By default, G Suite web sessions are automatically signed out of after two weeks. But to better tailor to each company, Google is now allowing G Suite admins to specify a more precise session length from a dropdown list. Additionally, admins can also now force two-factor authentication prompts to pop up on every sign-in for better security. Read More
Alert! Alert! If you use Instagram's Android app, complete strangers could be looking at your photos of appetizers and makeup techniques right now! ...which is kind of the point of Instagram, I suppose. But security researcher Mazin Ahmed discovered that the app uses standard HTTP to transmit photos, cookies, and authentication (including usernames and unique IDs), instead of the encrypted HTTPS protocol. As Mr. Mackie is so fond of saying, that's bad.
Using a set of freely-available tools, Ahmed was able to hijack the app's connection from a PC on the same network and authenticate as the relevant user. It's a fairly standard technique for hackers, which is why most sites and services with any kind of log-in functionality usually use HTTPS by default, including Instagram's owner, Facebook. Read More
Google I/O 2011 is almost here - can you feel it in the air? Personally, I'm counting down days to May 10th when I'll be waking up extra early to gallop over to the Moscone Center in San Francisco and try to attend at least some of the 22 planned Android sessions, including fireside chats and office hours with the Android team.
The [almost - there's 1 TBA] final schedule for these sessions is now up at the I/O site, so if you're one of the lucky attendees, have a look below or hop on over to this document to see the whole timetable in its full glory. Read More