asteroza + token   99

New wearable authentication more than a "token" gesture | Article | The United States Army
Trying to make an operationally more useful wireless variant of a CAC card, probably as a wearable token if not dog tags. Tough to do that with forward deployed folks though since they would need to faraday cage their token when leaving for patrol.
military  authorization  ID  access  CAC  card  alternative  wireless  RFID  token  hardware  electronics  devices 
7 weeks ago by asteroza
beemdevelopment/Aegis: A secure OTP app for Android
alternative to andOTP, which lets you do a secure backup of your TOTP keys for device migration
android  OTP  TOTP  token  security  app  software 
june 2019 by asteroza
Ankr - A World Powered by US
An alleged distributed cloud system, using "trusted hardware", sharing loads across idle hardware. Some sort of cryptocurrency underpins the marketplace of resource sellers and buyers
cryptocurrency  token  blockchain  distributed  cloud  platform 
march 2019 by asteroza
Security Focus: Analysing 'Account is sensitive and cannot be delegated' for Privileged Accounts – PoSh Chap
Apparently this setting helped to stop a NotPetya analog (NCC group's EternalGlue neutered red team worm using techniques from EternalBlue and mimikatz and bloodhound) from running rampant and capturing the domain admin account via token impersonation. There may be drawbacks however...
windows  active  directory  AD  security  domain  admin  token  delegation  NotPetya  EternalBlue  sysadmin  tips  tricks 
december 2018 by asteroza
paragonie/paseto: Platform-Agnostic Security Tokens
This is a more general token rather than as an alternative for JWT for JWT specific use cases. Though most JWT could be covered by a cookie better...
authentication  token  software  opensource  stateless  security  alternative  JWT 
june 2018 by asteroza
Web Authentication: An API for accessing Public Key Credentials Level 1
Improved web authentication on browsers using external USB/bluetooth/NFC security tokens, namely YubiKey.
WebAuthn  authentication  specification  standard  FIDO  U2F  webdev  security  web  external  hardware  token  access 
april 2018 by asteroza
Privacy Pass – Add-ons for Firefox
Cloudflare's CAPTCHA bypass solution, using blinded tokens. Basically, you do one captcha, and you are afforded a certain number of accesses based on that token, so Cloudflare harasses VPN/tor users less.
firefox  plugin  addon  extension  cloudflare  CAPTCHA  bypass  crytographic  blind  blinded  token  security  VPN  tor  access  block  browser  privacy 
february 2018 by asteroza
thinkst/opencanary: Modular and decentralised honeypot
open source version of Thinkst's Canary system of honeypots and honeytokens
opensource  security  canary  honeypot  honeytoken  token  tripwire  software  defense 
december 2017 by asteroza
B-Unit | Bloomberg Professional Services
A sort of beefed up FIDO U2F device, but with higher hardware protection features. Uses a photoreceptor to receive codes from the terminal screen itself, so no NFC/bluetooth/USB
bloomberg  terminal  authentication  portable  private  key  token  hardware  electronics  devices  security 
november 2017 by asteroza
illusive networks: The Leader In Deception Technology
Sounds like a mix of deception networks, canary tokens, and honeypots
security  israel  honeypot  canary  token  deception  network  defense 
october 2017 by asteroza
thinkst Thoughts...: Certified Canarytokens: Alerts from signed Windows binaries and Office documents
Using a certificate's AIA URL, which can be triggered on executable launch of office file opening. But requires serious screwing with the certificate though...
canary  token  office  certificate  validation  URL  security  embedded  tips  tricks  Delicious 
may 2016 by asteroza
Home
Demoing a stereo jack based FIDO U2F external auth token for smartphones
FIDO  U2F  external  authentication  token  stereo  jack  hardware  electronics  devices  encryption  security  Delicious 
march 2016 by asteroza
Silverpush - Unifying people, devices and data
So these guys drop a cookie on a PC browser, to get it to emit ultrasonic tones via speakers (similar tones during ads on TV). If their SDK is in your smartphone, a mic accessible app now knows to assoicate that PC/TV with that smartphone. SDK installed in 18 million smartphones...
privacy  anonymity  attack  ultrasonic  audio  sound  beacon  token  advertising  tracking  security  hacking  OPSEC  Delicious 
november 2015 by asteroza
mjg59/tpmtotp
Tool for assisting in making a more secure burner travel laptop
boot  security  TPM  TOTP  token  storage  opensource  software  Delicious 
october 2015 by asteroza
thinkst Thoughts...: Canarytokens.org - Quick, Free, Detection for the Masses
Free web bug beacons for masses as security canaries. Genius, but getting/making the tokens leaks info to the token generator/responder hosting organization...
canary  token  web  bug  security  software  service  Delicious 
september 2015 by asteroza
Nok Nok Labs, Inc.
supposedly made a third party API bridge for using iPhone fingerprint sensors for two factor security.
2FA  two  2  factor  authorization  authentication  smartphone  phone  app  software  token  security  oauth  fingerprint  Delicious 
december 2014 by asteroza
GeoCodex • Home
Ha, a real life La+ system! But seriously, a trusted citadel verification system as a form of authentication token isn't a bad idea if you can protect against GPS spoofing, see CyberLocator.
GeoCodex  geo-encryption  GPS  location  position  route  encryption  trusted  citadel  token  security  cryptography  CyberLocator  Delicious 
july 2014 by asteroza
Naratte, Inc.
Neat trick of using mobile phone mics/speakers to transmit ultrasonic tones containing data tokens for poximity payment or security token exchanges for pairing. Almost zero new hardware on the phone (compared to NFC), since it is just reusing the audio features. Implementing on the POS is just a mic/speaker combo, rather than a full energizing NFC reader terminal so there are cost savings there too. Probably most POS systems already have the necessary underlying audio codec hardware in their SoC's anyways, such the cost there is adding the mic/speaker.
Naratte  Zoosh  POS  mobile  proximity  payment  app  software  platform  sound  ultrasound  audio  data  transfer  pairing  token  security  phone  cellphone  commerce  touch  Delicious 
june 2011 by asteroza
iTwin - Remote File Access just got Easy | File Sharing USB Device | Simple Secure Connection
This appears to be something akin to a darknet filewall puncher for specific pairs of computers via USB hardware tokens, via a cloud hosted relay server (similar to how skype works I think). Not via internal on board wireless, like the IUM, so you are restricted to wired or wireless online access via the host computers involved.
iTwin  remote  file  sharing  transfer  hardwre  electronics  devices  USB  cloud  relay  service  online  network  darknet  pair  token  Delicious 
december 2010 by asteroza
Simple, classless Queueing Disciplines
Tricks to deal with torrenters, by setting up user bandwidth on a bucket basis. Stay below the bucket limit, you can burst at wire speed. Go over, and you are suddenly at a crawl.
network  bandwith  performance  bandwidth  traffic  management  limit  limiter  TBF  token  bucket  filter  linux  server  QoS  Delicious 
february 2010 by asteroza
« earlier      
per page:    204080120160

related tags

1GB  2.4GHz  2FA  2SV  802.11  802.15.4  access  accessories  account  acoustic  active  AD  addon  admin  administrator  advertising  Aladdin  Alcatel  alert  allocation  alternative  ALV  amazon  analog  android  anonymity  API  app  applet  application  architecture  ARM  attack  attention  audio  authentication  authorization  autorun  AWS  badge  bandwidth  bandwith  barcode  BAT  beacon  beeper  Bell  Bio  BioAPI  bioelectric  BioFob  biometric  biometrics  biotoken  BlackDog  BLE  blind  blinded  block  blockchain  bloomberg  bluetooth  boobytrap  boot  bracelet  brave  browser  bucket  bug  button  bypass  C#  CAC  camera  canary  canarytoken  CAPTCHA  card  cellphone  certifcate  certificate  citadel  cloud  cloudflare  commerce  commodity  compliance  computing  contacless  contactless  control  cookie  counter  credit  cryptocurrency  cryptography  crytographic  CyberLocator  darknet  data  deception  defense  Dekart  delegation  Delicious  Dell  deployment  descriptor  desktop  detection  device  devices  DFIR  DigiCert  digital  directory  distributed  DIY  DNStoken  domain  dongle  door  drive  driver  driverless  DRM  dynamic  economy  eKey  electronic  electronics  embedded  employee  Encryptakey  encryption  enrollment  ephemeral  EternalBlue  eToken  EV  Evros  exchange  exfiltration  extension  external  factor  fake  FeliCa  FIDO  file  filesystem  filter  filtering  fingerprint  FIPS  firefox  flash  forensic  form  framework  Fraunhofer  FreeNet  Fujitsu  GCP  generator  geo-encryption  GeoCodex  GKE  gollum  google  GPS  GSM  hack  hacking  handheld  hardhack  hardware  hardwre  hash  heartbeat  HID  hitachi  holder  honeypot  honeytoken  hybrid  Hydra  IAM  ID  identification  identity  IEEE  information  internet  internet-of-things  intrusion  IoT  iPhone  IR  israel  IT  iTwin  jack  japan  javacard  javascript  JCOP  JSON  JWT  kerberos  key  Key2Share  keyboard  kubernetes  Labs  lamda  lateral  launcher  least  lifehacks  limit  limited  limiter  linux  local  location  locator  lock  login  logon  Lucent  M-systems  managed  management  manager  managment  Mandylion  mapping  marker  market  media  memory  message  microservice  microsoft  migration  military  mobile  Mojo  monitoring  movement  muscle  Naratte  Nation  network  NFC  NG-Flash  notebook  NotPetya  oauth  office  online  OpenID  opensource  OPSEC  OTP  Ouath  pair  pairing  palm  PalmSecure  partition  pass  passing  password  passwords  patch  Patient  payment  PC  PCMCIA  pentesting  performance  personal  phone  PHS  physical  PIV  PKI  platform  plugin  PlusID  point  portable  POS  position  privacy  Privaris  private  priviledge  profile  Project  protected  proxcard  proximity  PSTS  push  QoS  quantum  ranging  reader  receiver  reference  relay  remote  research  resource  rewrite  RF  RFID  rights  route  Safeboot  SafeNet  Sargent  scanner  screen  SDK  security  seeder  sensor  sensors  server  serverless  service  SG  SHA-2  ShareMeNot  sharing  signature  SIM  small  smartcard  smartphone  SMS  SoC  social  software  Sony  sound  specification  Spyrus  SSO  stamp  standard  STAR  Starsign  stateless  stereo  storage  support  surveillance  sysadmin  system  tag  TBF  temporary  terminal  thanko  tips  token  tools  tor  TOTP  touch  touchscreen  TPM  tracker  tracking  traffic  transceiver  transfer  transponder  tricks  tripwire  TrustBearer  trusted  twitter  two  U2F  ubiquitous  ultrasonic  ultrasound  URL  URLtoken  USB  user  username  utilities  validation  variable  vein  Ventures  virtual  VPN  watermarking  wearable  wearables  web  WebAuthn  webbug  webdev  wifi  windows  wireless  wristband  WS*  WS-Trust  YubiKey  zigbee  Zoosh 

Copy this bookmark:



description:


tags: