A visit to the fuckup farm U.S. Government security keys vulnerable to hackers, for the dumbest imaginable reason Séamus Bellamy
basic account hygiene Research shows that 2FA and other basic measures are incredibly effective at preventing account hijacking Cory Doctorow
sim hijacking DOJ accuses Verizon and AT&T employees of participating in SIM-swap identity theft crimes Cory Doctorow
poisoning the well Facebook forces you to expose your phone number to the whole world in order to turn on two-factor authentication Cory Doctorow
number porting Comcast assigned every mobile customer the same unchangeable PIN to protect against SIM hijack attacks: 0000 Cory Doctorow
Voxox A leaky database of SMS messages is a reminder that SMS is really, really insecure Cory Doctorow
delete your account Facebook's been caught using their customers' 2FA information to spam them with text ads Séamus Bellamy
port out scams Fraudsters offers thousands to low-waged telco employees for help with SIM Swap scams Cory Doctorow
port out scam Your phone company's shitty security is all that's standing between you and total digital destruction Cory Doctorow
mitm How hackers can steal your 2FA email account by getting you to sign up for another website Cory Doctorow
infosec pompeii Mobile phone security's been busted for years, and now 2-factor auth is busted too Cory Doctorow
aqenbpuu At least twice, Sean Spicer has accidentally tweeted the password to his official White House spokesman Twitter account Cory Doctorow
something you have 12 days of two-factor authentication: this Xmas, give yourself the gift of opsec Cory Doctorow
human factors How governments and cyber-militias attack civil society groups, and what they can do about it Cory Doctorow
apt Elaborate spear-phishing attempt against global Iranian and free speech activists, including an EFF staffer Cory Doctorow