Enabling Two-Factor Authentication (2FA) for Apple ID and DropBox
In light of the recent compromises, you’re probably wondering what could have been done to prevent such attacks. According to some unverified articles it would appear that flaws in Apple’s services...
View ArticleTidas: a new service for building password-less apps
For most mobile app developers, password management has as much appeal as a visit to the dentist. You do it because you have to, but it is annoying and easy to screw up, even when using standard...
View ArticleStart using the Secure Enclave Crypto API
tl;dr – Tidas is now open source. Let us know if your company wants help trying it out. When Apple quietly released the Secure Enclave Crypto API in iOS 9 (kSecAttrTokenIDSecureEnclave), it allowed...
View ArticleWhy I didn’t catch any Pokemon today
tl;dr While the internet went crazy today, we went fact finding. Here are our notes on Pokemon Go’s permissions to your Google account. Here’s what Jay and I set out to do at around 6pm today: Find...
View ArticleGetting 2FA Right in 2019
Since March, Trail of Bits has been working with the Python Software Foundation to add two-factor authentication (2FA) to Warehouse, the codebase that powers PyPI. As of today, PyPI members can enable...
View Article