Public Key pinning is a small first step in the right direction, I think the problem is the first connection with the site, hopefuly something with DNSSEC could be added to help more

Yea sure, business will want to unblock Facebook on their proxies just because you have a "For Work" version. It will not happen.

In my understanding of the Android docs and this blog, yes it can have one, Google Wallet use the harware secure element on supported devices. Recent Android releases added APIs too, for applications to emulate cards without access to the secure element, pure CPU based implementations, less secure but still an option.

Fido U2F overview

I propose IBAR, International Business Apple Reseller

Until someone use one of those remote vulnerabilities that were used previously to jailbreak phones for malware (I remember one that did the jailbreak with just visiting a web page). We are talking about China here, so if this is some kind of government sponsored attack, they probably already have unreported security bugs at their disposal. It is true that iPhone security has being enhanced with every release, but at the same time code size has increased, so It must be something in ther to do more damage with enough resources

Because firmware updates become difficult, instead of binary differences between releases, you need a full fledged package manager and dependecy resolution to update the phone

Yahoo has something to tell you about their $250,000 per day fine if they didn't accept PRISM

The skype bug was not a skype bug, but one on some qualcomm camera driver that locked up using a lot of CPU, It had nothing to do with Android multitasking APIs

Google, stop chaging people that uses inum, those are SIP endpoints so it is wrong to charge money for a connection that is direct between SIP user agents, if not, don't complain about the lack of Net neutrality. You are giving advantage to people on your own IP network (Hangouts users) that those outside that want to communicate with Hangouts users.

Search rates for "International Networks - Voxbone" at their calling rate list

If I am out of my home for a night I should be able to use my watch the next day until I get home, without the need to carry another charger with me, 3 days Is something I want as a minimum

One of them, logind Manage user sessions with all the tools used with server processes. I for one welcome this.

Should a Linux kernel privilege scalation bugs be called a C vulnerability? no, those are bugs on code that use a particular language. If you say that the bug was found on the embeeed XML parser or any other library that is part of the Java Runtime, I would say yes, but this time no

The default is:

  1. Allow User MITM (pinning not enforced if the trust anchor is a user inserted CA, default)

So CAs inserted by the corporate networks will be allowed, only verified for CAs shipped by Mozilla

I wish more people were sued to use a Linux distro