We must fight spam for the same reason we fight crime: not because we
are naive enough to believe that we will ever stamp it out, but because
we do not want the kind of world that results when no one stands
against crime. - Geoffrey Welsh
| Date: Thu, 28 Aug 2014 09:15:36 -0400
From: Bill Horne <bill@horneQRM.net>
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: Verizon flirts with QR codes for user id's
Message-ID: <20140828131536.GA12768@telecom.csail.mit.edu>
ZDnet
by Larry Dignan
Can the QR code replace user names and passwords? Verizon Enterprise
thinks so - at least for some companies looking at two-factor
authentication.
Verizon Enterprise on Tuesday is launching QR codes as a two-factor
authentication option in its universal identity service. What's
unclear is how many companies will see the handy QR code as a way to
help eradicate user names and passwords.
The telecom giant developed a QR code login that would allow a
customer or employee to scan a QR code on a website with their
smartphone without a user name or password. User names and passwords
are a major security issue since few people use two-factor
authentication and most passwords are reused across multiple
sites. The QR code would get people into accounts without passwords.
Rest at:
http://www.zdnet.com/verizon-eyes-qr-codes-as-authentication-option-7000032942/
Bill
--
Bill Horne
(Remove QRM from my email address to write to me directly) |
| Date: Thu, 28 Aug 2014 11:06:47 -0400
From: Barry Margolin <barmar@alum.mit.edu>
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Verizon flirts with QR codes for user id's
Message-ID: <barmar-60326A.11064728082014@news.eternal-september.org>
In article <20140828131536.GA12768@telecom.csail.mit.edu>,
Bill Horne <bill@horneQRM.net> wrote:
> The QR code would get people into accounts without passwords.
How is this more secure? If someone steals your phone, they can get into
your accounts just by running the app. It would be like an ATM card
without a PIN.
The point of 2-factor authentication is that breaking one form of
authentication doesn't allow the perpetrator into your account. If they
steal your phone/card, they still need to know a password/PIN; if they
discover your password, they still need your phone or card.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me *** |
| Date: Thu, 28 Aug 2014 15:02:18 -0400
From: Bill Horne <bill@horneQRM.net>
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Verizon flirts with QR codes for user id's
Message-ID: <20140828190218.GA15710@telecom.csail.mit.edu>
On Thu, Aug 28, 2014 at 11:06:47AM -0400, Barry Margolin wrote:
> In article <20140828131536.GA12768@telecom.csail.mit.edu>,
> Bill Horne <bill@horneQRM.net> wrote:
>
> > The QR code would get people into accounts without passwords.
>
> How is this more secure? If someone steals your phone, they can get into
> your accounts just by running the app. It would be like an ATM card
> without a PIN.
>
> The point of 2-factor authentication is that breaking one form of
> authentication doesn't allow the perpetrator into your account. If they
> steal your phone/card, they still need to know a password/PIN; if they
> discover your password, they still need your phone or card.
As Hollywood screenwriters delight in pointing out, using biometrics
for access control is only as strong as the willingness of an attacker
to maim someone for commercial gain, but biometrics "works" for most
business uses.
The problem with biometrics is that they are inseparable from the
person who has them: if I fire Alice, and hire Bob to replace her, I
must reprogram all the fingerprint scanners for Bob's fingerprints.
"QR" codes are a compromise between the insecurity of passwords and
the (admittedly relative) security of biometrics: the QR code can be
removed from a "smart" phone remotely, so if Alice loses the phone,
the code can be revoked in relatively short order. More to the point,
it's the OWNER of the resource who gets to choose the code, so Alice
CAN't share use it in other places or for other purposes.
Of course, the phone is only as secure as an attacker's willingness to
steal it, or the QR image, from Alice while it's unlocked.
This strikes me as one of those "Do *SOMETHING*" solutions: not a big
improvement in real security, but enough to stop someone's boss from
screeming.
Bill
--
Bill Horne
(Remove QRM from my email address to write to me directly) |
| Date: Wed, 27 Aug 2014 14:59:28 -0700 (PDT)
From: Neal McLain <nmclain@annsgarden.com>
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: Netflix to FCC: We only have trouble with big, consolidated ISPs in the U.S.
Message-ID: <64301888-02e8-44e0-a96c-dd3a850cb8cc@googlegroups.com>
By Daniel Frankel, FierceCable, August 27, 2014
Saving its harshest critique, after months of sturm und drang, for its
final, "official" rebuke of the proposed Comcast/Time Warner Cable
merger, Netflix called on the FCC to reject the deal.
The essentials of the streaming service's argument break down this
way: Globally, Netflix sends its video traffic over the networks of 99
percent of Internet service providers without having to pay an
interconnection fee.
The only ISPs it does have to pay are large conglomerates in the
U.S.-- AT&T, Verizon, Comcast, and Time Warner Cable. Merging the
latter two will only exacerbate the excessive market power they use to
undermine net neutrality.
"Unsurprisingly, given their dominance in the cable television
marketplace, the proposed merger would give Applicants the ability to
turn a consumer's Internet experience into something that more closely
resembles cable television," reads Netflix's filing, which was
hand-delivered to the Federal Communications Commission in time for
the Monday public commentary deadline on the merger.
"The combined entity would have the incentive and ability -- through
access fees charged at the interconnection points and by other means
-- to harm Internet companies, such as online video distributors
("OVDs"), which Applicants view as competitors," Netflix adds.
Netflix's condemnation highlighted a cacophony of merger dissent
directed Monday to the FCC, with Dish Network, Consumers Union and
Common Cause among the rivals and non-profits filing rebukes to the
regulatory body.
Source:
http://www.fiercecable.com/story/netflix-fcc-we-only-have-trouble-big-consolidated-isps-us/2014-08-27?utm_medium=nl&utm_source=internal
-or-
http://tinyurl.com/l4rrmkh
Neal McLain |
| Date: Thu, 28 Aug 2014 08:55:00 -0400
From: bill@horneQRM.net (Bill Horne)
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: Verizon's VoLTE rollout will kill off CDMA - and allow unlocked LTE phones, too
Message-ID: <201408280850001@jobsearch.dyndns.org>
By Neal Gompa
On Tuesday, Verizon announced that it will launch HD Voice over LTE in
the coming weeks. With this launch, Verizon is taking the first step
toward shedding CDMA2000 as its primary network platform. Back in
2011, Verizon first indicated it would roll out VoLTE (Voice over LTE)
on its network in 2012, transitioning away from CDMA within a couple
of years of that. However, it backed away from that because it simply
did not have the coverage to make that work, since CDMA networks
cannot support SRVCC (Single Radio Voice Call Continuity) like
GSM/UMTS networks can. Because of this, the call would drop outside of
LTE coverage areas. Over the last few years, Verizon has rapidly
deployed LTE on its Upper 700MHz C block (LTE Band 13) spectrum
throughout the country. Assisted in part by its LTE in Rural America
program, Verizon has matched its CDMA EvDO footprint with LTE, and has
very nearly matched its CDMA 1X footprint.
Rest at:
http://www.extremetech.com/electronics/188756-verizons-volte-rollout-will-kill-off-cdma-and-allow-unlocked-lte-phones-too
-or-
http://goo.gl/kQNcnX
--
Bill Horne
(Remove QRM from my email address to write to me directly) |
| Date: Thu, 28 Aug 2014 09:27:39 -0400 (EDT)
From: bill@horneQRM.net (Bill Horne)
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: Verizon complains that FBI order is invalid, but delivers data anyway
Message-ID: <20140828132740.05FB6A65@telecom.csail.mit.edu>
Champion Of The People: Verizon Complains Exigent Circumstances Order
Inadequate For Info Requested; Hands Over Info Anyway
by Tim Cushing
from the rolling-over-to-push-back dept
Given how often major telcos and wireless service providers have
willingly provided intelligence and law enforcement agencies with way
more than they've asked for, the following shouldn't come as much of a
surprise.
The back story is this: In July 2008, an FBI agent had his gun and
cellphone stolen from his "official" vehicle. The search for the
missing items involved Verizon. In an application for a court order
authorizing the release of cell site location info, it's noted that
the service provider performed the most futile of gestures on behalf
of itself.
Rest at:
https://www.techdirt.com/articles/20140822/11565528294/champion-people-verizon-complains-exigent-circumstances-order-inadequate-info-requested-hands-over-info-anyway.shtml
-or-
http://goo.gl/1pL20z
--
Bill Horne
(Remove QRM from my address to write to me directly) |
| Date: Thu, 28 Aug 2014 09:44:25 -0400 (EDT)
From: Bill Horne <bill@horneQRM.net>
To: telecomdigestsubmissions.remove-this@and-this-too.telecom-digest.org.
Subject: AT&T merges wireless and business units led by de la Vega
Message-ID: <20140828134425.692C9A65@telecom.csail.mit.edu>
AT&T merges wireless and business units led by de la Vega
REUTERS
AT&T is merging its wireless and business divisions into a single unit
led by Ralph de la Vega, former chief executive of the company's
wireless segment, a spokesman for AT&T said on Tuesday.
The announcement comes as cable companies try to lure business
customers away from traditional telecommunications carriers. To become
a more seamless competitor, AT&T has been combining its wireline and
wireless operations, including customer care and network operations.
Rest at:
http://www.cnbc.com/id/101950520#
.
--
Bill Horne
(Remove QRM from my email address to write to me directly)
|
TELECOM Digest is an electronic journal devoted mostly to telecom-
munications topics. It is circulated anywhere there is email, in
addition to Usenet, where it appears as the moderated newsgroup
'comp.dcom.telecom'.
TELECOM Digest is a not-for-profit educational service offered to
the Internet by Bill Horne.
This Digest is the oldest continuing e-journal about telecomm-
unications on the Internet, having been founded in August, 1981 and
published continuously since then. Our archives are available for
your review/research. We believe we are the oldest e-zine/mailing list
on the internet in any category!
URL information: http://telecom-digest.org
Copyright © 2014 E. William Horne. All rights reserved.
Finally, the Digest is funded by gifts from generous readers such as
yourself. Thank you!
All opinions expressed herein are deemed to be those of the
author. Any organizations listed are for identification purposes only
and messages should not be considered any official expression by the
organization.
