Touch ID is an awesome feature and has been the best implementation of consumer biometrics I have used. But for some it is troubling. For those who suffer the ability to train your Touch ID, in essance give it more data about your finger print would be benificial. Well Steve Gibson of the Security Now podcast has stumbled across just that, an undocumented way to train your Apples Touch ID. I will embed part of the security now podcast showing Steve training his iPhone 5s, as well as a nice guide imore.com put together.
Security Now Episode 440
- Launch the Settings app and tap on General.
- Tap on Touch ID & Passcode and enter your numerical passcode when prompted.
- Now tap on Touch ID.
- Here you see a list of all your registered fingerprints. Place one of yourregistered fingers on the Touch ID sensor. The registered print will pulse grey. Continue placing and lifting each registered finger as many times as you'd like to train Touch ID further.
- Uninstall completely existing VPN client SW
- Download and run this tool for 32-bit system:ftp://files.citrix.com/dneupdate.msi or this one for 64-bit system:ftp://files.citrix.com/dneupdate64.msi
- If you run into issues installing DNE software download and run this tool: ftp://files.citrix.com/winfix.exe and perform step 2 again
- If needed restart system
- Install Cisco VPN client SW again I used version 5.0.07.0440-k9
- Import or configure VPN profile and run software.
Here is a little bit about what the Citrix DNE software is;(http://www.citrix.com/go/lp/dne.html)
Citrix supplies software to a number of software and hardware companies. When they install their products on your systems, they will often contain DNE. DNE extends operating systems and network protocol devices and stacks to introduce measurement and controls. Our customers use these extensions to build products that do things like intrusion detection, VPNs, Network Address Translation (NAT), traffic measurement, response time measurement, bandwidth control, compression, content filtering, content protection, policy management, proxies, billing, packet marking, routing, protocol translation, wireless communication, secure tunnels and much more.
I wouldn't say I wear a tin foil hat, but I care about privacy especially my own. Steve Gibson had a listener sum it up pretty well on his podcast, "One might say I have nothing to hide from people I trust." So with that said lets dive into setting up email encryption on the iPhone, iPad, and Apple Mail client.
First step is to generate a certificate. I went to Comodo and found it to be very strait forward to set up and free.
Here is a couple of Certificate Authorities (CAs) that offer free email certificates.
- Comodo.com (http://www.comodo.com/home/email-security/free-email-certificate.php)
- StartSSL.com (http://www.startssl.com/?app=1)
Click on the Free Email Certificate button
Fill out the form and Click Next
They will send you an email once you get the email click on the link and download it.
Note forsome reason on Mac downloading the cert using Chrome broke it. I used Safari and it worked great.
Once you have accepted the cert on your desktop you can open keychain and export it. During the processes it will prompt you for a password that is used to encrypt it. This password will be needed later when you install it on your IOS device.
The final step is installing the cert on your IOS devices, and I found a post that does a very elegant job of walking you through it.
https://support.quovadisglobal.com/KB/a353/how-do-i-sign-and-encrypt-on-an-apple-iphone-or-ipad.aspx
This is a link to directions for you Mac Mail client.
http://www.maclife.com/article/howtos/how_sign_your_email_digital_certificate
This is a link to directions for you Mac Mail client.
http://www.maclife.com/article/howtos/how_sign_your_email_digital_certificate
Overview:
BitTorrent Sync is a recent addition from BitTorent Labs. Using Sync you can securely sync files between many users. The BitTorrent p2p protocol takes care of NAT and user discovery issues. Just launch the application and generate or type your shared key. The client will create a point to point encrypted tunnel and start syncing. The application creates a sudo random 20 bytes that used to creates an AES 256 bit key that encrypts data during transit. For a more in depth security explanation you can visit Steve Gibson's Security now pod cast episode 402. https://www.grc.com/sn/sn-402.pdf. BitTorrent Labs has not released their encryption documentation. So Steve Gibson has not provided an in depth analysis of the security implemented in BitTorrent Sync.
Use Case:
BitTorrent Labs has an active forum and an entire thread dedicated to use cases. The one use case I didn't see and thought of immediately was a p2p secure media network. I understand the legalities around sharing media so this would be for non copyrighted material of course.
Example:
Say you have three friends one is using Windows with Plex, the second Linux running ps3 media server, and the third a Mac running servo. As stand alone DLNA solutions they are all capable. If each wanted to share content they would need an SFTP, or cloud solution like Dropbox. This could possibly expose their data to a third party. Because BitTorrent Sync is multi-platform you can sync these media liabraries seamlessly.
So how do you do this?
All three installs BitTorrent Sync
One user creates a folder for shared media
Selects the new folder
Creates a Key
Clicks Finish
Then shares the key among his friends
Each friend opens Sync and adds the shared key
Chooses the folder they want to share
Click Finish
Now everything starts syncing.
The elegance is in the design. When a users adds content to their shared directory BitTorrent Sync will send that data to all systems. So If your DNLA server is indexing that directory on a regular interval the new content automatically shows up on your TV. Below is a high level digram of how the data sharing would propagate to your TV.
BitTorrent Sync is a recent addition from BitTorent Labs. Using Sync you can securely sync files between many users. The BitTorrent p2p protocol takes care of NAT and user discovery issues. Just launch the application and generate or type your shared key. The client will create a point to point encrypted tunnel and start syncing. The application creates a sudo random 20 bytes that used to creates an AES 256 bit key that encrypts data during transit. For a more in depth security explanation you can visit Steve Gibson's Security now pod cast episode 402. https://www.grc.com/sn/sn-402.pdf. BitTorrent Labs has not released their encryption documentation. So Steve Gibson has not provided an in depth analysis of the security implemented in BitTorrent Sync.
Use Case:
BitTorrent Labs has an active forum and an entire thread dedicated to use cases. The one use case I didn't see and thought of immediately was a p2p secure media network. I understand the legalities around sharing media so this would be for non copyrighted material of course.
Example:
Say you have three friends one is using Windows with Plex, the second Linux running ps3 media server, and the third a Mac running servo. As stand alone DLNA solutions they are all capable. If each wanted to share content they would need an SFTP, or cloud solution like Dropbox. This could possibly expose their data to a third party. Because BitTorrent Sync is multi-platform you can sync these media liabraries seamlessly.
So how do you do this?
All three installs BitTorrent Sync
One user creates a folder for shared media
Selects the new folder
Creates a Key
Clicks Finish
Then shares the key among his friends
Each friend opens Sync and adds the shared key
Chooses the folder they want to share
Click Finish
Now everything starts syncing.
The elegance is in the design. When a users adds content to their shared directory BitTorrent Sync will send that data to all systems. So If your DNLA server is indexing that directory on a regular interval the new content automatically shows up on your TV. Below is a high level digram of how the data sharing would propagate to your TV.
Enhancements:
Additional tweaks can enhance the shared media network, for example. You could build your own statusnet server, and have a script monitoring the shared directory. When a new file syncs it will generate an automated message to the group identifying what files are new. You could also create a script that would generate an email every time a new file is uploaded.
It is also important to set a folder hierarchy so that all media uploads adheres to a standard structure. If you had multiple people just dumping data to the shared network it would definitely get out of hand and would be almost useless.