Friday, August 14, 2015

FIDO U2F Security Key

More about the FIDO U2F Security Key

Each Security Key has an individualized secure chip which performs cryptographic functions triggered by a simple touch of the key. You never see the details, but behind the scenes FIDO U2F Security Key provides a unique public and private key pair for each application it protects. Only those keys can correctly complete the cryptographic challenge required for login.
The secure chip is of the same class as those used in SIM Cards, electronic passports, military electronic IDs and chip-and-pin credit cards. Like those devices, the chip is specially “hardened” so it’s extremely difficult to steal the secrets hidden inside. The secrets contained in the Security Key belong to the end-user exclusively and are never transferred, copied or stored by a service provider or any other application provider.
This is not a biometric device, instead it uses a capacitive sensor activated by the small bit of electricity the human body naturally produces.

The Skinny on Universal Second Factor (U2F)

FIDO U2F is an emerging open authentication standards initiative with strong support from more than 120 end-user and vendor companies in the FIDO Alliance, a consortium working to bring strong authentication to the masses.
U2F breaks the mold for high-security, public-key hardware devices by removing the complexity of drivers, clients software and the traditional costly certificate authority (CA) model. With FIDO U2F, one single device can be used with any number of online services with no user information or encryption keys shared between the service providers.
Internet and cloud services can dramatically improve the security of their existing password infrastructure by adding a simple but strong, U2F-based second factor for login.
For more information, you can access the full U2F Specifications on the FIDO Alliance website.

More from Yubico

Take a look at our other Yubico YubiKeys, which support a range of authentication methods and security features in different combinations and form factors including one-time passcodes, OATH, Challenge-Response, Smart Card functionality (including OpenPGP and PIV), MIFARE, and Near-Field Communications.
Learn more about how you can integrate FIDO U2F protocol with your online service at developers.yubico.com

Wednesday, August 5, 2015

Using an EE Power Bar? Check if yours poses a fire risk

http://cdn1.tnwcdn.com/wp-content/blogs.dir/1/files/2015/08/EEPowerBarrecall.jpg

Quite unsurprisingly following the story of the exploding charger at the end of last month, network operator EE has issued a recall of a particular batch of its portable Power Bars.
According to the announcement, only batch E1-06 pose a fire safety risk and need to be returned. Bars from other batches aren’t affected, it added.
Katy Emslie’s badly burnt hand, which resulted from trying to extinguish a flaming EE Power Bar.
Katy Emslie’s badly burnt hand, which resulted from trying to extinguish a flaming EE Power Bar.
“It’s our intention to replace these chargers once we’ve completed our investigations; we’ll be in touch once these have been concluded. We’re really sorry for any inconvenience this may cause,” EE says.
If you’ve got an EE Power Bar, best check the little code on the side to see if you have one of the special potentially ‘fizzy’ models.
Until the investigation has been completed, the exchange program has been temporarily suspended.