Someday you may ditch your two-factor authenticator for an electronic tattoo

Electronic “tattoos” and pills that turn your body into an authenticator are two next-steps in password protection that Motorola is working on, as described at a session Wednesday at AllThingsD’s D11 conference. Regina Dugan, senior vice president of the Advanced Technology and Projects group at Motorola Mobility, showed off two “wearable computing” oriented methods that remove the security tokens from the two-factor equation.

The electronic tattoos described must strike a balance between the “mechanical mismatch” of hard, rigid machines and soft, pliable humans, Dugan said. The “tattoo” Dugan wore, which appeared to be more like a sticker on her left wrist, uses “islands of high-performance silicon connected by accordion-like structures” that allow the tattoo to flex and move with her skin to stay on and remain functional. Presumably, the silicon and wires would eventually be embedded into the skin to make the user a proper bionic human.

The pill, on the other hand, turns one’s entire body into an authenticator. Dugan described the pill as a vitamin “reverse potato battery” that uses stomach acid as the electrolyte to power a switch. As the switch pulses on and off, it “creates an 18-bit EKG-like symbol in your body, and your body becomes the authenticator,” Dugan said.

Read 1 remaining paragraphs | Comments

Yahoo Mail reportedly loses key customer following mass hack attack

BT, the UK-based telecommunications company with more than 18 million customers, is dumping Yahoo Mail following a successful hacking campaign that hijacked e-mail accounts and used them to send spam, according to published reports.

BT's plans come four months after Ars was among the first publications to report on the mass campaign. At the time, attackers were able to commandeer Yahoo Mail accounts because administrators had failed to apply an eight-month-old security patch in the WordPress content management system that powered one of its blogs. By including malicious JavaScript in innocuous-looking webpages, the attackers were able to exploit the vulnerability and seize control over Yahoo Mail accounts that happened to be open while the booby-trapped webpages were viewed.

In March, more than two months after Yahoo finally applied the WordPress fix, criminal spammers continued to hijack Yahoo Mail accounts, suggesting that other security holes remained. That same month, Vivek Sharma, the general manager of Yahoo Mail and Yahoo Messenger products reportedly vacated his post for unknown reasons.

Read 2 remaining paragraphs | Comments