What is scarier? This kid? What he did? Or you???

For discussions about security.
Post Reply
Message
Author
belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

What is scarier? This kid? What he did? Or you???

#1 Post by belham2 »

https://www.securityweek.com/uk-teen-wh ... rison-term

Reading this, you have to just sit back & wonder at what level of "ineptitude" are we being subjected to by our leaders & people in high-level positions. Also, at what level are we ourselves being "inept" Why are we not demanding more, of both organizations and ourselves?

For example, with the Equifax, U.S. Government, and other high level worldwide breaches, how are companies even ALLOWING phone/verbal passwd resets? How are we as citizens/users not worried about this or demanding it be stopped? Why are you not doing something about it and going with companies and/or organizations that HAVE stopped this?

All the info in the universe known about you is already out there in the dark wind, floating around waiting to be purchased for a few coins. I've looked, for several people, used Bitcoin, went into corners of the dark web, and they each flipped out when I came back with what I did, purchasing basically their life history for the equivalent of $40-50. It took all of 15 mins to do.

Personally, this is a major reason I avoid all companies & organizations that do not allow you to permanently disable phone/verbal passwd resets plus they must also utilize some form of U2F/FIDO. If they don't do one or the other, I leave them and search for ones that do. And I have succeeded doing this for everything concerning my family.

Those companies that are worried and prepared are out there. I've left investment companies because they don't utilize U2F. I've left auto insurance companies, health insurance companies, etc, etc, because there wasn't the option to do either one and/or both of the above (allowing no telephone/verbal passwd resets and/or using U2F). I've left email companies too----I've posted on here numerous times how to permanently and irrevocably lock down your email using U2F where it is impossible for it ever to be broken into. This stuff is not hard, people. How long will you act like ostriches & think that it will never happen to you? This kid, multiplied by tens of thousands, are looking for you and at you every single day.

If more citizens/netizens could get off their collective a##es and act responsibly in this regard, then all companies--ALL sorts of companies across the spectrum----would start paying attention & responding. U2F/FIDO, or similar, would start sprouting everywhere, instantly. Then what this kid had tried to pull off (verbal impersonation) would have failed miserably.



This kid is NOT the problem. Hold that mirror up if you want to see who a big part actually is... :?

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#2 Post by Burn_IT »

In this case the CIA were both at fault in having weak security and particularly stupid in taking him to court and therefore publicising how inept they are.

He should have been praised and rewarded for finding and informing them of their mistakes.

I , personally think the case against him was manufactured or at least blown up out of all proportion, just to justify a heavy sentence.
"Just think of it as leaving early to avoid the rush" - T Pratchett

Post Reply