How safe is your favourite website?
- Sidewalker
- Expatriate
- Posts: 789
- Joined: Thu Jun 04, 2015 3:56 pm
- Reputation: 251
- Location: Siem Reap
How safe is your favourite website?
How safe is your favourite website? From Facebook to Trip Advisor the best and worst offenders for cybersecurity have been revealed.
https://www.dailymail.co.uk/sciencetech ... bsite.html
https://www.dailymail.co.uk/sciencetech ... bsite.html
There are people who cannot imagine that there are other ways of life than their own life.
Re: How safe is your favourite website?
Two-factor authentication may not be a good measure of cyber security robustness these days.
https://www.theverge.com/2017/7/10/1594 ... urity-messThe promise of two-factor began to unravel early on. By 2014, criminals targeting Bitcoin services were finding ways around the extra security, either by intercepting software tokens or more elaborate account-recovery schemes. In some cases, attackers went after phone carrier accounts directly, setting up last-minute call-forwarding arrangements to intercept codes in transit. Drawn by the possibility of thousand-dollar payouts, criminals were willing to go further than the average hacker. The attacks continue to be a real issue for Bitcoin users: just last month, entrepreneur Cody Brown lost $8,000 through a Verizon customer support hack.
Outside of Bitcoin, it’s become clear that most two-factor systems don’t stand up against sophisticated users. Documents published this month by The Intercept show Russian groups targeting US election officials had a ready-made plan for accounts with two-factor, harvesting confirmation codes using the same methods they used to grab passwords. In another case reported by Symbolic Software founder Nadim Kobeissi, a maliciously registered device let attackers break through a target’s two-factor protection even after the system had been reset.
Not all two-factor is created equal. Here’s a rundown of which varieties are better, and which should be avoided altogether.
Best
The most secure form of two-factor is a hardware token. The most popular is the Yubikey, which works for Google, Facebook, and a bunch of other major services. Thanks to the FIDO spec, it can’t be spoofed even if you stick it in the wrong computer.
Good Enough
If you don’t want to shell out for a security key, your best bet is a dedicated app like Authy or Google Authenticator. They can sometimes have account reset issues, but they’re an easy way to get most of the protection two-factor has to offer.
Avoid
SMS has been at the center of a lot of two-factor hacks, most recently as a way to hijack Telegram accounts in Iran. High-security accounts are already moving away from it, but a frightening number of services still keep it as an option, giving anyone who compromises your carrier account an easy way in.
- John Bingham
- Expatriate
- Posts: 13779
- Joined: Sun Dec 07, 2014 11:26 pm
- Reputation: 8977
Re: How safe is your favourite website?
I'm not sure how safe Stinkingcannibalizedabortions.com is anymore, I keep getting all these nasty pop-ups when I look on there.
Silence, exile, and cunning.
-
- Tourist
- Posts: 8
- Joined: Thu Dec 06, 2018 9:09 pm
- Reputation: 4
-
- Similar Topics
- Replies
- Views
- Last post
-
- 0 Replies
- 989 Views
-
Last post by yong
-
- 17 Replies
- 4103 Views
-
Last post by truffledog
-
- 15 Replies
- 3951 Views
-
Last post by DogDay
-
- 0 Replies
- 1244 Views
-
Last post by Whatsupdoc
-
- 5 Replies
- 3341 Views
-
Last post by sigmoid
-
- 1 Replies
- 1448 Views
-
Last post by techietraveller84
-
- 10 Replies
- 2837 Views
-
Last post by John Bingham
Who is online
Users browsing this forum: No registered users and 240 guests