Matt Klassen: Beyond The Firewall: APIs Telling Access, Mobile Story Third is a series. APIs have been around for decades, but have lived in the realm of technical development and only recently moved away from relative obscurity to significant economic relevance. One of the early drivers of the API economy was Amazon's e-commerce web APIs. Over a decade ago, Amazon APIs turned rudimentary mom-and-pop websites into powerful commercial Web properties by providing a tap into Amazon's powerful commerce engine. Recently, James Parton of Twilio proclaimed, "APIs are going to be the driver for the digital economy and unless they [companies] are talking about APIs already, they will be left behind." Also check Part 1 and Part 2.
Taylor Armerding: Why your online identity can never really be erased One seemingly unshakeable truth about the online world since it began is this: The Internet never forgets. Once you post anything online, it is recoverable forever - the claims of former IRS official Lois Lerner about "lost" emails notwithstanding. Even promises of photos disappearing after a few seconds have been shown to be bogus. But that doesn't mean people won't try. The latest effort comes from the Court of Justice of the European Union, which ruled in May that EU citizens have the "right to be forgotten," meaning that they can ask search engines like Google, Yahoo and Microsoft's Bing to remove links to their names that are, "inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed."
Tony Bradley: Attackers use domino effect to compromise your accounts Data breach after data breach has illustrated just how weak and ineffective passwords can be for protecting accounts and sensitive information. Many sites and services have implemented secondary security protocols and two-factor authentication, but users frequently use information and email accounts that can be easily compromised--giving attackers a simple way to access your information.
Simon Sharwood: Yes, we know Active Directory cloud sync is a MESS, says Microsoft Microsoft has made a confession: "integrating your on premises identities with Azure AD is harder than it should be" and requires "too many pages of documentation to read, too many different tools to download and configure, and far too much on premises hardware required." It has also done something about it, in the form of a new, four-clicks-and-you're-done tool called Azure Active Directory Connect.
Ricardo Rauch: WordPress Single Sign On with Auth0 We recently published the first version of the WordPress plugin for Auth0, which includes Single Sign On with enterprise directories (LDAP, AD, Google Apps, Office365 and SAML Providers, shared user/password between multiple WordPress instances for SSO, and SSO between WordPress and other applications. When you install the plugin, the default Login box from WordPress gets replaced with our Login Widget. Once installed, users can sign in using: Active Directory, ADFS, LDAP, Google Apps, Office365, SQL, PingFederate, Any SAML-P or WS-Federation system, SharePoint Online Apps (beta), Amazon, Facebook, LinkedIn, Twitter, Microsoft Account (formerly LiveID), Google, PayPal, Yahoo!, GitHub, vKontakte, Yandex, 37Signals, Box, Salesforce, Fitbit, Baidu, RenRen, Weibo, AOL, Shopify, WordPress, Dwolla, miiCard, Yammer, SoundCloud, Instagram, Evernote.
Tom Simonite: Mobile Gadgets That Connect to Wi-Fi without a Battery A new breed of mobile wireless device lacks a battery or other energy storage, but it can still send data over Wi-Fi. These prototype gadgets, developed by researchers at the University of Washington, get all the power they need by making use of the Wi-Fi, TV, radio, and cellular signals that are already in the air. Smart thermostats on the market today, such as the Nest, are limited by the fact that they can sense temperature only in their immediate location. Putting low-cost, Wi-Fi-capable, and battery-free sensors behind couches and cabinets could provide the detailed data needed to make such thermostats more effective.
Aimee Chanthadavong: Tapping away at checkout with a card, mobile, and now wearable Australia may be a small country, but it has been making waves in the world of contactless payments. In fact, Australia is the leading country in terms of penetration of contactless payments and the number of taps per month. Recent data compiled by Westpac has forecasted that contactless payments via mobile will reach just under a whopping AU$3 billion by 2015. "We've probably never seen a shift in customer preference or customer behaviour like that before, and Australia is leading the world in this trend," said David Lindberg, Westpac chief product officer.
Larry Dignan: Internet of things big security worry, says HP About 70 percent of Internet of things devices---including sensors and connected infrastructure---have vulnerabilities that could be exploited, according to Hewlett-Packard. HP's data is based on its Fortify division and a scan of 10 of the most popular Internet of things devices. HP found 25 vulnerabilities per device. These devices included TVs, Webcams, thermostats, remote power outlets, sprinklers, door locks, home alarms, scales and garage openers.
Privacy as a premium: Why it's time to say goodbye to the free internet The concept of privacy changed once it went online. What was once a sacred tomb of personal information has been twisted and altered by the digital age, like so many analog and now antiquated concepts before it. Privacy is now something that is not only taken for granted, but no longer held to any regard. Yet, online privacy is not something that is so much as taken from us but is what we've elected to give away.
Travis Spencer, Andreas KrohnRhys Fisher, Mark Boyd: API Platform Defined: When an API Provider is a Platform By standing on the shoulders of giants, we all have the possibility to disrupt markets and unseat entrenched incumbents. Cloud computing, mobile, and social have opened up unprecedented opportunity that we all have the chance to capitalize on. Market leaders like Amazon, Facebook, Twitter, and Twilio are using these disruptive technologies to form the foundation that we can build on to automate interactions between our networks and theirs. These types of organizations are API platforms, but what is an API platform? We talk about API platforms so much here on the Nordic APIs blog and at our events that we wanted to define it clearly.
Gartner Catalyst - USA Aug. 11-14; San Diego, CA A focus on mobile, cloud, and big data with separate tracks on identity-specific IT content as it relates to the three core conference themes.
Application Security Forum Nov. 4-6; Yverdon-les-Bains, Switzerland The conference is a well-established annual event dedicated to information, application and software security that features a full-day of training sessions and two days of conference sessions.