Miscellaneous Tech News
-
@Kelly said in Miscellaneous Tech News:
Some interesting updates to the Linux Subsystem: https://www.zdnet.com/article/windows-10-is-getting-a-microsoft-built-linux-kernel/.
Saw this on my phone this morning and it's pretty flipping cool.
-
@Kelly said in Miscellaneous Tech News:
Some interesting updates to the Linux Subsystem: https://www.zdnet.com/article/windows-10-is-getting-a-microsoft-built-linux-kernel/.
How long till Windows is just another graphical shell you can run on linux?
-
Google Play 2019 app award winners revealed ahead of I/O
Developers faced stiff competition this year, according to Google
To kick off its I/O developer conference, Google announced the winners of the fourth annual Google Play Awards on Monday. -
A new company will give podcasters up to $50,000 to help them grow
In exchange for part of their yearly revenue
The podcast industry is growing, but independent creators can still have a hard time making money. -
Microsoft’s Edge browser for Mac leaks, available to download early
Available from Microsoft’s official download servers
Microsoft just teased its Edge browser for macOS yesterday, but now, download links have appeared online a little early. -
Master & Dynamic’s first noise-canceling headphones are the featherlight MW65s
Premium materials and design come at a hefty price of $499
Master & Dynamic is one part fashion brand, one part headphones manufacturer. -
World’s fastest supercomputer will be built by AMD and Cray for US government
Frontier is expected to go online in 2021 with 1.5 exaflops of processing power
The world’s fastest supercomputer will be built in the US by 2021, the US Department of Energy announced today. -
@mlnews said in Miscellaneous Tech News:
Master & Dynamic’s first noise-canceling headphones are the featherlight MW65s
Premium materials and design come at a hefty price of $499
Master & Dynamic is one part fashion brand, one part headphones manufacturer.They are ugly.
-
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Master & Dynamic’s first noise-canceling headphones are the featherlight MW65s
Premium materials and design come at a hefty price of $499
Master & Dynamic is one part fashion brand, one part headphones manufacturer.They are ugly.
Very true. And between "one part fashion brand" and "wireless latency", these are a no-go at any price.
-
Windows 10 says Hello to no passwords with FIDO2 certification
Microsoft moves 800 million people closer to a no-password world.
Microsoft has passed another milestone on its quest to kill off passwords. -
@mlnews said in Miscellaneous Tech News:
Windows 10 says Hello to no passwords with FIDO2 certification
Microsoft moves 800 million people closer to a no-password world.
*Microsoft has passed another milestone on its quest to kill off passwords. *How easy is it to fake MS's facial recognition?
We already know how easy it is to fake out most fingerprint readers - (like $300 or less).
-
BBC News - Social media effect 'tiny' in teenagers, large study finds
https://www.bbc.co.uk/news/health-48147378 -
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Windows 10 says Hello to no passwords with FIDO2 certification
Microsoft moves 800 million people closer to a no-password world.
*Microsoft has passed another milestone on its quest to kill off passwords. *How easy is it to fake MS's facial recognition?
We already know how easy it is to fake out most fingerprint readers - (like $300 or less).
How easy is it to "fake" a password?
-
@scottalanmiller said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Windows 10 says Hello to no passwords with FIDO2 certification
Microsoft moves 800 million people closer to a no-password world.
*Microsoft has passed another milestone on its quest to kill off passwords. *How easy is it to fake MS's facial recognition?
We already know how easy it is to fake out most fingerprint readers - (like $300 or less).
How easy is it to "fake" a password?
That's not the same at all. With the fakes, you're creating a fake from something of the original. As for the password - you either know it or don't. So you're either providing the real password (stolen) or guessing... not the same.
-
@travisdh1 said in Miscellaneous Tech News:
@Kelly said in Miscellaneous Tech News:
Some interesting updates to the Linux Subsystem: https://www.zdnet.com/article/windows-10-is-getting-a-microsoft-built-linux-kernel/.
How long till Windows is just another graphical shell you can run on linux?
There are forms of it. I recall seeing a desktop she'll that looked just like Windows 10.
-
@scottalanmiller said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Windows 10 says Hello to no passwords with FIDO2 certification
Microsoft moves 800 million people closer to a no-password world.
*Microsoft has passed another milestone on its quest to kill off passwords. *How easy is it to fake MS's facial recognition?
We already know how easy it is to fake out most fingerprint readers - (like $300 or less).
How easy is it to "fake" a password?
Windows Hello is device only. Someone would actually have to steal your device, then fake your fingerprint for example. By then you could remote wipe it.
Your Microsoft account and all is totally separate from Windows Hello. You can also do 2FA with your online account.
-
@Obsolesce said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Windows 10 says Hello to no passwords with FIDO2 certification
Microsoft moves 800 million people closer to a no-password world.
*Microsoft has passed another milestone on its quest to kill off passwords. *How easy is it to fake MS's facial recognition?
We already know how easy it is to fake out most fingerprint readers - (like $300 or less).
How easy is it to "fake" a password?
Windows Hello is device only. Someone would actually have to steal your device, then fake your fingerprint for example. By then you could remote wipe it.
Your Microsoft account and all is totally separate from Windows Hello. You can also do 2FA with your online account.
How does that relate to FIDO2 though? Is FIDO2 providing some type of authentication that's tied to your MS account so that it works across machines?
I really don't know anything about FIDO2.
-
@Dashrender said in Miscellaneous Tech News:
I really don't know anything about FIDO2.
https://www.yubico.com/2018/05/what-is-fido2/
Last month, open authentication standards reached an important milestone; Microsoft launched support for FIDO2 and CTAP, and the World Wide Web Consortium (W3C) won approval for WebAuthn. Since then, Yubico has received questions on how these efforts are related, what role FIDO U2F and Yubico have in the mix, and what organizations can implement now — and in the future — to enable simple, strong authentication for employees and end-users. This blog will bring some clarity to those questions.
What is the difference between FIDO U2F and FIDO2?
U2F was developed by Yubico and Google, and contributed to the FIDO Alliance after it was successfully deployed for Google employees. The protocol is designed to act as a second factor to strengthen existing username/password-based login flows. It’s built on Yubico’s invention of a scalable public-key model in which a new key pair is generated for each service and an unlimited number of services can be supported, all while maintaining full separation between them to preserve privacy.
Essentially, FIDO2 is the passwordless evolution of FIDO U2F. The overall objective for FIDO2 is to provide an extended set of functionality to cover additional use-cases, with the main driver being passwordless login flows. The U2F model is still the basis for FIDO2 and compatibility for existing U2F deployments is provided in the FIDO2 specs.
What is WebAuthn & CTAP?
A new, extensible web authentication API, called Webauthn, has been developed within W3C, which supports both existing FIDO U2F and upcoming FIDO2 credentials.
The FIDO U2F client-side protocol has been renamed CTAP1, and a new, extensible client-to-authenticator protocol (CTAP2) has been developed to allow for external authenticators (tokens, phones, smart cards etc.) to interface with FIDO2-enabled browsers and Operating Systems
WebAuthn and CTAP2 are both required to deliver the FIDO2 passwordless login experience, but WebAuthn still supports FIDO U2F authenticators, since CTAP1 is also part of the WebAuthn specification.
How can organizations deploy FIDO2?
So, what can organizations do if they are aiming to provide support for FIDO2? We recommend making support for WebAuthn as it works with existing FIDO U2F authenticators and also FIDO 2 authenticators.
Mozilla Firefox 60 recently added support for WebAuthn, Chrome 67 will be shipping with WebAuthn support in the near future, and Microsoft has already announced they will support WebAuthn in Edge browsers. The U2F web API continues to work for U2F authenticators, but is limited to the Chrome and Opera browsers.
To evaluate WebAuthn with FIDO U2F and FIDO2 authenticators today, Yubico offers a test service at demo.yubico.com/webauthn, and soon we will provide more complete open source FIDO2 servers on GitHub. Organizations can sign up for updates from the Yubico Developer Program to get information on FIDO2 and WebAuthn resources.
-
@travisdh1 said in Miscellaneous Tech News:
@Kelly said in Miscellaneous Tech News:
Some interesting updates to the Linux Subsystem: https://www.zdnet.com/article/windows-10-is-getting-a-microsoft-built-linux-kernel/.
How long till Windows is just another graphical shell you can run on linux?
That's all it was from Windows 1 - Windows ME. It only ran on DOS, but if you cared, you could port that to Linux no problem.
Windows NT has a graphical shell but it is much more integrated and can't be separated from the kernel (probably for that reason.)
-
OK so FIDO2 uses public-key model.
But not as good at FIDO U2F because it's still only a single factor, where U2F is a second factor solution.
So where are the private keys held? How do you import them into your mobile devices? What happens if your private keys get loose?
Yeah yeah yeah, I know - go read the page.