DTNS 2348 – Where we’re going, we’ll need roads

Logo by Mustafa Anabtawi thepolarcat.comPatrick Beja is on the show today and we’ll discuss whether Google’s use of U2F (like Yubikey) for login security is the wave of the future.

MP3

Multiple versions (ogg, video etc.) from Archive.org.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke, sebgonz and scottierowland on the subreddit

Show Notes

Today’s guest: Patrick Beja, DTNS contributor and host of Le Rendez-vous Tech

Headlines

Reuters reports augmented reality startup Magic Leap raised $542 million in funding led by Google and Qualcomm. This would be just another startup receiving another round of funding if it weren’t for the mystery. Very few people know what Magic Leap’s product is. CEO and founder Rony Abovitz has said Magic Leap will develop “the most natural and human-friendly wearable computing interface in the world.” Apparently the device will track your eyeballs and project images directly on them, meaning that images appear within the natural world. Sundar Pichai, senior vice president of Android, Chrome and Apps at Google, will join Magic Leap’s board.

PC World reports the US Federal Trade Commission has appointed privacy consultant Ashkan Soltani as its new chief technologist, beginning in November. Soltani is a security researcher who won the Pulitzer Prize for public service in 2014 along with his co-authors who covered the US NSA surveillance programs.

GigaOm reports China denies any involvement in a man in the middle attack on Apple’s iCloud within China. The attack coincided with the launch of the iPhone 6 in China according to Greatfire.org. Swedish security researchers at Netresec said the attacks seem are being performed from within China, on backbone networks belonging to China Telecom and China Unicom. Hua Chunying, a spokeswoman for China’s foreign ministry, told journalists the government was “resolutely opposed” to hacking. China Telecom also said accusations against the government were “untrue and unfounded.”

Nielsen, the company that tracks tv ratings has partnered with Adobe Systems to measure viewership of digital video across all Internet-connected platforms. According to Reuters, this includes desktops, smartphones, tablets, game consoles and over-the-top boxes. The system will launch in 2015 with ESPN, Turner Broadcasting, Sony’s Crackle, Viacom and Univision already signed up.

The Verge reports that the best features of music service Songza–including smart playlist creation– will now be a part of Google Play Music on Android iOS and the web. Google acquired Songza back in July. An update today will add a version of Songza’s Concierge service, offers a colorful list of activities (working out, sleeping, studying, calling Comcast, etc.) designed to match your activities and mood. The feature is available only to All Access subscribers, but there are no ads. A Play Music representative said it’s “business as usual” for the stand-alone Songza app.

Everyone, you can relax now, the continuity of our future timeline is assured. There WILL be a working hoverboard available for purchase in time for the Back to the Future ‘Oh My God It’s The Future’ deadline next year. Gigaom reports that a California startup called Arx Pax has created a board called the Hendo, which can hover three quarters of an inch above the ground, but only on certain types of metal capable of generating a magnetic field, like copper. And it definitely won’t work on water. Oh, and it will cost $10,000. The company’s ultimate goal is to create a small white box that adds hovering capabilities to anything in your home, office, or museum. So, hovering Mona Lisa, coming in 2015.

Hold on to your pants, people. Yahoo beat expectations in their Q3 earnings report, announced today. TechCrunch report that Yahoo with sales of $1.09 billion excluding traffic acquisition costs and non-GAAP earnings per share of $0.52. Revenues including acquisition costs were $1.15 billion. Analysts were expecting on average non-GAAP earnings per share of $0.30 on ex-TAC sales of $1.04 billion.Yahoo’s stock is up over 4% in after-hours trading, following this news. Now, what’s Yahoo going to do with their five billion dollars in Alibaba cash.

ReCode reports HP will demonstrate a new product called ‘Sprout’ at an event in New York Oct. 29. According to people who’ve seen it, the product combines a large flat-screen display with a flat touch-enabled work surface and an overhead assembly that combines a projector and a 3-D scanner. The overhead device projects images downward onto the work surface, which users can manipulate with their hands or with a stylus.

 

 

 

 

News From You

Kylde pointed out a Lifehacker post about what will be our main discussion story today. Google is implementing a new second-factor authentication scheme called Security Key which allows you to use a Universal 2nd Factor key, like Yubikey, to login. The key uses the open FIDO framework to authenticate you rather than typing in numbers that could be phished. In other words you just stick a special USB key in your device and press a button. For now Security Key only works with Chrome.

KAPT_Kipper submitted a TechCrunch article reporting that Microsoft will drop Nokia branding from its Windows phones. The phones will now be called “Microsoft Lumia” phones. The rebranding will begin in France and move around the world. That means the name Nokia will only be used by Nokia which still exists as a mapping and network technology company.

hometownrival submitted the iMore story that Apple has responded to a Washington Post story co-written by future FTC Chief Technologist Ashkan Soltani, pointing out the OS X Yosemite’s spotlight search sends data back to Apple. Apple said it limits what data is collected, does not even attach it so an IP address or any kind of persistent identifier and points out you can opt out of Spotlight Suggestions, Bing or Location Services for Spotlight.

 

Discussion Links: USB Security

https://gigaom.com/2014/10/21/this-usb-key-secures-and-unlocks-your-google-account-in-chrome/

http://googleonlinesecurity.blogspot.com/2014/10/strengthening-2-step-verification-with.html

http://www.zdnet.com/duo-security-announces-u2f-authentication-support-7000034911/

https://fidoalliance.org/

https://fidoalliance.org/specifications

http://www.biometricupdate.com/201410/nok-nok-labs-adds-apple-touch-id-support-unlocking-fingerprint-authentication-possibilities-for-app-developers

Pick of the Day: GAuth Authenticator via Stephen Funkhouser

Tom I agree with your skepticism about using a tool like Authy that syncs your 2nd factor authentication keys between machines. Security and convenience are always at odds, and in this case we don’t know enough about how Authy works to trust them blindly.

I personally use Gauth Authenticator as a chrome extension (there’s a Firefox one available also). It’s open source with a public repo on github. It stores your key data locally, so only you have it. I also like to backup the text version of my 2nd factor keys in LastPass in the notes section under each accounts record. Thanks for a wonderful, and insightful podcast.

Plug of the week:  DTNS artist in residence Len Peralta has a new comic out that’s burning up the charts on Amazon. It’s called Exterminite about a company that can go into your dreams and exterminate your nightmares. Check it out!

Wednesday’s guest: Eric Franklin, Cnet section editor covering how to and tablets / co-host of CNET’s The Fix

Leave a Reply

Your email address will not be published. Required fields are marked *