NIST Prepares To Ban SMS-Based Two-Factor Authentication

An anonymous reader writes: “The U.S. National Institute for Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban of SMS-based Two-Factor Authentication (2FA),” reports Softpedia. The NIST DAG draft argues that SMS-based two-factor authentication is an insecure process because the phone may not always be in possession of the phone, and because in the case of VoIP connections, SMS messages may be intercepted and not delivered to the phone. The guideline recommends the usage of tokens and software cryptographic authenticators instead. Even biometrics authentication is considered safe, under one condition: “Biometrics SHALL be used with another authentication factor (something you know or something you have),” the guideline’s draft reads.

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/yplrucyN5Dw/nist-prepares-to-ban-sms-based-two-factor-authentication

Original article

6 Slack alternatives worth a look

Once upon a time if you wanted employees to collaborate you’d probably encourage them to use Internet Relay Chat (IRC). But about three years ago Slack appeared on the scene, and since then it’s been eating IRC’s lunch. That’s because it’s much easier to install, get up and running, and use than IRC, making it massively popular with nontechies. And thanks to a well-documented API it’s easy to integrate with other programs and services. That means it’s customizable and infinitely extensible, which makes it popular with developers.To read this article in full or to leave a comment, please click here(Insider Story)


Original URL: http://www.computerworld.com/article/3099654/collaboration/6-slack-alternatives-worth-a-look.html#tk.rss_all

Original article

24 tech experts weigh in on what exactly a ‘decentralized web’ means

 You may have seen some chatter here and there about the “decentralized web,” but there isn’t a really clear definition of what the term means — and really, considering its nature, it would be surprising if there were. There are, therefore, a variety of opinions, as Syracuse University’s School of Information found out when they pinged two dozen tech experts and… Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/kR1zfIEE1rM/

Original article

1999-server on Docker

1999-server on Docker
davewiner
We now have a howto for running 1999-server on Docker.This is great because Docker has become the standard for “container” services.Thanks to Don Park for getting this started, and showing me how Docker works. Having a patient, friendly expert around to help makes all the difference on projects like this.If you have questions, post a message on the 1999-server mail list.


Original URL: http://scripting.com/2016/07/25/1409.html

Original article

Researchers Discover 110 Snooping Tor Nodes

Reader Orome1 writes: In a period spanning 72 days, two researchers from Northeastern University have discovered at least 110 “misbehaving” and potentially malicious hidden services directories (HSDirs) on the Tor anonymity network. “Tor’s security and anonymity is based on the assumption that the large majority of its relays are honest and do not misbehave. Particularly the privacy of the hidden services is dependent on the honest operation of hidden services directories (HSDirs),” Professor Guevara Noubir and Ph.D. student Amirali Sanatinia explained. “Bad” HSDirs can be used for a variety of attacks on hidden services: from DoS attacks to snooping on them.

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/6erDf5VzQpM/researchers-discover-110-snooping-tor-nodes

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: