New Java desktop UI toolkit: Amino brings some nice features
Java obfuscation: the Android developers recommend ProGuard. It’s actually a very nice utility, but I don’t feel comfortable to apply a complicated technique to already complicated applications.
One Time Passwords, remote logout: Facebook adds new security features, and some questions are crossing my mind: why not add add OPIE-like features, with One Time Password Lists and/or two-factor authentication (with something you know and something you have)? We got lots of smartphones out there, just use them…? re “remote logout”: why not just invalidate existing web sessions on the next login of the user? Can Facebook make a difference between web and API (e.g. widget, apps) sessions?