Monday, June 27, 2016

2-step identification could have a loophole with texts


An article in Wired by Andy Greenberg encourages companies to use methods other than texts for 2-step identification, link here.  There seems to be a potential loophole with Sim-spoofing, and SMS spoofing as well (won’t try to explain how it’s done – leave it for Hollywood – a kind of “Now you see me 3”).  There is recommendation of the development of secure smartphone apps for 2nd level verification. 
  
“Blogtyrant” tweeted this story, shortly after announcing Brexit (one of the first Friday night).  I’d like to see his take on “https everywhere”.

No comments: