authentication
Latest
AT&T goes live with Encrypted Mobile Voice, kills your dreams of breaking into Pelosi's social circle
AT&T told us back in July that it was fixing to launch the first carrier-provided two factor encryption service, and it seems that today's the day. The day it goes live, we mean. At any rate, the company's Encrypted Mobile Voice service is reportedly active, and it's already providing "high-level security features for calls on the AT&T wireless network." Of course, none of this fancy security is meant for simpletons like us -- instead, it's targeting government agencies, law enforcement organizations, financial services institutions and international businesses. We're told that the tech combines KoolSpan's TrustChip and SRA International's One Vault Voice, with the former being a microSD card and the latter being a software layer. Currently, it only plays nice with BlackBerry and Windows Phones, but until we see Biden bust out a Bravo, we'll assume the lack of Android support isn't "a big flipping deal."
HTC Peep cooked, served a l'orange by Twitter's new authentication scheme (update: fixed?)
It's been known for some time that Twitter would be moving away from basic authentication to OAuth for third-party apps; in fact, they'd already officially pushed back the drop-dead switchover date once to mid-August before finally pulling the plug this week. Be that as it may, it makes sense that a bunch of lesser-known, less-maintained apps would fall by the wayside once the old security mechanism got shut down -- but HTC's Peep? Really? Sure enough, we've been able to confirm on our own Desire that the Twitter app HTC bundles with its Sense UI for Android is no longer working this morning, giving users an "incorrect username or password" error when they try to connect. We're not sure if they'll be able to fix this with a Market update across the board or if it'll take a bunch of firmware updates to get everyone back on the up and up, but either way, something tells us Twitter isn't going to flip the switch back on for these guys. Update: We can't say for certain whether Peep's working properly now, a few days later, but our Froyo-filled Droid Incredible (and those of several tipsters) seem to be displaying tweets just fine, and Twitter itself reports that it recently fixed an issue with Peep, Moto Blur and a variety of other third-party Twitter clients. [Thanks to everyone who sent this in]
T-Mobile UK quietly retracts Pulse's buggy 2.1 update, Huawei says it was non-final anyway
Remember T-Mobile's money-saving, finger-friendly Pulse? You know, the Huawei Android handset that received a 2.1 update in Hungary back in May? Earlier this month (on the 6th, to be precise), said phone's British counterpart also received its share of cream-filled pastry, but perhaps one with cream gone sour. How so? T-Mobile UK didn't explain when it quietly pulled the plug shortly afterwards, but some users were reporting problems with SMS and 802.11x enterprise WiFi authentication. Pretty serious stuff, especially for the former. A few developers from MoDaCo got in touch with us as they struggled to get a reply from T-Mobile about the retraction, which got us curious. After all, a working 2.1 update would make the Pulse -- now priced at £99 ($153) on pay and go -- a pretty good buy, so we tweeted the carrier on Tuesday for an update. Coincidentally, the next day T-Mobile finally caved in and let loose on what happened: "After receiving feedback on the recent T-Mobile Pulse Android 2.1 software update we've decided to suspend it temporarily. We're working with the phone's makers on an updated version which is expected in October." Yikes. But just you wait -- read on for the juicy part.
Nokia N900 does real-time face tracking for verification (video)
In a world where smartphone unlock patterns and PINs can be easily gleaned from display muck, and computer passwords can be deciphered from the telltale audible clicks of the keyboard, it's any wonder that research is funded for alternative identity verification schemes. One promising technology is face verification -- technology we've already seen implemented in webcams, laptops, and more recently, Microsoft's Kinect for Xbox 360. Where we haven't seen it broadly deployed is in the easy-to-lose smartphone, at least not with the level of sophistication achieved by the University of Manchester (UK). Using an N900, the research team developed a prototype that quickly locks and tracks 22 facial features in real time (even when upside down) using the Nokia's front-facing camera. The Active Appearance modeling technique was developed for the EU-funded Mobile Biometrics (MoBio) project as a means of using face verification to authenticate smartphone access to social media sites. Unfortunately, there's no mention of how long Manchester's face-verified login actually takes. Nevertheless, the video, apparently shot in a steam room full of hot man smudge, is worth a peep after the break.
Germany slapping RFID tags on its populace for the sake of brisker bureaucracy
ID cards and RFID tags are similar in one key respect: they get a lot of bad press -- one for constricting civil liberties, the other for being a lousy security risk -- and yet are widely used around the world. It's fitting, therefore, that Germany has decided to marry the two for the latest version of its own personalausweis. Dutch company NXP has begun production of the requisite RFID chips for these new slices of plastic, which will roll out from the beginning of November this year. The Deutsch state sees a vastly expanded role for the modernized cards, including validating your identity for online shopping and communicating with your local authority (e-government, they call it). And, of course, your biometric data is loaded onto the chip as well, just to make things nice and neat. You know, we remember the good old days when identity theft used to be hard.
AT&T Encrypted Mobile Voice to bring extra security to Obama's BlackBerry calls
Yeah, we know that the Prez was once seen rocking a Verizon-branded BlackBerry 8830, but just bend your mind a bit and bear with us. Shortly after lighting up Wall Street with an exceedingly excellent quarterly earnings report, AT&T has announced an Encrypted Mobile Voice service that'll hit later in the year. Assuming Obama actually does own an AT&T-branded 'Berry, he'll soon be able to enjoy what AT&T calls "the first mobile-to-mobile voice encryption solution using two-factor authentication offered by a US operator." Said service is expected to provide a higher level of security for calls across the AT&T wireless network, and naturally, it'll be shopped to government agencies, law enforcement organizations, financial services institutions and international businesses, all of which will pay far too much for what's likely a false sense of security. We mean, haven't these guys ever seen 24?
Ventrilo vs. Mumble
"What's your Vent info?" is as ubiquitous as "What's your GearScore?" Voice chat programs are a fact of WoW life, and by all means Ventrilo dominates the market. After five years of using Ventrilo, I say it's time to change to something better. One of the most common questions I get from the show Big Crits is "what's the mod that shows who's talking in Vent?" It's actually not a mod, and in fact it's not even Ventrilo. Big Crits uses Mumble, a low latency VOIP program for gaming. It's mostly unknown in WoW, as Ventrilo clearly dominates voice chat in our world. Mumble is perhaps better known in FPS circles, where the low latency really gives it a competitive advantage. I started this article with every intention of making a pros-and-cons comparison between the two programs, but in truth, I had a hard time coming up with pros for Ventrilo. I'll run through features, but don't be surprised if you come out of this with a new perspective on voice chat options and a strong desire to switch to Mumble.
Aegis Bio grows to 640GB of fingerprint-protected storage
Apricorn specializes in the fine art of making people believe their data is worth stealing and charging them for the privilege of protecting it. Its Aegis Bio range has now been expanded, both in number and in capacity, as the former ceiling of 250GB has been lifted with the introduction of 320GB, 500GB and 640GB variants. The 2.5-inch external disk validates user identity with that handy fingerprint scanner on top before allowing access to the otherwise 128-bit encrypted precious stuff within it. Prices of the new models top out at $160 for the most voluminous one, making them thrifty enough to buy even if you don't need secret agent-level security -- which, let's face it, you don't. Full PR after the break.
Settlers 7 still plagued by DRM problems two weeks after launch
We love the anticipation that builds up in the weeks leading up to the launch of a new game in one of our favorite franchises. That's why we think Ubisoft has stumbled upon a really clever marketing technique with its real-time strategy PC title, Settlers 7, which many users (about 50 pages worth on this forum thread) are still unable to access two weeks after the game launched due to problems with Ubisoft's DRM authentication servers. A Ubisoft rep commented on the issues to Eurogamer, explaining, "our technical teams have made progress but we are not yet able to say that the issue is completely resolved." Hey guys, take your time. Just keep letting that anticipation build up in your player base. Once they're finally able to play, we're sure they'll thank you for the extended expectancy.
Verayo launches next-generation of 'unclonable' RFID chips, hackers get wide-eyed
If there's one thing a security company should avoid, it's tempting the hackers to unravel their promises. As we've seen time and time again, there are few (if any) completely uncrackable technologies, but Verayo sure seems confident about its next-generation RFID chips. Dubbed "unclonable," this new product family -- which is led by the Vera M4H -- promises to make mass transit tickets, secure IDs and access cards more secure, and unlike the original, this one touts a "non-networked, unlimited authentication" feature. We also get the impression that the company has worked to drive costs down with this newfangled line, but we're still not sure we'd trust our lives to this thing. Anyone down to really put these claims to the test?
Breakfast Topic: What are you doing to protect your account?
While it is certainly nothing new, it seems that you can't spit without hitting someone who has, or has had, a compromised account. These WoW account predators are getting more clever by the day, with using everything from keyloggers, sham contests, betas and security checks, to even grabbing an account and immediately attaching an authenticator to it. Now, any moderately-savvy internet user would just scoff, and say that they take all necessary precautions -- what's there to worry about? Fair enough, but what about those who, well, don't? Blizzard has said time and time again about safe-guarding your account information, yet people still jump onto those fake Cataclysm betas and fancy new mount prizes. Make something idiot-proof, and they'll build a better idiot, eh? That being said, what are you doing to protect your prized polygons? Do you have a good anti-virus installed? A malware scanner? If you don't have an authenticator, how come? It's only about the price of a grande Starbucks drink, and will provide a longer-lasting effect of happiness and joy to your life. Discuss amongst yourselves!
Sony's FVA-U1 reads veins, coming to Japan this month
Sony has finally delivered on its Mofiria promise with what it claims is the world's smallest and lightest finger vein reader. That assertion may be challenged by Hitachi, whose 3mm-thick scanner promises to be even smaller, but the critical difference here is that the FVA-U1 is about to go on sale in Japan come December 18, whereas Hitachi's hardware is nowhere to be found. The Sony scanner weighs a measly 33 grams, hooks up via USB, and adds an extra layer of biometric protection for your most precious data. Whether carrying around an extra dongle just to protect some Excel spreadsheets and your Outlook account is worth it, we leave up to you.
Hitachi builds 3mm-thick vein scanner in its Transylvanian lair
Hitachi has always been hot for vein authentication modules, and its latest iteration takes the whole tech down to just three millimeters in thickness. Given that the current generation requires 23.5mm (nearly an inch) of space to operate in, it's easy to see why your netbook doesn't have one, but Hitachi hopes that's all about to change. Using a CMOS sensor to take almost instant readings, the vein scanner is deadly accurate -- there's only a one in a million chance of it authorizing the wrong person. Volume production is expected within two years, meaning that by 2011 you'll finally have a reliable way to keep your parents out of your "Misc" data folders.
Solutions for login issues
We are continuing to get tips from readers that they are having login issues. If you are one of the many still having trouble logging in, commenter tknogk suggested flushing your DNS and Blizzard has backed this up with more detailed advice.Blue poster, Syndri, suggests three possible resolutions for the login problems: Reboot your computer. Flush your DNS cache. Power cycle your modem and/or router. If none of these solutions solve your problem, Syndri seems to be closely monitoring the login server down post in the Technical Support Forums and you may be able to get further help by posting in there.Please let us know in the comments if this solved your login issues.Edited to add: Blizzard is not saying it is the fault of the people having problems. They made changes on their end and we just need to update things on our end in order to be able to connect properly again.
BlizzCon 2009: An interview with Vasco
Vasco, the digital security company that makes authenticators for Blizzard, has actually been at BlizzCon for a few years now (last year, they gave away yo-yos, and this year, they were responsible for all of those blue glowsticks floating around). But this is the first year we decided to stop by their booth and chat with them, and it's a good thing we did: Will LaSala, Director of Services, gave us a lot of good insight into how Vasco's relationship with Blizzard came about, just what the system behind the Authenticator looks like, and how the mobile authenticator app fits into all of this.He was kind enough to give us a short interview, and you can read it right after the break.
The login server is currently busy [Updated]
Many people have been writing into our tip line that they are unable to log in to their servers at this time. Both Battle.Net and non-Battle.Net users are complaining that authentication is down for them. I received the above error message myself, however my husband is able to log in just fine.We'll keep you updated should Blizzard say anything officially or other developments arise. In the meantime, I will be trying again later as the message asks me to do.Update 7:46PM: Most people are reporting that the authentication issues are fixed.Update: The following message is currently displayed upon login.
Authentication problems continue
We saw it last night, and the problems have once again appeared this afternoon. Authentication isn't working as intended for non-Battle.net accounts. This means if you haven't transformed your WoW account into a Battle.net account, you're probably not going to be able to get into the game easily.The transformation process can be initiated at us.battle.net. It only takes a few minutes and is relatively painless. Converting your account to Battle.net is not required at this time, but I don't think anyone should be surprised if it is soon.Malkorix has said that there are problems, and they are aware of the problems, but don't have any ETA on a fix at this time. He also makes a point to note that converting your account to Battle.net is only a reported and unconfirmed by Blizzard solution. However we can say that we haven't seen any issues with Battle.net accounts.We'll update this post when we have more information.Update: The issue is fixed, for now.
Login issues reported this evening
WoW.com has been getting a massive number of tips in regarding problems people are experiencing when trying to log into the game. There is no official Blizzard word yet, but I wouldn't be surprised to see one soon.The problems seem to be originating from people who have not yet merged their World of Warcraft accounts with their Battle.net accounts. To do so, go into the account management page and select the appropriate options.There have been some stability issues with the login servers the last few days, and this seems to just be the latest.If you can't get in, check out our Guide to Patch 3.2 - we're expecting the patch to drop within the next few weeks. And if you haven't heard already, the Warcraft Movie has landed a director - Sam Raimi. It's World of Spidercraft, baby.Update: Now there is an official Blizzard response to the problem, although there is no ETA on a solution.Update #2: For those wondering, the issue was fixed overnight.
Authentication issues tonight [Updated]
Several people across the U.S. are having authentication or connection issues tonight. I haven't been able to log into my main realm for at least half an hour myself. The above screen may say I'm connected, but it's just stuck there. Sometimes it gets stuck at the character loading screen and sometimes at the authentication screen. Many readers have written in with the same problem.According to Reythur, Blizzard technicians are investigating. From the looks of the forum posters, several internet providers across many different states are affected.We'll let you know when we learn anything more.Update #1: And just like that I'm in. And Blizzard states that the issues have been resolved.Update #2: Many people are reporting that the connectivity issues have returned.
Time Warner's TV Everywhere to pipe internet TV to Comcast subscribers
Just as we heard back in February, Time Warner and Comcast have joined hands in order to regain control on some of the content that is slipping right out from under 'em. In the olden days, the only portal for catching content was the 'tube; today, a vast array of television shows are available gratis on the web, and that's downright frightening for pay-TV operators. Today, both firms are detailing TV Everywhere in the most general way possible, only telling us that paying Comcast subscribers will soon have access to "premium long-form content" via a web portal. TNT and TBS are the only networks specifically named thus far, but considering that both of those already offer their best programming online to everyone, we're not terribly impressed. The agreement also includes a trial with around 5,000 Comcast users, which will be used to heavily test a newfangled authentication technology that will be necessary to allow paying Comcast users to access the material from any internet-connected PC. NewTeeVee has also assembled a clean, easy-to-digest FAQ that explains what exactly all this is. To be frank, it seems like a solution in search of a problem from the consumer viewpoint. After all, with portals like Hulu and individual network websites already providing in-demand content online, why is there even a need for some "special portal" for Comcast users? We've heard that paying subs will have access to even more material, possibly movies or other premium shows. But we won't front: we certainly don't want TV Everywhere to convert some of the content that's already free into pay-only content in order to accomplish the aforesaid "even more" goal. At any rate, the public at large probably won't hear more about this until the trial sessions end at an undisclosed time, but you can bet we'll be keeping a cautious eye on any developments.Read - TV Everywhere press releaseRead - NewTeeVee FAQ
