Technology expert Evan Schuman takes an authoritative look at the faults and foibles of enterprise IT.
For years, security experts have been sounding the alarm about texting numbers for authentication. Now, due to some excellent work from Vice, it's clear the text situation is far worse than we thought.
WhatsApp does not treat all interaction data the same. For now, user-to-user/customer-to-customer/consumer-to-consumer messaging is encrypted and considered private. But when a user communicates with a business, Facebook can do anything it wants. Use....
Apple's upcoming iOS 14.5 and WatchOS 7.4 OSes will allow masked enterprise employees to access their iPhone if they happen to be wearing an Apple Watch that is unlocked. If companies don't stop workers from using this convenience, it will ....
Apple itself has issued a warning that its newest iPhone could attack your heart — literally.
In recent years, the feds have stopped asking for a workaround to get past Apple security. Why? It turns out that iOS, along with Android, is simply not as secure as those companies suggested.
Multi-Factor Authentication has become so common a security tool that many users assume it must work well to protect data and communications. What it really does is provide false comfort.
Now that Apple has agreed to pay $113 million to settle with iPhone users whose smartphone clockspeed was artificially slowed to boost hardware sales, it's worth examining why the move was so colossally stupid.
When it comes to whether enterprise IT should seriously consider this purchase — for those operations where BYOD hasn't yet alleviated the need to buy phones ever again — it doesn't make sense for most.
Max Krohn, Zoom's head of security engineering, detailed what users need to give up to get the better encryption protection that's coming.
Mobile apps galore have used crowdsourcing techniques this year to fight COVID-19. Now, a new app wants to build on those efforts by identifying communities (often down to the Zip Code) that are being aggressive or lenient in mask-wearing.
Two European banks are looking to boost security by layering a pair of biometric authentication methods – facial recognition and palm recognition – atop one another. That could mean more security, or more headaches for users.
When Apple rolled out its planned changes for iOS 14 and its companion WatchOS 7, it included a variety of interesting tweaks. Two stood out as especially interesting: a COVID-friendly Watch handwashing app and an enterprise-IT-friendly facial recogn....
Efforts by people to avoid getting COVID-19 are already affecting mobile payments, particularly contactless NFC payments. Since shoppers now want to avoid going inside stores, even briefly, app payments that happen far away from a POS system are pick....
As governments consider COVID-19 contact tracing and its privacy implications, it's not a bad idea for companies to take the opportunity to look more closely at their mobile agreements with employees.
One of the most frequently asked questions these days is "When will things get back to normal?" And the fair and valid answers are generally "They won't. Good-bye handshakes" and "In stages, ending when a vaccine is appr....
IT execs need to start talking with other C-levels now and figure out what they want their post-COVID company to look like.
The pandemic means there is no time for security niceties, such as properly processing RFPs for apps that were thoroughly vetted. That brings us to MFA and why it has to be radically re-envisioned.
Autonomous and semiautonomous vehicles are making serious progress, but they are going to run head on into a massive obstacle: human trust.
Amazon is experimenting with a way to allow shoppers to use a palm-print biometric to authenticate payments and to do so in physical stores far beyond Amazon-owned brick-and-mortars. Amazon is reportedly looking at QSRs (quick-service restaurants), e....
Purdue University has an interesting mobile concept, a means to free up lots of space that is now housing apps and app data. Why not, the university asks, stream the apps themselves from the cloud?
The latest Verizon Data Breach Investigations Report eloquently argues that aside from wireless, the form factor of mobile in and of itself poses security risks.
Employees and consumers are being more careful about sharing information that goes beyond strict need-to-know. We ran into one company that seems to not get that.
A massive number of text messages were stored in plaintext, with no security at all.
And a very different bug, planted by cyberthieves, presents even more frightening camera-spying issues with Android.
The best security approaches — such as continuous authentication — are invisible to the user and therefore frictionless. That's good in practice, but it can be bad in terms of customer perception. If they don't see it, they assu....
Sometimes, a mobile glitch is indicative of a much more pervasive issue. Our columnist's recent iPhone 11 iTunes headache perfectly illustrates how Apple's heralded focus on customer experience falls apart when doing upgrades.
Although this decision should end the debate and make it clear to companies that sites must be coded to be fully compatible—and, no, throwing in a toolbar option doesn't do it—it's astounding that companies ever resisted it.
The internet of things brings with it a wide range of IT security headaches, along with compliance nightmares — and turf wars.
A new study questions the efficacy of car accident-avoidance systems, but it's possible that a simple smartwatch might be part of the solution.
In BYOD environments, users tend to supplement corporate security programs with free versions. That is a remarkably bad idea, and one analyst report suggests a way to stop it.
Would changing mobile warranty rules be a good or bad thing for enterprise IT?
Ready for the mobile security news that IT doesn't want to hear about but needs to? When security firm Positive Technologies started pen testing various mobile apps, security holes were rampant.
Google confirmed that cyberthieves had managed to pre-install malware into the Android framework backdoor. In short, the malware appeared to be blessed by Google at the deepest point within Android.
Mobile banking should be effortless, but Forrester Research says far too many banks offer frustrating apps and give little thought to how consumers should interact with their financial institutions.
The Apple Watch is still a wonderful device that has maddening flaws. But we have now found some unpublicized ways around some of those flaws. Watch life is now slightly better.
In a perfect world, the Apple Watch Series 4 could be great. With a few easy settings, a glance at the watch would deliver time, temperature, the dial-in details for your next appointment or many other things that would be helpful. But we don't ....
A new report from a well-regarded payments consulting firm has found a lengthy list of security insanity while examining several major fintech company mobile apps.
With its enterprise developer certificate program, Apple chose convenience over security. You can guess what happened.
A bunch of apps from some major players were recently tripped up by a security/privacy hole from a third-party analytics app. But everyone is focusing on the wrong lesson.
Making apps downgradable would give IT just a little of its environment controls back. Just a little bit, but it's a start.
In 2019, executives need to look anew at mobile and figure out what technology displacements make sense. For example, do companies need to buy expensive dedicated barcode scanners?
Although Apple is trying to position itself as the consumer-privacy-friendly company, some have complained that it is doing it in far too heavy-handed a way.
When eBay recently started giving customers the option to move away from paying with PayPal, something interesting happened.
Police are very persistent in trying to gain access to suspects' devices.
Users are jumping to the latest iOS version faster than ever before. That means many things from an Apple marketing perspective, but for IT, it means far greater security.
With iOS 12, Apple wants to share the ease-of-use magic of Apple Pay with the industry, via an SDK. Well, not quite, but it's starting along that path.
Apple's letter was designed to alleviate congressional fears about the company invading its customers' privacy. But a close reading of the letter does the opposite.
There are good and bad reasons to track someone's movements, but the best way to scream to users that you're spying on them is to lie about or not reveal what you're doing.
Gesturing in the air near a mobile device is going to become the preferred mode of interaction. Long term, ease of use will soar, but before we get there, expect a lot of user errors.
An Arizona security company is working on an interesting approach to mobile authentication, one that leverages the exact angle a user holds the phone as a means of making replay attacks a lot more difficult.