique passwords used to connect individual applications to Google accounts. …read more
Source: FULL ARTICLE at Computerworld Latest

Bartle Doo Article Archives

Tag Archives: Duo Security

Alternative fixes released for Android 'master key' vulnerability

Security experts laud Apple for following Microsoft, others on two-factor authentication

Application-specific passwords weaken Google's two-factor authentication, researchers say

Articles Archive