Podcasts about web authentication

Do you know that voting for Automation Guild 2025 session is now open. Want to know how to elevate your performance and functional automation checks at each stage of your SDLC? What's new in the latest version of Playwright? Find out in this episode of the Test Guild New Shows for the week of Oct 13th.  So, grab your favorite cup of coffee or tea, and let's do this. time topic link 1:07 Performance SDLC Webinar https://testguild.me/perfwebinar 0:30 AutomationGuild Vote https://testguild.com/vote 2:28 Playwright 1.48 https://testguild.me/zv5kol 3:30 Smartbear Load Testing https://testguild.me/afqjtq 4:12 Web Authentication with Playwright  https://testguild.me/cygfhc 5:02 TestRail AI Report https://testguild.me/fqzxmr 6:18 Quality DevOps Playbook https://testguild.me/devopsbook 7:04 Dynatrace System Availability AI https://testguild.me/rjreh2 8:13 SecureLayer7 https://testguild.me/ia6hah 0:00 Subscribe to the news show now https://testguild.me/newsub

Are you ready for passkeys? Richard talks to Tarek Dawoud from Microsoft about the evolution of passwordless access with passkeys. Tarek talks about the FIDO alliance and the ongoing effort to create authentication strategies that are mathematically impossible to phish - no password stuffing under the covers that might get exploited by a man-in-the-middle attack. The conversation also dives into the passkeys name and how it's a rebranding of passwordless authentication to make it easier for everyone to understand that you'd rather have a passkey than a password. The products involved are still evolving, but there's plenty you can take advantage of today and make your organization more phishing-resistant than ever!LinksFido AllianceYubicoWindows Hello for BusinessMicrosoft Digital Defense Report 2023Accenture Passwordless JourneyConditional AccessTemporary Access PassEnable Passkeys For Your OrganizationWeb AuthenCTAPMicrosoft Password GuidanceRecorded June 3, 2024

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast

Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community.

Hinter der Abkürzung WebAuthn verbirgt sich der Begriff Web Authentication. Hierbei handelt es sich um einen veröffentlichten Webstandard für eine Programmierschnittstelle -auch bekannt unter dem Begriff Application-Programming-Interface, kurz API -  die zur Authentifizierung von Usern im Web dient und anstelle von Passwörtern auf dem Public-Key-Verfahren und der Nutzung von Faktoren wie biometrischen Merkmalen, Hardware-Token oder Smartphones basiert. Darüber hinaus soll die WebAuthn-API die Kommunikation zwischen einer Webseite und einem Sicherheitsgerät einem sogenannten Token erleichtern und die Anmeldeverfahren im Internet sicherer und komfortabler machen. Die WebAuthn ist eine Kernkomponente des FIDO2-Projektes. Im März 2019 wurde sie vom World-Wide-Web-Consortium (W3C), dem Standardisierungsgremium für das Internet, und der Fast IDentity Online-Allianz, kurz FIDO-Allianz, zu einem offiziellen Webstandard erklärt. Die WebAuthn-API kann sowohl im Browser als auch auf Webplattform-Infrastrukturen integriert werden. Durch den Einsatz der WebAuthn-API können Webseitenbetreiber ihren Benutzern alternativ zum klassischen Passwort-Login, die Registrierung und Authentifizierung mittels „Authenticator“ anbieten. Bei einem “Authenticator” kann es sich dabei um einen Hardware-Security-Token handeln, wie zum Beispiel einem FIDO-USB-Sicherheitsschlüssel, der mit einem Computer verbunden wird oder aber um ein Smartphone, an dem man sich durch biometrische Informationen identifiziert wie zum Beispiel durch den Fingerabdruck, Gesichts- oder Iris-Scan. Bei WebAuthn haben User zudem die Möglichkeit, verschiedene Authenticatoren gleichzeitig für ihr Online-Konto zu registrieren. Dadurch wird für sie die Kontoverwaltung und -wiederherstellung wesentlich komfortabler. Beispielsweise kann sich ein User mit einem Fingerabdruckscanner bei mobilen Anwendungen auf seinem Mobilgerät anmelden und parallel dazu einen Hardware-Security-Token registrieren. Falls das ursprüngliche Gerät aktualisiert, verloren, gestohlen oder kompromittiert wurde, lässt sich so der Zugriff auf das Online-Konto schnell wiederherstellen Aber lassen Sie mich die Funktionsweise der Web Authentication noch etwas näher erklären. Zunächst einmal müssen Sie wissen, dass bei einer WebAuthn-Kommunikation grundsätzlich drei “Parteien” beteiligt sind: Der Authenticator, der Server und der JavaScript-Client -auch bekannt als Web App. Mal angenommen, ein User möchte sich auf einer Webseite die eine WebAuthn-API benutzt registrieren: Zu aller Erst bietet ihm die API mehrere Authentifizierungsmethoden an. Der User kann zwischen externen Hardware-Security-Token oder biometrische Authentifizierungsmethoden, wie dem Iris-Scan, der Gesichtserkennung oder dem Fingerabdruck wählen. Sobald er die gewünschte Authentifizierungsmethode ausgesucht hat, muss er seinen “Authenticator” einmalig registrieren. Bei diesem Prozess erzeugt der Server zunächst eine Challenge (Herausforderung) und sendet sie samt Login-Daten zum JavaScript-Client im Browser des Nutzers. Diese weist das Endgerät an, den neuen Authenticator zu registrieren. Anschließend generiert der “Authenticator” ein individuelles Schlüsselpaar. Der Privat Key wird auf dem Endgerät gespeichert und der Public Key wird gemeinsam mit der Credential-ID und der Signatur der Challenge an den Server übermittelt. Der Server verifiziert die Informationen und hinterlegt sie in einer Datenbank. Beim erneuten Login übermittelt der Server erneut eine Challenge. Diese wird vom Browser zusammen mit der Domain an den Authenticator weitergereicht. Nach der Bestätigung durch den Benutzer, beispielsweise durch einen Fingerabdruck-Scan wird die digitale Signatur zurück an den Server gesendet und der erfolgreiche Login erfolgt. Sie sehen, mit WebAuthn profitieren sowohl die Webentwickler als auch die User. Denn: die Web Authentication ermöglicht starke, eindeutige, auf öffentlichen Schlüsseln basierende Anmeldeinformationen für jede Webseite oder Webanwendung. Gleichzeitig minimiert sie damit das Risiko, dass User zum Opfer gefährlicher Man-in-the-Middle-Angriffe und Passwortdiebstahl durch Phishing oder Keylogging werden. Außerdem erleichtert WebAuthn die Bereitstellung sicherer Webanwendungen mit einer Auswahl an stärkeren Authentifizierungsmethoden. Auf diese Weise wird die Abhängigkeit von schwachen Passwörtern verringert. Darüber hinaus bietet WebAuthn den Benutzern die Möglichkeit, verschiedene Authenticatoren für ihr Konto zu registrieren, um die Kontoverwaltung und -wiederherstellung komfortabler zu gestalten. Bevor wir zum Ende unseres Podcasts kommen, lassen Sie mich noch einmal kurz die wichtigsten Merkmale der Web Authentication zusammenfassen: Erstens, für jeden Webservice ist ein eigener, eindeutiger Account vorhanden. Sprich, es lassen sich nicht mehr gleiche Zugangsdaten zur Anmeldung an unterschiedlichen Webservices verwenden. Zweitens, die Zugangsfaktoren wie biometrische Informationen verlassen niemals das Endgerät eines Users Drittens, die Anwender können sich mithilfe eines Hardware-Tokens, einem Smartphone oder biometrischen Merkmalen wie beispielsweise einem Fingerabdruck, Gesichtserkennung oder Iris Scan anmelden. Viertens, für die Anmeldung sind keine Passwörter notwendig. Dadurch ist diese Authentifizierungsmethode resistent gegen Man-in-the-Middle-Angriffe und verhindert den Passwortdiebstahl durch Phishing. Fünftens, WebAuthn wird inzwischen von Windows 10, Android, Google Chrome, Mozilla Firefox, Microsoft Edge und Apple Safari unterstützt. Ebenso ist die Integration auf Webseiten über den Aufruf der WebAuthn-API möglich. Fazit: Die Web Authentication ist ein Meilenstein in der Geschichte der Internetsicherheit. Sie ist der erste globale Standard für eine sichere Web-Authentifizierung und ebnet somit den Weg in eine Welt der benutzerfreundlichen, hochsicheren und passwortfreien Authentifizierung. Kontakt: Ingo Lücker, ingo.luecker@itleague.de

Hello from the internet! In this episode we continue our exploration of identity, security and authorisation on the web... Enjoy the show!

Hello from the Internet! In this episode we discuss all that is web authentication and how we got here from the pre-cookie days of the internet! From Basic, to Form to Auth0 and WebAuthN we look at the different ways we can get into websites (legally of course!) Enjoy the show!

This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication!   To learn more about Secfense, visit: https://securityweekly.com/secfense Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218 Visit https://www.securityweekly.com/hnn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication!   To learn more about Secfense, visit: https://securityweekly.com/secfense  Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218 Visit https://www.securityweekly.com/hnn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication! To learn more about Secfense, visit: https://securityweekly.com/secfense Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218 Visit http://hacknaked.tv to get all the latest episodes!

Is innovation in the computing industry over? MoviePass is dead…again? Plus, security news, the DVD revolution, and much, much more… Co-Hosts: N/A Opening Audio: N/A The Foreplay:--The Sovryn Tech Newsletter (zog.email)...check your spam folders!!, MoviePass problems, new Malwarebytes browser extension (bit.ly/2KpgbSB), Edge adds Web Authentication, Freewrite Traveler (traveler.getfreewrite.com/). Important Messages:--"Sovryn Tech Contact Form” Link: contact.zog.ninja--“Nothing New Under the Sun” GameTalk:--“Fortnite and Google Play” Link: cnet.co/2M43TUA The Climax: --“The DVD Revolution” APPENDIX: -- Sovryn Tech Store: store.sovryntech.com--“ZenCash” Link: zensystem.io/ --"Surveillance Self-Defense" Link: ssd.eff.org/ --"That One Privacy Site" Link: thatoneprivacysite.net/ --"Privacytools.io" Link: www.privacytools.io/ --"ipleak.net" Link: ipleak.net/ --"Secure Messaging Apps" Link: www.securemessagingapps.com/ --"A Graduate Course in Applied Cryptography" Link: toc.cryptobook.us/ --"URLscan.io" Link: urlscan.io/ --"WinZec Zcash Wallet" Link: winzec.com/--"EFF Guide to the US Border" Link: bit.ly/2m79lGe--"RetroShare" Link: retroshare.net/--“Books of Liberty” Link: booksofliberty.com/--"Dark Android: 2017 Edition" Link: darkandroid.info---------------------------------------------------------------------------------- Make easy monthly donations through Patreon: patreon.com/sovryntech Donate with Crypto! BTC: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d ZenCash Shielded (encrypted) Address: zceDc5yyR5wY5w9ArxhAvLxWz2gpKMESTzC3iwzASong3o4oVgqp1VkZU1eeMUobPW87TStRABqcfN3rPSErFwyFnU8AjJeZenCash Transparent (unencrypted) Address: znZCyUwzGt19KqhCVzeR5iiUG5CEjNoe1YpZcash Shielded (encrypted) Address: zcfUhN29ddFdtZ1iKvv6WFFXUB9nKWwL5kXvcrvhQuB2yMw6eabshv1CGN92kkbtRt1Ykf1k2266sJvZAQQUrhmpuCwXUDD Zcash Transparent (unencrypted) Address: t1ZAA33YYzPmm4Ks5aq13N4NJBjqqSypY8G Donate with PayPal! Link: donate.zog.ninja Donate with our Amazon Wish List! Link: wishlist.zog.ninja---------------------------------------------------------------------------------- You can e-mail the show at: bbs@sovryntech.com---------------------------------------------------------------------------------- You can also visit our IRC channel on Freenode: #SovNet Or just go to: irc.zog.ninja----------------------------------------------------------------------------------sovryntech.com twitter.com/sovryntech

Is innovation in the computing industry over? MoviePass is dead…again? Plus, security news, the DVD revolution, and much, much more… Co-Hosts: N/A Opening Audio: N/A The Foreplay:--The Sovryn Tech Newsletter (zog.email)...check your spam folders!!, MoviePass problems, new Malwarebytes browser extension (bit.ly/2KpgbSB), Edge adds Web Authentication, Freewrite Traveler (traveler.getfreewrite.com/). Important Messages:--"Sovryn Tech Contact Form” Link: contact.zog.ninja--“Nothing New Under the Sun” GameTalk:--“Fortnite and Google Play” Link: cnet.co/2M43TUA The Climax: --“The DVD Revolution” APPENDIX: -- Sovryn Tech Store: store.sovryntech.com--“ZenCash” Link: zensystem.io/ --"Surveillance Self-Defense" Link: ssd.eff.org/ --"That One Privacy Site" Link: thatoneprivacysite.net/ --"Privacytools.io" Link: www.privacytools.io/ --"ipleak.net" Link: ipleak.net/ --"Secure Messaging Apps" Link: www.securemessagingapps.com/ --"A Graduate Course in Applied Cryptography" Link: toc.cryptobook.us/ --"URLscan.io" Link: urlscan.io/ --"WinZec Zcash Wallet" Link: winzec.com/--"EFF Guide to the US Border" Link: bit.ly/2m79lGe--"RetroShare" Link: retroshare.net/--“Books of Liberty” Link: booksofliberty.com/--"Dark Android: 2017 Edition" Link: darkandroid.info---------------------------------------------------------------------------------- Make easy monthly donations through Patreon: patreon.com/sovryntech Donate with Crypto! BTC: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d ZenCash Shielded (encrypted) Address: zceDc5yyR5wY5w9ArxhAvLxWz2gpKMESTzC3iwzASong3o4oVgqp1VkZU1eeMUobPW87TStRABqcfN3rPSErFwyFnU8AjJeZenCash Transparent (unencrypted) Address: znZCyUwzGt19KqhCVzeR5iiUG5CEjNoe1YpZcash Shielded (encrypted) Address: zcfUhN29ddFdtZ1iKvv6WFFXUB9nKWwL5kXvcrvhQuB2yMw6eabshv1CGN92kkbtRt1Ykf1k2266sJvZAQQUrhmpuCwXUDD Zcash Transparent (unencrypted) Address: t1ZAA33YYzPmm4Ks5aq13N4NJBjqqSypY8G Donate with PayPal! Link: donate.zog.ninja Donate with our Amazon Wish List! Link: wishlist.zog.ninja---------------------------------------------------------------------------------- You can e-mail the show at: bbs@sovryntech.com---------------------------------------------------------------------------------- You can also visit our IRC channel on Freenode: #SovNet Or just go to: irc.zog.ninja----------------------------------------------------------------------------------sovryntech.com twitter.com/sovryntech

This episode focuses on topics introduced by the following TechGenix articles: - Data analytics and business intelligence: Understanding the differences - Are web passwords about to go extinct? - Go to helldesk! How to make your helpdesk assignment less of a nightmare

This week:  HomePod is already stumbling in sales—is it doomed?   Apple Is the richest company on earth, so where are all its billionaires? Face ID could replace passwords on your favorite websites The death of Touch ID scheduled for this fall And stay tuned for Under Review, where we go hands on with an $80 tech-packed coffee cup, a beautiful new HomeKit smart lock, and the all-new Mavic Air drone.   This week:  HomePod is already stumbling in sales—is it doomed?   Apple Is the richest company on earth, so where are all its billionaires? Face ID could replace passwords on your favorite websites The death of Touch ID scheduled for this fall And stay tuned for Under Review, where we go hands on with an $80 tech-packed coffee cup, a beautiful new HomeKit smart lock, and the all-new Mavic Air drone.   This episode supported by   Easily create a website by yourself, at Squarespace.com/cultcast. Use offer code CultCast at checkout to get 10% off your first purchase of a website or domain.   The single-router wifi model just doesn’t work for our increasingly high-bandwidth world. The EEROdistributed system will blanket your home in hyper-fast, reliable WiFi, and you can score free overnight shipping with code "CultCast" at checkout.   On the show this week @erfon / @bst3r / @lewiswallace   New RED iPhone 8 So beautiful. So red. https://www.youtube.com/watch?v=4O9dNuiOWDg   Join us for a live hangout on Friday the 13th, 12PM Pacific! live.thecultcast.com   Erfon’s YouTube review of the tech-packed Ember Ceramic mug https://www.youtube.com/watch?v=_6oOEv70mec   Apple's Stumbling HomePod Isn't the Hot Seller Company Wanted https://www.bloomberg.com/news/articles/2018-04-12/apple-s-stumbling-homepod-isn-t-the-hot-seller-company-wanted Is the HomePod toast? According to some Apple store workers, inventories are piling up and Apple has cut orders with their manufacturer. "At first, it looked like the HomePod might be a hit. Pre-orders were strong, and in the last week of January the device grabbed about a third of the U.S. smart speaker market in unit sales, according to data provided to Bloomberg by Slice Intelligence. But by the time HomePods arrived in stores, sales were tanking, says Slice principal analyst Ken Cassar. “Even when people had the ability to hear these things,” he says, “it still didn’t give Apple another spike.”” According to Slice Intelligence: During the HomePod’s first 10 weeks of sales, it eked out 10 percent of the smart speaker market, compared with 73 percent for Amazon’s Echo devices and 14 percent for the Google Home Why aren’t people buying HomePods?     Apple Is the Richest Company, So Where Are the Billionaires? https://www.bloomberg.com/news/articles/2018-04-11/apple-is-the-richest-company-so-where-are-all-the-billionaires Did you know it wasn’t Apple that made Steve Jobs a billionaire? It was Pixar selling to Disney.   Well it seems, as the world’s richest company, Apple would have many billionaires in its ranks.  Turns out it doesn’t, and two astute reporters at Bloomberg wondering why. Apple Chairman Art Levinson is the only insider billionaire at Apple, and his Apple stock only accounts for $200 of his fortune. It’s estimated that Tim Cook is only worth 600 million dollars. Steve Jobs sold all but one of his shares when he was ousted from the company. One theory is that large stockholders sold off their shares in 1997 when Apple was on the brink of bankruptcy. Apple is smart with their executive pay, tying significant parts of compensation to company performance. Only corporate insiders or shareholders with stakes exceeding 5 percent are required to report their interests, so it’s possible there are billionaires around.   Face ID could replace passwords on your favorite websites https://www.cultofmac.com/540679/face-id-could-replace-passwords/ Face ID could become even more useful thanks to a newly launched Web Authentication standard, which could replace regular web passcodes with biometric identification. This is via an API created by the FIDO Alliance and W3C. It allows users to access any online service in a browser through password-free FIDO Authentication. While Apple already allows Face ID to autofill usernames and passcodes on iOS, this could go one step further by replacing the passcode altogether. This would make it a more secure option. The biometric services covered by the API include fingerprint readers, cameras and USB keys. At present, the feature can be used in Mozilla’s Firefox browser, with Google Chrome and Microsoft Edge integration set to follow in the coming months. Opera integration is in the works, too, although sadly there’s no mention of Apple adopting this for Safari.   Death of Touch ID scheduled for this fall https://www.cultofmac.com/540509/2018-iphone-rumors-face-id-big-oled/ All of the 2018 iPhone models will have Face ID, according to an industry analyst. The analyst also indicated that two of the three models coming this fall will have OLED displays. There will be one medium-size and two bigger iPhones, both larger than any before. He’s also expecting a price drop on the iPhone X to $899, with the X Plus costing $999. Could that mean a move to FaceID on the Mac?   Under Review!   Ember Ceramic temperature-controlled coffee cup   Yale Real Living Assure Lock   DJI Mavic Air

Software engineer, author, and Google Developer Expert Allen Firstenberg (@afirstenberg) visits the show to discuss what exactly identity for a user is. From pitfalls with our current thinking in identifying users to the latest technology in helping users sign in across multiple devices and platforms. Visit the website for This Week in Web, resources & more: https://thewebplatformpodcast.com/146-web-authentication-with-google-identity   Follow The Web Platform podcast on Twitter for regular updates @TheWebPlatform.

Introduction [0:35] Web Authentication[3:27] Authentication - Verifable & Non-Forgable Convinience vs Security Facebook Login Google+ Login Twitter Sign In Github Login bcrypt Opauth Zynesis CakePHP yii framework Opauth Strategies Web Security [19:20] Security Now Podcast Security Now Podcast - How the Internet Works OmniAuth OWASP SQRL Mozilla Persona Mozilla Persona community ownership Google Authenticator Lastpass Keepass Brakeman CodeClimate Matt Blaze Matthew Green Bruce Schneier Brian Krebs Mikko Hyppönen Steve Gibson I/O Polling audience questions [31:02] txtm.sg One Time Password PDA Out of Band Rapid Fire questions [39:53] Github Atom Steve Gibson Hacker News RaspberryPi Growth Hacking Handbook Doubly Linked List - New releases [43:17] Arduino Zero ARM Cortex M0 Opauth v1.0 txtm.sg txtm.sg cupon code : webuildsg Event Loop - Local events [47:44] Google IO 2014 Matt Mullenweg Live! Singapore Gophers Meetup CryptoParty Electric Plug – Connect with U-Zyn! [51:05] U-Zyn’s Twitter U-Zyn’s Website Zynesis Ping.sg Saaus U-Zyn’s Github