Abstract: This disclosure is directed to techniques, systems, and apparatuses to provide electronic concierge services and information to one of more users, as well as perform other operations related to planning one or more activities. Concierge services may include providing information about activities, recommending activities, arranging travel, and other related tasks. The electronic concierge may access and use personal information about the user (or group of users) to determine the activities that may be of interest to the user, and possibly to a group of users. The personal information may include transaction history, user settings, past user activity, social network information, and/or other types of information. The electronic concierge may receive other inputs such as a time period to undertake activities, a number of participants, an identity of the participants, and so forth.

Abstract: Techniques for marking or flagging an account as potentially being compromised may be provided. Information about the popularity of passwords associated with a plurality of accounts may be maintained. In an example, an account may be marked as potentially being compromised based at least in part on the information about the popularity of passwords and a password included in a request to change the password associated with the account. A notification indicating that an account has been marked as potentially compromised may be generated.

Abstract: Techniques for providing secure erase of data stored on a storage device may be provided. For example, a storage device comprising a first layer of firmware that is configured to receive access requests for data stored on a storage device may be in communication with a second layer of firmware. The second layer of firmware may be configured to receive, from the first layer of firmware, a request to erase a portion of the data stored on the storage device and verify the first layer of firmware before processing the erase request. In an embodiment, upon verifying the first layer of firmware, the second layer of firmware may block subsequent read requests for one or more physical blocks of the storage device that correspond to the portion of the data indicated in the erase request.

Abstract: Techniques for maintaining and updating authentication information for a plurality of accounts may be provided. In an example a first set of authentication information for the plurality of accounts may be maintained. A second set of authentication information that has been marked as potentially compromised may be received. A third set of authentication information may be generated based on the overlap between the first set of authentication information and the second set of authentication information. The first set of authentication information may be updated based at least in part on one or more security authentication protocols and the third set of authentication information.

Abstract: A digital content provider is configured to identify, based at least in part on various customer user profiles, digital content that is to be pre-loaded onto one or more customer computing devices in advance of the digital content being available for at least one mode of consumption by the one or more computing devices. The digital content provider may use these user profiles, as well as other external information, to identify one or more customers that are to receive the digital content. Subsequently, the digital content provider may download the digital content onto each identified customer's one or more computing devices in advance of the at least one mode of consumption becoming available to the customers. Once the mode of consumption is made available, the digital content provider may enable the use of the pre-loaded digital content.

Abstract: Disclosed are various embodiments for replicating authentication data between computing devices. A computing device detects a change to a user account made by a first client device associated with the user account. The computing device then determines that a second client device associated with the user account comprises locally stored authentication data that fails to reflect the change. The computing device then sends an update to the second client device.

Abstract: Methods and systems are provided for managing access to a client account related (CAR) resource. When a privilege-constrained (PC) application requests access to an individual client account, a single use authorization (SUA) code is created that is associated with the individual client account. The SUA code is routed to, and returned from, the privilege-constrained (PC) application to authenticate the PC application. The PC application, once authenticated, receives a permitted action token that identifies a limited set of privileges that the PC application is authorized to perform in connection with the CAR resource. The PC application provides the permitted action token to an access service. The access service limits access, by the PC application, to the CAR resource based on the permitted action token.

Abstract: An access control application for mobile devices is provided. The access control application may be configured to generate a set of security tasks based at least in part on information corresponding to a user's interactions with the mobile device. An unlock screen of the mobile device may be triggered and a security tasks from the generated set of security tasks may be displayed through a user interface of the mobile device. The user's response to the security tasks may be obtained and a confidence score may be calculated, based at least in part on the response. The access control application may then determine, based at least in part on the score and one or more attributes of the environment, whether to unlock the mobile device or prompt the user to provide an additional response to another security task.

Abstract: A technology is described for making a decision based on identifying without disclosing the identifying information. The method may include receiving a mapping value that represents identifying information that has been converted into a mapping value. A request for data associated with the identifying information may be made by providing the mapping value as a proxy for the identifying information whereby the data associated with the identifying information may be located using the mapping value and returned to a requesting client or service.

Abstract: Features are disclosed for facilitating remote management of browser add-ons on multiple user computing devices from a centralized add-on management system. A browser application on the user computing devices may include an integrated application programming interface that can be remotely accessed by the add-on management system. In some embodiments, a management add-on or some other object that is separate from or otherwise not integrated with the browsing application may be used to facilitate the remote management of add-ons. Management of add-ons may include permitting and/or blocking installation and/or execution of particular add-ons on a case-by-case basis. The determination may be based on user permissions, add-on characteristics, observed execution of add-ons, and the like.

Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate a one-time password. The first circuitry is incapable of determining the one-time password due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.

Abstract: Disclosed are various embodiments that facilitate bootstrap authentication of a second application by way of a user confirmation via a first application. The first application is authenticated using trusted credentials. A first application is authenticated with an authentication service using the security credential. Text input is sent from the first application to the second application via the network. The text input is sent to a text entry field on the second application.

Abstract: Devices such as vehicles, remote sensors, and so forth consume energy during operation. Described herein are systems, devices, and methods for transferring energy from an uncrewed autonomous vehicle to a vehicle such as a car. The uncrewed autonomous vehicle may locate the vehicle at a rendezvous location, and connect with the vehicle while the vehicle moves. Once the uncrewed autonomous vehicle connects to the vehicle, the uncrewed autonomous vehicle may transfer the energy to the vehicle.

Abstract: Disclosed are various embodiments for active data that tracks usage. The active data includes instructions that are executable by a computing device. The computing device is scanned to identify characteristics of the computing device. The characteristics of the computing device are utilized to determine whether the usage of the active data is authorized. Data is transmitted to a network service, including identifying information for the particular computing device and data that identifies a deployment of the active data.

Abstract: Disclosed are various embodiments for replicating authentication data between computing devices. A computing device monitors a first certificate store located on a first client device for a change in a first state of the first certificate store. The computing device updates a record of the first state of the first certificate store with the change in the first state of the first certificate store, wherein the record is stored in a memory of the computing device. The computing device then determines that the first state of the first certificate store differs from a second state of a second certificate store located on a second client device. Finally, the computing device sends an update to the second client device, wherein the update comprises a change set representing a difference between the updated record and the second certificate store.

Abstract: A customer submits a request for assistance to a customer service. Accordingly, the customer service may access a customer database to obtain one or more customer preferences that can be used to select a service representative. If the customer database does not include these preferences, the customer service may utilize one or more customer attributes to calculate these one or more customer preferences. Subsequently, the customer service may access a service representative database and select a service representative based at least in part on the one or more customer preferences. The customer service may transmit the request to the selected service representative to enable the service representative to assist the customer.

Abstract: An application may provide an export file type definition indicating data objects that may be shared with another application. Sharing data object between applications may include obtaining the export file type definition from the application and displaying a graphical user interface based at least in part on the export file type definition. Data objects may be selected through the graphical user interface and provided to another application based at least in part on the selection.

Abstract: Computing devices are disclosed that include functionality for providing a trustworthy indication of software integrity. The computing devices include a hardware trust evaluation device capable of determining the trustworthiness of computer programs executing on the devices. At least one trust indicator is also connected to the hardware trust evaluation device for providing an external indication of the trustworthiness of a computer program. Additional security information regarding the trustworthiness of the computer program may be displayed on the primary display device of the computing device. The display of the security information is triggered by a user of the computing device submitting a request through a secure mechanism, where the request is unobservable and inaccessible to programs executing on the computing device. Additional secure mechanisms, such as a unique user interface for displaying the security information, can be utilized to ensure the authenticity of the displayed security information.

Abstract: A variety of different mobile computing devices, such as a laptop, tablet or smartphone, may be used in a mixed set of computing environments. At least some of the computing environments may be hostile computing environments where users of the mobile computing devices may be exposed to unknown risks. Furthermore, the mobile computing devices may be unable to determine if a network in a particular computing environment is in fact the network the mobile device determines it to be. A beacon device may be attached to a network and provide mutual authentication for mobile devices in the computing environment. The beacon device may provide a credential store for user device in the computing environment. Furthermore, the beacon device may provide a trusted third-party enabling access to restricted computing resources with requiring users to share their credentials.

Abstract: An unmanned vehicle determines how to perform a task based at least in part on a message received from another unmanned vehicle. At a later time, the unmanned vehicle detects that the other unmanned vehicle has become untrusted. The unmanned vehicle recalculates how to perform the task such that the recalculation is independent of any messages from the other unmanned vehicle. The unmanned vehicle may also transmit messages to other unmanned vehicles to provide notification of untrustworthiness of the other unmanned vehicle.