Twitter is rolling out an updated login verification system for iPhone and Android that uses a novel cryptographic scheme that is designed to be resilient against attack and ensures that the private key never leaves the user’s device. The system doesn’t rely on SMS to send codes to users for login verification, but rather on a challenge-response system in the browser.

The long-anticipated inclusion of mixed-content blocking in Mozilla Firefox is now at hand, with the security feature showing up in the just-released Firefox 23. The feature, which helps defend users against certain kinds of man-in-the-middle attacks, is on by default in the new browser.

Scenes from this year’s hacking conference in Las Vegas, Nev. include a keynote by General Keith B. Alexander, Director of the National Security Agency and talks by researchers Karsten Nohl and Ralf-Phillip Weinmann.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.