The IRS is changing from using a homegrown userid and password based authentication system to a third party single signon type of system run by ID.ME. Given that the IRS doesn’t have a great track record for security, your first inclination might be “can’t be any worse than what they had before”. The short version […]
Continue reading → [DISPLAY_ACURAX_ICONS]As times change and as a function of the pandemic response, governments are trying to deliver more services online. Unfortunately, governments rarely get to hire the best or the brightest software developers or security architects because they cannot match what the private sector can offer. Auth0 recently released the findings of its Public Sector Identity […]
Continue reading → [DISPLAY_ACURAX_ICONS]Law enforcement has been trying since at least the 1990’s when they jailed and tried to convict Phil Zimmerman for creating an open source encryption program called PGP, to put the encryption genie back in the bottle. The problem is that encryption is math and math doesn’t care about politics. If some governments were to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Actually, they just used New York as an example, but the researchers literally melted the copper power lines. Once the power lines were vaporized, well, there was no more power. The good news is that this was just a demonstration, but definitely a scary one. Worse yet. The device the team hacked – it was […]
Continue reading → [DISPLAY_ACURAX_ICONS]Senator Chris Van Hollen (Maryland) wrote a letter to Commerce Secretary Raimondo asking what she planned to do about this security vulnerability – the first we are hearing about it. Raimondo could ban the equipment, just like equipment made by Huawai and others. Chinese electronics maker Yealink is not a household word like Huawei, but […]
Continue reading → [DISPLAY_ACURAX_ICONS]Software released by Microsoft and other vendors is digitally signed so that users can validate that it really came from the vendor in question and that it has not been modified since the vendor created it. However, hackers have figured out how to bypass the security provided by Microsoft’s digital signature verification process, allowing them […]
Continue reading → [DISPLAY_ACURAX_ICONS]