Inside Two-Factor Authentication Apps
Passwords are in a pretty broken state of implementation for authentication. People pick horrible passwords and use the same password all over the place, firms fail to store them correctly and then their databases get leaked, and if anyone’s looking over your shoulder as you type it in (literally or metaphorically), you’re hosed. We’re told that two-factor authentication (2FA) is here to the rescue.
Well maybe. 2FA that actually implements a second factor is fantastic, but Google Authenticator, Facebook Code Generator, and any of the other app-based “second factors” are really just a second password. And worse, that second password …read more
Oh Great, WPA2 Is Broken
WPA2, the standard security for Wi-Fi networks these days, has been cracked due to a flaw in the protocol. Implications stemming from this crack range from decrypting Wi-Fi, hijacking connections, and injecting content. It’s fair to say, WPA2 is now Considered Harmful. The paper is available here (PDF).
This is a proof-of-concept exploit, and like all headline-making network security stories, it has a name. It’s called KRACK, for Key Reinstallation Attack. The key insight to this exploit is a vulnerability in the handshaking between routers and devices to establish a secure connection.
This is not …read more
LEGO-compatible Electronics Kits Everywhere!
Within the last few years, a lot of companies have started with the aim to disrupt the educational electronics industry using their LEGO-compatible sets. Now they’re ubiquitous, and fighting each other for their slice of space in your child’s box of bricks. What’s going on here?
The main reason for LEGO-compatibility is familiarity. Parents and children get LEGO. They have used it. They already have a bunch. When it comes to leveling up and learning about electronics, it makes sense to do that by adding on to a thing they already know and understand, and it means they …read more
Building The Hackaday Superconference Badge
The best hardware conference is just a few weeks away. This is the Hackaday Superconference, and it’s two days of talks, an extra day of festivities, soldering irons, and an epic hardware badge. We’ve been working on this badge for a while now, and it’s finally time to share some early details. This is an awesome badge and a great example of how to manufacture electronics on an extremely compressed timetable. This is badgelife, the hardware demoscene of electronic conference badges.
So, what does this badge do? It’s a camera. It has games, and it’s designed by [Mike Harrison] of …read more
Happy Ada Lovelace Day!
Today is Ada Lovelace Day, a day to celebrate and encourage women in the fields of science and technology. The day is named after Augusta Ada King-Noel, Countess of Lovelace, born Byron. (You can see why we just call her Ada Lovelace.) She was a brilliant mathematician, and the writer of what’s probably the first real computer program — it computed the Bernoulli series. At least according Charles Babbage, in correspondence to Michael Faraday, she was an “enchanted math fairy”. Not only a proto-coder, she wrote almost all of the existing documentation about Babbage’s computation engine. She’s a stellar example …read more