The beauty of being a writer is that there is always room for improvement. As a writer, you’ll agree that taking one more look at a draft you’re working on allows you to polish it and make it better. These online writing tools will help you to speed up the editing and formatting process. As a professional writer, you have deadlines to meet, and these tools will ensure you deliver polished work right on time.

Using these tools altogether allow you to master the simple, yet critical details that separate good writers from great ones. At Ewritingservice.com, we have great writers who’ll do justice to your custom papers. Read on to learn about these tools that help you check your content's quality and increase your credibility as a writer.

  • Grammarly


  • Even as an excellent writer, finding grammatical mistakes are not easy. And that is where Grammarly comes in. The tool helps you catch errors in your writings. Grammarly boosts content credibility because obvious grammatical mistakes can easily discredit your work.

    Grammarly also keeps your voice active throughout the article and ensure that your sentence structure is appropriate. You can use Grammarly regardless of the app or platform you're writing on. It could be on Twitter, Facebook, Email, and offline as well. That is a must-have, easy-to-use tool for all writers who want to polish their skills.

  • Hemingway Editor


  • If you need to achieve succinct writing, Hemingway Editor is your go-to app. The tool is geared towards making your articles clear and precise. Passing your articles through this app makes them readable and straightforward. You need to ensure that readers can easily understand the message your writing is trying to convey.

    Testing your content for readability ensures you put out contents that your audience can easily read to the end. Always have your audience in mind because readability varies based on the audience the article is targeting.

    If you tend towards being long-winded as a writer, the app helps you highlight the sentences you need to shorten. Also, the color-coding lets you know the type of editing each highlighted sentence requires.

  • OneLook Reverse Dictionary


  • Have you ever wanted to use a given the word in your writing but can't remember it? Well, many writers experience this, and it can be quite frustrating. OneLook Reverse Dictionary remembers it for you. This app allows you to search the definition of the word you are thinking about, and it gives you related words.

    The app also saves you from repeatedly using the same words throughout the article. Thus, you get access to better alternatives to maintain the flow of your writing.

  • OneLook Reverse Dictionary


  • It is not uncommon to receive assignments with pre-defined wordcounts. Sometimes, the assignment also predetermines the number of sentences you should have. As the name suggests, this application counts the number of words in your articles, characters, paragraphs, as well as sentences.

    Additionally, Wordcounter also shows you the readability level of the article, so you know if your audience will have an easy time comprehending your message.

  • Cliché Finder


  • Using one or two clichés in your writing will make it more interesting. However, use them too many times, and your article is bound to grow stale. Cliché Finder helps you remedy this by identifying clichés you've used in the article. Removing clichés ensures that your article looks more original and unique.


This application enhances a writer's communication skills as, over time, you become aware of what the app usually eliminates.

These highlighted online tools are must-haves for any writer who wants to improve their skills. Passing your article through these tools ensures that you submit excellent quality articles without grammatical errors or redundant words.

Best 5 Online Tools that will help to make you a better Content Writer



The AI-powered photo-editing app, FaceApp has been on the news recently owing to its huge adoption by influencers to mimic how they'd look when they are older or younger, or change genders, and the viral moment has resulted some privacy concerns as to the controversy surrounding how and where the purported images are stored.

There was an earlier fear that the app also gains access to the huge collection of images on users mobile phones, which issue have been dismissed by the Russian creators, maintaining that their servers are from trusted public providers like Amazon Web Services and Google.

Albeit, the Russian-made FaceApp has been around since 2017, the past few weeks has been monumental as millions of people downloaded the app, and presently there is a feature that allow users to download and edit photos from Facebook accounts when a user enables FaceApp to access the account via the 'Login with Facebook' option made available.

FaceApp fetches the list of Facebook friends "who use and have shared their friends' lists with FaceApp" whenever a user grants it permissions, however, FaceApp works fine without you even connecting your Facebook account to use the photo-editing app when you choose to select photos from your mobile device storage.

Another privacy issue raised was that on the iOS platform, the app overrides security settings when denied access to camera roll, and it's capable of still selecting and uploading a photo, despite not having the necessary permission to access the photos.

FaceApp, however had specified that it “might” store photos users chose to upload to the cloud service for a short period, claiming that it is done for “performance and traffic” reasons to make sure that there is no repeatedly uploading of the same photo to carry out an edit.

But granting FaceApp permission to access your Facebook friend list or other unnecessary permissions, can be pretty scary and risky, so it is advised that you update your preferred rights on the Facebook account settings under "Apps and Website" section.

FaceApp Privacy Issue: How the infamous App also request access to users Facebook friends list



There is a new variant of the infamous malware, WatchBog that previously infects Linux servers through Jira, Exim, ThinkPHP, and Solr exploits, that now target Windows RDP servers with BlueKeep vulnerability.

While the BlueKeep vulnerability is present in the Windows Remote Desktop Services, enabling attackers to remotely run arbitrary code or denial of service attacks, and potentially take over the vulnerable systems by sending specially crafted code requests over RDP protocol.

WatchBog's BlueKeep scan infected systems probing all the IP addresses from list on the malware's command-and-control (C2) server, with the IPs running on RDP Windows services 3389 TCP port, which uses a 'Cookie: mstshash=' string as the login for the RDP mstshash field.

According to Intezer Lab, credited with the discovery of the new WatchBog variant, the attackers behind the WatchBog malware use their botnet network to prepare list of vulnerable systems to target in the future or sell to third party vendors for profit. And the malware has already compromised over 4,500 Linux machines in the last couple of months.

It deploys script on the targeted machine in order to download Monero miner modules, with the malicious script also able to gain persistence on the infected system to further download a new spreader module in the form of a dynamically linked Cython-compiled ELF executable.

Microsoft, however has released patches for vulnerable Windows versions following security researchers proof-of-concept exploits for the vulnerability, with several tools designed to make it easier to find vulnerable Windows machines.

Linux cryptomining malware, WatchBog makes a comeback to target Windows RDP Servers



Microsoft Edge was earlier criticized for lack of support for the legacy MSHTML engine for backwards compatibility, which makes it unable to support legacy technologies such as ActiveX and Browser Helper Objects, instead relying on an extension system.

Now, the company's move to rework the Edge browser with Chromium engine, replacing its age-long EdgeHTML engine, has opened it up for support on older Windows version, including going cross-platform, with promised addition of new Internet Explorer (IE) mode.

Unlike what's obtainable with the dual-browser approach by Windows 10, the IE mode would be able to seamlessly render legacy IE-only content within Microsoft Edge.

The IE mode is currently available in the Dev build, albeit IE-on-Edge would rely on Enterprise Mode and Enterprise Mode Site List, as applicable on IE11 and old-Edge, so that IT admins can designate sites that require IE and those for the Edge browser.

Microsoft is touting the new capabilities of Chromium Edge as one of the strong cases as to why enterprises should switch to the new Edge. It also made available attachments in .zip format containing ADMX and ADML files, which outlined what is to be implemented as group policies on Windows system.

This latest move by Microsoft has been interpreted as possibility of eventual elimination of the stand-alone IE11, with users left only the option of using IE mode on Edge, though support for corporate customers would remain for those who are eligible for the Extended Security Updates (ESR) available till January 2023.

Microsoft looks to IE Mode for Edge to support legacy MSHTML engine for backwards compatibility



Xoom is a money transfer service own by PayPal that allow users to send funds to locations worldwide, including Nigeria, with instant deposit in Naira account or having the option to pick cash by simply presenting an ID card and the Xoom transaction number at any of the designated cash pickup locations.

It offers three options to the recipient collecting the cash: cash pickup, bank deposit and home delivery, while the options available may varies depending on where you are receiving the funds.

The service requires that you register a free account with your personal contact information before you can send the funds, but you don’t need a Social Security number to sign-up for Xoom, just a government-issued ID, like drivers license or international passport.



Additionally, you can reload phones and pay utility bills right from your mobile device with Xoom, paying either via credit card, debit card or bank account.

How to integrate Paypal with Xoom Money Transfer



If you already have a fully verified PayPal account, you can use it to sign up for the Xoom service, and you will be able to choose whether to pay with your Debit/Credit Card or PayPal account under payment information.

Note that is is the most important part of this process because you are using your PayPal account for the transaction.

And you can choose from the following options: Cash Pick up, Bank Deposit or Door-to- Door Delivery, which options availability may be location dependent, just fill in the required information to process the transfer.

Steps to Transfer Funds to Nigeria local banks using Xoom Money Transfer service



Irrespective of whether you have a PayPal account or not, you can use the Xoom service to transfer money to local banks in Nigeria. To send money, simply sign up for the Xoom service here and once you have signed up, login to your Xoom account and from the button on the upper left corner of the web page select Nigeria as the country you want to send the funds.



Then choose to pay with your Debit/Credit Card or bank balance under payment information and scroll down to add the card information.

You can opt for text updates or email notifications, whereby you can review the transfer status on the platform. Alternatively, you can call the Xoom Customer Service for information on your transfer status. While most of the transfers are completed within few minutes, it may take a maximum of four business days.

How to transfer PayPal Funds to Local Bank accounts in Nigeria using Xoom Service



A newly discovered vulnerability in hardware-based motion sensor, known as accelerometer, which comes in-built on most Android devices can allow hackers to have unrestricted access to loudspeaker data by using app installed on a device even without permissions.

The accelerometer is supposed to allow apps to sense the movement of a device, such as shaking, rotation, or swing actions, by measuring the rate of change in the velocity with regard to magnitude, but some app developers have come to abuse the collection of data, through phone identifiers, and MAC addresses by exploiting side channels.

According to security researchers, there has been a successful demonstration of a new side-channel attack that allow malicious apps to eavesdrop on the speech coming out of the loudspeakers without requiring any express permissions.

The vulnerability dubbed Spearphone, is tied to apps that collect sensitive data even when explicitly denied the required permissions by the users, using the in-built loudspeaker of an Android device to produce aerial speech reverberations in the smartphone with the loudspeaker mode enabled.

It is triggered when a phone or video call is placed with the speaker mode activated, or there are attempts to listen to media, or interaction with Google assistant; while the researchers as a proof-of-concept, created an app designed to record speech reverberations and send captured data back to a controlled server.

The Spearphone attack can also be used to know the contents of the audio played by any device, either selected from the gallery over the Internet, or voice files received over messaging applications like WhatsApp and Telegram.

Albeit, the security team have recommended possible mitigation techniques that can prevent such attacks, which includes lowering the sampling rate and variation in volume and voice quality of devices that could negatively impact the accelerometer.

How Android hardware-based vulnerability allow hackers to capture Loudspeaker data without permission



Microsoft originally built its browser, Edge with a rendering engine called EdgeHTML, designed to be lightweight, fast and secure, but since launch the browser has been plagued with a plethora of issues resulting to low adoption by Windows users.

The company, however had later switched its browser engine to the Blink rendering engine, which is forked from WebKit and currently used by Google Chrome and Opera browser, now Microsoft has went ahead to release a catalog of group policies for IT admins in managing the Chromium Edge browser, and to allow them have a preview of what will be available on the browser.

While the technical progress it's made in the transition from EdgeHTML to Chromium has been well chronicled, the company has for the first time made a strong case as to why enterprises should switch to the new Edge.

Microsoft made available attachments in .zip format containing ADMX and ADML files, which outlined what is to be implemented as group policies on Windows device and a doc in HTML that describes the policies for both Windows and Mac computers; with the supposed group policies, even as incomplete as it is, been tailored to convince enterprises for a change in their browsers.

Albeit, as the chromium edge is still a work in progress, also the list is expected to undergo some changes before the final release, which could mean that new policies may be added or removed based on feedback from the communities.

It should also be noted that Microsoft has implemented an Edge tracking prevention designed to protect users from websites that track their online surfing habits which is perhaps the company's boldest statement and of course, Microsoft's looking to distance its browser from the creepiness already associated with Google Chrome.

Microsoft pitches the new chromium Edge browser to Enterprises with group policies



OpenJDK Mobile is concerned with providing same APIs in the OpenJDK source repository to iOS and Android, albeit with more focus on iOS for its lack of traditional support for Java, given that Apple disallows the Java Virtual Machine (JVM) from running on the iOS platform.

Now, there is a proposal within the OpenJDK community seeking to jumpstart Java on iOS, which will result to restarting work on the OpenJDK Mobile project, with the new plan entailing the use of the GraalVM ahead-of-time (AOT) compilation for code at build time, even as just-in-time compilation is never an option for iOS.

This procedure has already been successfully used on Java 11, so employing OpenJDK classes and the GraalVM Native Images, Java developers will be able to create applications that run within the Apple rules.

Though, Java was used for Android development from the very beginning, but now Android is currently not Java 11-compliant and requires Android Studio, if it must be run, which procedures many developers find as tedious in using Java projects and libraries on Android. As such, the plan will also include a synchronized fork of OpenJDK master, using Project Skara.

The Skara-based repository would be employed in the building of the OpenJDK Mobile for iOS and Android; thus Java developers wouldn't have to learn Objective-C or Swift to write their software for the iOS platform.

And the fact that Java is cross-platform compliant, with security as a key cornerstone, it allows for secure connectivity with cloud services, makes it a big deal for mobile development.

How OpenJDK Mobile can run Apple-approved executables without the JVM using AOT Compilation



TensorWatch, a debugging tool with many advanced capabilities that researchers and engineers will find pretty helpful in their work, introduced by Microsoft at the 2019 ACM SIGCHI Symposium on Engineering Interactive Computing Systems, is now open source.

While the tool is also helpful in reducing the complexities of AI projects, with more focus on the crucial part of the development process, which includes debugging, making it easier to get rid of errors and thus minimize one of the most time-consuming jobs in software projects.

As deep learning is increasingly accompanied by model complexity, like large datasets and training times for models, researchers will often need to understand the training metrics when working on novel concepts, and available tools for machine learning training have hitherto focused on a rather garbage in, garbage out approach.

But with TensorWatch, it will become easier to spot bugs by visualizing the models in interactive graphs, and through the data made available by the AI model during testing. The tool is a Python library, and also allow users to build own custom UIs or use it within the vast Python data science ecosystem, with support for several standard visualization types, such as bar/pie charts, histograms, and 3D variations.

Additionally, there is the lazy logging mode, which doesn’t require explicit logging of information.

TensorWatch reduces overall processing overhead by cutting down on the amount of data that's processed to find problem patterns. If you wish to give it a spin, the code for TensorWatch is available on GitHub.

Microsoft’s AI debugging & visualization tool, TensorWatch now open source



Microsoft is working on what it calls 'tracking prevention' for the Chromium-based version of Edge, which will serve same purpose as the cookie blockers put in place on both Firefox and Safari browsers.

While Google Chrome remains the only browser without actual implementation of ad blockade, which reason is very much obvious, Google is the single biggest advertising company on the Web; Microsoft is looking to distance its browser from the creepiness already associated with Google Chrome.

The Edge tracking prevention is designed to protect users from websites that track their online surfing habits which tracking is especially beneficial for ads targeting, and Microsoft touted the feature after Mozilla switched on its hugely anticipated Enhanced Tracking Protection (ETP).

Microsoft Edge implementation of the privacy mechanism is available by typing edge://flags in the address bar; same as the chrome://flags command which has been long known to techy Chrome users. And the user will have to select "Enabled" for "Microsoft Edge tracking prevention" settings option, then relaunch the browser; after which Edge will stymy all the trackers.

Albeit, the tracking prevention feature is currently available only in the "Canary" build, the least reliable of the four channels, and expected also for the macOS Canary build; and eventually, the Windows 10 and macOS Dev builds will follow.

The "full-Chromium" Edge which launch is expected this year - and also to run on older Windows 7, 8 and 8.1, may perhaps be getting the blocking mechanism. But it remains unclear when the tracking prevention feature will be ready for prime time, given that Mozilla which boasts of the most comprehensive anti-tracking scheme on its browser, took quite sometime in working out the rough edges.

Mozilla had initially made it available via Firefox's privacy mode, and then afterwards, moved on to integrate it wholly into the browser.

Microsoft Edge's tracking prevention has been seen as the company's loudest statement on its independence from Chrome creepiness, and perhaps, taking a leaf off Firefox is all it needs to reposition Edge to the top of browsers chart, once again.

Microsoft toes the line of Firefox with Chromium Edge push for anti-tracking mechanism



Google’s attempts at building social networks is replete with spectacularly failed social networking sites, with some projects that never lived up to its potential, or even those that caused needless angst for its users, and never did quite took off at all.

But still, the Internet giant hasn't given up yet, with Shoelace app - an experimental social app that is meant to connect users more like actual shoelaces by engaging in those activities they share in common.

Shoelace is developed by Area 120, Google’s brainchild company that is saddled with experimental projects, which is also behind apps such as Uptime, Shortwave, Touring Bird and Supersonic, among others.

Albeit, the Shoelace app is currently open to users in New York City, United States only as invite-only, and available on the Play Store and Apple App Store. The app functions more as community driven and interest based hub allowing users to look up activities and events in the given area. It will notify users if their interests are within the listed activities and help them to meet new people with same interests.

They can also create own events on Shoelace and invite people who share same interests, making it easier to get along with each other in the process. And perhaps, the Shoelace app will eventually become available for all soon, but like every other experimental projects there are also likelihood it may not see the light of day!

No! Google hasn't given up on own Social Network, experimenting with Shoelace App



FinFisher, also known as FinSpy, is a spyware that is covertly run on target's system often by government law enforcement, through security flaws in the underlying system update of the devices.

The infamous spyware was created by Gamma International, a German security company, with the sole purpose of serving as government-grade commercial surveillance software that target various systems, including mobile platforms like iOS and Android. FinSpy is fully capable of infiltrating target mobile devices to steal personal information, such as from SMS Messages, Phone calls, emails, files, contacts and GPS data, extensively deployed in the targeting of human right activists in many countries by rogue governments.

Kaspersky researchers uncovered an ongoing cyber-espionage campaign involving the infamous spyware that's targeted at users in the Southeastern Asian country of Myanmar with implants via iOS and Android smartphones.

The security researchers spotted the new versions of FinSpy that specifically target mobile operating systems and also capable of recording calls via third-party apps like WeChat, Viber, Skype, and LINE, among others. Even, the so-called secure messaging applications such as WhatsApp, Signal, and Telegram are not spared by the spyware.

Albeit, there are some setbacks given that FinSpy require root privileges on a targeted device to work properly, it's unable to function on iOS devices without jailbreaking, which is achievable only with physical access or remotely, in the possibility of zero-day vulnerabilities.

The new versions of the FinSpy spyware were exploited in the wild in almost 20 countries, which according to Kaspersky, Gamma Group have recreated parts of the original implants, through extended support functionality, making it harder to analyze and detect the new implants in order to retain its position in the market.

FinFisher Spyware covertly installed on iOS and Android devices in Southeastern Asian countries



Linux latest kernel release version 5.2 is pivotal in the open source OSes goal of spreading across the world, with the long awaited Sound Open Firmware (SOF) support which provides an open source audio firmware and SDK for modern Digital Signal Processing.

The Sound Open Firmware Project is powered by Intel to enable developers with tools to adapt operating systems for audio devices, while the Linux Foundation had earlier announced the Firmware as part of Linux Foundation project.

Intel Corporation is credited for engineering and code contributions for SOF, including digital signal processing (DSP) firmware and SDK that provide infrastructure and development tools for developers working on audio or signal processing, with support from other contributors.

These tools comprise of scripts to help developers evaluate tradeoffs between processor load, memory and audio quality, with GNU Debugger integration, contributed by Google.

The new Linux Kernel 5.2 release includes support for many other Intel chips such as Cherry Trail, Broadwell, Cannon Lake and Ice Lake, with Sound Open Firmware to accelerate the development of new features that simplify system integration of the DSP hardware and software.

And the Sound Open Firmware currently support the Cadence Tensilica Xtensa instruction set architecture on Intel platform-based devices and can be ported to other platform architectures.

Linux 5.2 debut with support for Open Source audio DSP firmware and SDK for audio



For those hearing it for the first time, DeepNude is the name of a rather infamous app that took the capabilities of the emerging AI technologies to a new heights, allowing its users to create unerring nude images of women from any picture with just a click.

While the official website of DeepNude has already been taken down, as it attracted criticism from different sectors, this post is meant to highlight what went wrong and how the app created around 3 months ago by an unknown developer by the nick “technology enthusiast” could have presented a better returns.

Ironically, the DeepNude App targeted women, which according to the creator, was because images of undressed women are pretty easy to find anywhere on the internet. But this is certainly not the first instance of technology haven been used to ruin people’s lives on the web platforms.

Adobe's Photoshop has even wrought greater harms, with uncountable fake images been photoshopped to fuel the increasing fake news menace. But why didn't Photoshop go into oblivion, and why is DeepNude facing such a huge backlash, when such utilities like Photoshop are still been heavily patronized and used in creating fake porn videos of celebrities and even for revenge porn.

DeepNude is a prove of the advancement in machine learning algorithm which is happening at a rate faster than we can ever imagine. And with the latest AI capabilities, there are huge possibilities that are both exciting and horrifying at the same time.

The caveat is that even though the original app has been taken down, there are myriads of exact copies already sworn into circulation on the web, and as more people are becoming curious by searching to find the download links of the supposed app, bad guys can also leverage on it to spread malware to unsuspecting web users.

Albeit, some developers claimed to have tweaked the original DeepNude app, but the threat posed by the deepfake technology isn’t just limited to online platforms, the impending reality is that if regulations and policies are not implemented to prevent the harm that technologies like DeepFakes and DeepNude are capable of doing, nothing else can stop it.

Lessons from the DeepNude App fiasco and why it is hard to completely eliminate



The brick-and-mortar store have lost its mainstream appeal, with online shopping now the norm; you don't ever have to leave your sitting room to do shopping anymore - right in your pajamas, you can go shopping at any online store via your mobile device at your convenience.

Now, how about getting even the option of customizing or having your jewelry personalized at a relatively cheaper price and delivered at your convenience? That's exactly what the good people at GetNameNecklace.com has done, bringing you designs made with a lot of passion. And the piece can equally be personalized by name, initials, lettering type, metal and stones to meet your sense of style.

Getnamenecklace is a specialist jewelry manufacturer with fashionable and gorgeous personalized jewelry collections. They comprises a professional team of designers who are hugely talented in the art of turning personal names and initials into lovely piece of jewelry.

Their collections include: necklaces, monogram chocker necklaces and family pendants, all coming with good quality and competitive pricing via the latest jewelry making technology. And the Factory procedures are well organized to bring efficient service delivery - from the technical team to shipment agents, the check out and packaging processes are done with utmost precision, to ensure professional and timely delivery.

Among their specialty collectors item are the Single Infinity Name Necklace In Sterling Silver and other Infinity-branded necklaces, with each piece having the option of been personalized or customized according to your preference.

The personalized Single Infinity Name Necklace offers you the appeal to show off what the word "forever" truly stands for and it is the perfect infinity necklace to gift to loved ones, as you can get your name and your significant other on it. You can also get inspirational words, or anything else you can think of in customizing the infinity necklace.

What more can you ask for from GetNameNecklace.com? You can head to the online store right away to shop now for yourself and perhaps you'd really enjoy the designs made with passion just for you.

GetNameNecklace.com - Get Customized & Personalized Jewelry at Cheap prices



The infamous Remote Access Trojans, SpyNote and Remcos is reported to have been actively exploited through Facebook pages tied to hackers resident in Libya, since 2014 to infect targeted systems, with the malware hidden in links posted by the pages.

While the crafty links were made very tempting to click, following claims that it contains leaked intelligence reports, like a page ran in the name of Libya’s national army commander, Khalifa Haftar, found to be the focal point for the spreading of the malware.

According to Check Point Researchers, the malware were hosted on public servers that include public providers like Dropbox and Google Drive, and not just one single page was responsible for spreading the malware — as it involves a network of different, but similar campaigns operating on numerous platforms.

Through the Khalifa Haftar Facebook page, the researchers were able to trace the malicious activities all the way to the attacker and also able to find out how they've been taking advantage of the social networking platforms, by compromising legitimate websites to host malware, and haven successfully made their way to thousands of victims mainly in Europe, the United States and Canada.

Albeit, the Facebook page impersonating Khalifa Haftar was created in April 2019, it has since managed to attract more than 11,000 followers, with the page sharing politically themed posts which include URLs to download files marketed as leaks from Libya’s intelligence units.

It is interesting to note that the attackers opted for open source tools and infected victims with known remote administration tools (RATs) such as Remcos, and SpyNote, often used in run-of-the-mill attacks. And there are over 40 unique malicious links employed by the attacker over the years, many of which were shared from the pages.

The connections between the pages and the URLs used in the different phases of the operations, shows that the malicious activities were highly intertwined as many of the links were spread by more than one page.

Facebook has again and again validated its perceived inability to contain malicious activities carried out via its platform, even though it has launched several program to tackle the menace. Admittedly, the social networking sites have become the bait of identity scams, a development which has engaged the better part of the security concerns over the past years, coupled with incessant privacy issues.

How Hackers are spreading Remote Access Trojans via Multiple Facebook Pages



Apple announced the availability of "Sign In with Apple" button at WDDC 2019, which feature presents new option of accessing applications now that everyone is more concerned about privacy; but the safety of the sign-in button is currently being questioned by the OpenID Foundation.

According to the OpenID Foundation, there isn't much difference between Apple’s implementation of the “Sign In With Apple” and OpenID Connect protocol, with the former implementation taking some clue from the latter, though it isn't completely aligned.

The major differences between OpenID Connect and Sign In with Apple reduces only in places where users can use Sign In with Apple, and it exposes them to greater security and privacy risks, with unnecessary burdens saddled on developers of both the OpenID Connect and Sign In with Apple.

Apple will be required to adopt the OpenID Connect Relying Party software, the identity protocol built on OAuth 2.0 to become interoperable in order to close the current gaps, and enable third-party login to applications in a standard way.

The OpenID Foundation, however applauds Apple’s efforts in allowing users to login to third-party applications with the Apple ID, and calls on the company to implement the OpenID Connect Self Certification Test Suite to improve the interoperability and security of Sign In with Apple.

Apple Sig-in button is coming on the heels of the single sign-on (SSO) buttons of Google and Facebook, which are other options available for web users in accessing third-party web and mobile applications.

How Apple’s implementation of the "Sign In With Apple” button exposes users to more security risks