Link

Google’s iPhone Security App Keeps You in its Ecosystem

Andrew Orr ·

Google updated its Smart Lock app on iOS to let iPhones be used for two-factor authentication. But it will only work inside Chrome. Now your only choices for Google two-factor authentication are this Smart Lock app, or a phone number (an insecure method). You can also use a physical security key but not an app like Authy.

After installing the update, users are asked to select a Google account to set up their phone’s built-in security key. According to a Google cryptographer, the feature makes use of Apple’s Secure Enclave hardware, which securely stores ‌Touch ID‌, Face ID, and other cryptographic data on iOS devices.

Update. So I made a mistake and you can use an app like Authy, but you first have to surrender your phone number to Google. Which I’m obviously loathe to do so I use a disposable number.

Link

Apple Needs to Put Hardware at The Heart of its Smart Home Strategy

Charlotte Henry ·

Apple needs to dive headfirst into the smart home industry, with hardware at the center of the strategy. That’s according to Jason Snell, who laid out his argument for MacWorld.  He argues for the creation of a new product, a kind of hub, that will sit at the heart of it all.

Apple can contribute to the smart-home industry and its own bottom line by doing what it does best, namely creating a new product that’s a fusion of hardware, software, and cloud services. It’s time for Apple to build a product that makes your home smarter and more secure. It’s time for Apple Home. Apple got out of the home router game a while ago, with the discontinuation of the AirPort line. I’m recommending that Apple bring it back, because today’s smart homes require rock-solid wireless connectivity, and while Apple’s two biggest competitors have home-network offerings, Apple’s got nothing. An Apple-built mesh networking system a la Amazon’s Eero seems like a natural.

Link

Cellebrite’s Acquisition Adds Computer Forensics to its Portfolio

Andrew Orr ·

Cellebrite, a company specializing in hacking smartphones for law enforcement, has acquired BlackBag Technologies, a company specializing in hacking computers for law enforcement. This will let Cellebrite offer law enforcement an “all-in-one” forensic solution to cover smartphones, laptops, desktops, and cloud data.

It also means offering a broad array of field acquisition capabilities including consent-based evidence collection along with an integrated solution set that provides access, insight and evidence management to facilitate and control large-scale deployments and orchestrate the entire digital intelligence operation.

Cellebrite offers all of these capabilities to law enforcement, but the FBI still wants Apple to create a backdoored version of iOS.