Did Google Authenticator have a seed compromise or something? I just got kicked out of my 2FA session and forced to download a whole new app…
Weekend Identity/Convergence Stream-of-Consciousness
I’ve been wanting to get a Galaxy Nexus phone for a while- as soon as I found out it was coming to Verizon. This summer I almost ditched Verizon for Sprint to get a Galaxy S 4G with an NFC chip in it, but held off because I knew this newer Nexus was just around the corner. I want to mess around with the NFC feature and see if I can make it store X.509 certs and act as an ISO 14443 smart card for things like workstation logon and door access. The secure element in the Galaxy Nexus is an NXP chip which supports a lot of different NFC protocols, but Google has been pretty open about their non-support for card emulation. This means there’s not a built-in way to handle this stuff yet. But then I found this: http://code.google.com/p/seek-for-android/
Neat!
For a while I was hoping that InfoCard would be a champion for identity selection and user-centric identity. Now I hope it’s smartphones. We’ll see how well this turns out. I’ll be happy if my wallet can go away at some point. It would be great to have payment, drivers’ license, passport, work login/door credentials, etc, all on the phone. Some people probably think that’s a terrible idea and maybe slightly Orwellian (Dvorak: http://www.pcmag.com/article2/0,2817,2395071,00.asp) but I think it just makes sense. The secure elements in these phones truly are secure, until they aren’t any more. By that time we’ll have other things to replace them, and probably lots of other things to worry about.