via Peter Bright writing at Ars Technica, comes an interesting piece discussing the efforts to implement and deploy WebAuthn, the so-called passwordless authentican scheme promulgated by the W3C, and fully implemented in Mozilla Firefox 60 anf Google Chrome 67. Enjoy!
'This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. Conceptually, one or more public key credentials, each scoped to a given Relying Party, are created and stored on an authenticator by the user agent in conjunction with the web application. The user agent mediates access to public key credentials in order to preserve user privacy. Authenticators are responsible for ensuring that no operation is performed without user consent. Authenticators provide cryptographic proof of their properties to relying parties via attestation. This specification also describes the functional model for WebAuthn conformant authenticators, including their signature and attestation functionality.' via the Web Authetication Working Group
via Cyrus Farivar, writing at Ars Technica, comes evidence of skullduggery at Zuckerberg's Facebook Inc. (Nasdaq: FB), this time, in the guise of failing to answer Senatorial queries, simply by ignoring such impudence.
"Notably, Facebook declined to promise to share the results of its post-Cambridge Analytica investigation with the public or even Congress. The social media giant also wouldn’t say if it had ever turned off a feature for privacy reasons." - via Cyrus Farivar, writing at Ars Technica
Senators - this is why the use of subpoena is such a powerful tool, especially against this form of stonewalling; further, don't Senate staffers cover the appropos use of subpoena in your freshman year term classes on *How To Behave Senatorialy? - Mxh (ed.)