Apple is learning why shortcut security is a bad idea

When Apple launched its enterprise developer certificate program — which helps enterprises make their homegrown apps for employee use-only available through iTunes — it had to make a difficult convenience-vs.-security decision: how much hassle to put IT managers through to get their internal apps posted. It chose convenience and, well, …

Microsoft delays Windows 7’s update-signing deadline to July

Microsoft has revised its schedule to dump support for an outdated cryptographic hash standard by postponing the deadline for Windows 7. Microsoft, like other software vendors, digitally “signs” updates before they are distributed via the Internet. SHA-1 (Secure Hash Algorithm 1), which debuted in 1995, was declared insecure a decade …

Yabba dabba doo!

Fish is being onboarded as a software engineer and has to download the code repository and start building it. But in checking the setup guide, he can’t find any instructions on what user credentials to use to log in. This seems like something he should be able to figure out, …

Head of UK’s MI6 stuck between competitive and security concerns on Huawei

The chief of United Kingdom’s Secret Intelligence Service is weighing multiple concerns in contemplating whether Huawei equipment should be excluded from the nation’s 5G network build-out. Alex Younger, attending the Munich Security Conference, told reporters in a rare public briefing that a decision about the telecom supplier isn’t purely an …

CIOs, you’re doing blockchain wrong

IT leaders who’ve taken the plunge into blockchain are mainly deploying it in proofs-of-concept tests to address the same problems a conventional database could handle, according to research firm Gartner. Relying on a survey of consulting firms whose clients had deployed some form of blockchain, Gartner found that CIOs are …

Mozilla to harden Firefox defenses with site isolation, a la Chrome

Mozilla plans to boost Firefox’s defensive skills by mimicking the “Site Isolation” technology introduced to Google’s Chrome last year. Dubbed “Project Fission,” the effort will more granularly separate sites and their individual components than is currently the case in Firefox. The goal: Isolate malicious sites and attack code so individual …

Canada’s Telus considers government’s prospective Huawei ban an investment risk

Chinese tech company Huawei is making low-cost 5G networking equipment for wireless carriers. Governments have been wary of the company’s security measures preventing data leaks to Beijing, especially as a new law compels it to share data in secret — the United States considers it an outright threat. Some are …

Ring Alarm is the best security-focused smart home system you can buy. Today it’s cheaper than ever

We all want to make sure our homes stay safe from intruders and other threats, and a smart security system can provide peace-of-mind and a watchful eye to your connected home. Today, you can get the excellent five-piece Ring Alarm system for $159 on Amazon, down from a list price …

All about Android upgrades (and why they’re late) | TECH(talk)

It’s not exactly news that Android upgrades almost always take a lo-o-o-o-o-ng time to roll out to most users. As in months. Often, many months. Sometimes more than a year. Sometimes never. (There is an exception: Google delivers new versions of Android to its Pixel line right away, and did …