Archive for July, 2013

Glad to see it moving along, hopefully the browser support for it will continue to solidify. These standards were a key part of delivering some json web services and making them securely available in the cloud. Very diligent of them to mention me for a meager contribution to the specification.

http://www.w3.org/TR/cors/ (W3C Candidate Recommendation 29 January 2013)

Read Full Post »

Your password managers are all good products, but suffer from one key flaw, if my PC is compromised, I’m better off without them.

In some cases I’d be lucky, and the thieves would only manage to capture a “master password” as I enter it to access one of my passwords. In the worst case the thieves make off with my entire password database and destroy my digital life.

There is potentially a simple solution to this problem though. Simply put I can trust my phone more than I can trust any of my PCs. When I need a password on my PC, my phone is normally sitting next to me. I would like my password manager (on my PC) not to actually have access to the passwords, unless I authorise that access on my phone, and even then it would only have access to one particular password for a short period of time.

It may sound clumsy, but sliding a push notification on my iPhone home screen and entering my phone PIN would be a whole lot easier than typing in a 30 character master password!

Yours in anticipation ;-/

Read Full Post »