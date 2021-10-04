 Skip to content
Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Vice)   Tech company quietly reveals that hackers had "unauthorized access" to its system for years. Syniverse? Never heard of it. Probably nothing important *clicks link* uh oh   (vice.com) divider line
41
    More: Fail, Mobile phone, Computer security, former Syniverse employee, SMS, unauthorized access, Text messaging, scale of the breach, content of SMS text messages  
•       •       •

2987 clicks; posted to Main » and STEM » on 04 Oct 2021 at 4:35 PM (1 hour ago)   |   Favorite   |   Watch    |   share:  Share on Twitter share via Email Share on Facebook



41 Comments     (+0 »)
Log in (at the top of the page) to enable voting.
View Voting Results: Smartest and Funniest
 
MusicMakeMyHeadPound [TotalFark] [OhFark]
‘’ 1 hour ago  
Maybe using SMS for multifactor authentication is a bad idea
 
justanotherfarkinfarker
‘’ 1 hour ago  
Hackers probably working for 3 letter agencies
 
TWX
‘’ 1 hour ago  

MusicMakeMyHeadPound: Maybe using SMS for multifactor authentication is a bad idea


Yep.  This is why two-factor authentication based on a stupid text message is not the right approach.
 
CrankyAndi [TotalFark]
‘’ 1 hour ago  
Heard of them?  I WORKED for them.  I have friends there still.   Weird to see them on Fark.
 
ayrlander [TotalFark] [OhFark]
‘’ 1 hour ago  

CrankyAndi: Heard of them?  I WORKED for them.  I have friends there still.   Weird to see them on Fark.


Usually when I see my friends on Fark, they're just referred to as "Florida Man."
 
gameshowhost [TotalFark] [OhFark]
‘’ 1 hour ago  
Yikes, I hope they don't find the one where I proposed to my cousin!
 
137 Is An Excellent Time
‘’ 1 hour ago  

TWX: MusicMakeMyHeadPound: Maybe using SMS for multifactor authentication is a bad idea

Yep.  This is why two-factor authentication based on a stupid text message is not the right approach.


Except 2FA with protocols that lock it to specific devices suck as well. Had Google Authenticator setup for about a dozen accounts. Never realized that it locks to a specific device. Turned in iPhone and got new iPhone, installed GA and yeah, no accounts. Tried to add my accounts again, but wouldn't ya know it, you need the old device to do this.

Long story short is around 8 of those accounts are now permanently locked with no way to access them.

Sweet.

Shoulda used SMS.
 
kb7rky
‘’ 1 hour ago  

gameshowhost: Yikes, I hope they don't find the one where I proposed to my cousin!


You promised you'd never tell!

*runs away crying*
 
kb7rky
‘’ 1 hour ago  
/you left it wide open there, Tuffles ;)
 
Rwa2play [TotalFark]
‘’ 1 hour ago  
I'm gonna say they were hacked at a level that, when they saw the scope of it all involved uttered;

Fark user imageView Full Size
 
steklo [TotalFark]
‘’ 1 hour ago  
Fark user imageView Full Size
 
the_sidewinder [BareFark]
‘’ 1 hour ago  

137 Is An Excellent Time: TWX: MusicMakeMyHeadPound: Maybe using SMS for multifactor authentication is a bad idea

Yep.  This is why two-factor authentication based on a stupid text message is not the right approach.

Except 2FA with protocols that lock it to specific devices suck as well. Had Google Authenticator setup for about a dozen accounts. Never realized that it locks to a specific device. Turned in iPhone and got new iPhone, installed GA and yeah, no accounts. Tried to add my accounts again, but wouldn't ya know it, you need the old device to do this.

Long story short is around 8 of those accounts are now permanently locked with no way to access them.

Sweet.

Shoulda used SMS.


Shoulda used Authy. It works the same way as Google Auth, but doesn't lock to a single device
 
gameshowhost [TotalFark] [OhFark]
‘’ 1 hour ago  

kb7rky: gameshowhost: Yikes, I hope they don't find the one where I proposed to my cousin!

You promised you'd never tell!

*runs away crying*


great you blew our cover
 
gameshowhost [TotalFark] [OhFark]
‘’ 1 hour ago  

kb7rky: /you left it wide open there, Tuffles ;)


that's why my cousin said ;'(
 
gameshowhost [TotalFark] [OhFark]
‘’ 1 hour ago  
why?

WHAT?? WAT
 
Purple_Urkle [TotalFark]
‘’ 1 hour ago  
Fark it, I'm getting a ham radio license if I want a private conversation.
 
lurkey
‘’ 52 minutes ago  

Purple_Urkle: Fark it, I'm getting a ham radio license if I want a private conversation.


And then learn Navajo in Morse Code.
 
TWX
‘’ 52 minutes ago  

Purple_Urkle: Fark it, I'm getting a ham radio license if I want a private conversation.


You do realize that you're not allowed to encrypt on the amateur bands and that there are people that make a hobby of trying to record transmissions on those bands, right?
 
natazha [BareFark]
‘’ 51 minutes ago  
If someone wants to read text messages from repair people, fine.
 
TWX
‘’ 50 minutes ago  

gameshowhost: kb7rky: gameshowhost: Yikes, I hope they don't find the one where I proposed to my cousin!

You promised you'd never tell!

*runs away crying*

great you blew our cover


Sounds like that wasn't the only blowing going down.
 
Ambitwistor
‘’ 48 minutes ago  

CrankyAndi: Heard of them?  I WORKED for them.  I have friends there still.   Weird to see them on Fark.


Now we know who to blame.
 
Resin33
‘’ 48 minutes ago  

TWX: Purple_Urkle: Fark it, I'm getting a ham radio license if I want a private conversation.

You do realize that you're not allowed to encrypt on the amateur bands and that there are people that make a hobby of trying to record transmissions on those bands, right?


Would you happen to know of a place where they share the good ones online?
 
gameshowhost [TotalFark] [OhFark]
‘’ 47 minutes ago  

TWX: gameshowhost: kb7rky: gameshowhost: Yikes, I hope they don't find the one where I proposed to my cousin!

You promised you'd never tell!

*runs away crying*

great you blew our cover

Sounds like that wasn't the only blowing going down.


we only felched, i swear
 
jtown
‘’ 41 minutes ago  
Fark user imageView Full Size
 
jtown
‘’ 39 minutes ago  
I can't believe it, Jim. That girl's standing over there listening and you're telling him about our back doors?

Fark user imageView Full Size
 
thehellisthis
‘’ 38 minutes ago  
Without fierce punishment, c-level management and the board of directors at large companies will continue to refuse to fund netsec and put everyone at risk.  I suggest caning.
 
trialpha
‘’ 36 minutes ago  
It's kind of sad that these days email is actually more secure than SMS.

137 Is An Excellent Time: Except 2FA with protocols that lock it to specific devices suck as well. Had Google Authenticator setup for about a dozen accounts. Never realized that it locks to a specific device. Turned in iPhone and got new iPhone, installed GA and yeah, no accounts. Tried to add my accounts again, but wouldn't ya know it, you need the old device to do this.

Long story short is around 8 of those accounts are now permanently locked with no way to access them.

Sweet.

Shoulda used SMS.


This is why anybody worth their salt using device based 2FA also provides you a list of backup codes that you can use if that device fails. You did write those down, right?

Also, it's not really locked to a specific device; it's that the details are only saved on the local device. You could have saved the original QR code and used that to transfer. Hell, Google Authenticator will give you that code if you ask it. You just need to do that before tossing the old phone.

Having Google Authenticator save the account information on some cloud server somewhere would totally defeat the point.
 
west.la.lawyer [recently expired TotalFark]
‘’ 34 minutes ago  
Omg  wtf  >:(
 
CarnySaur [recently expired TotalFark]
‘’ 34 minutes ago  
Suckers!  I deliver all my messages via carrier pigeon!
 
lordjupiter
‘’ 31 minutes ago  
well this explains the surge in selfie porn
 
American-Irish eyes
‘’ 29 minutes ago  

trialpha: It's kind of sad that these days email is actually more secure than SMS.

137 Is An Excellent Time: Except 2FA with protocols that lock it to specific devices suck as well. Had Google Authenticator setup for about a dozen accounts. Never realized that it locks to a specific device. Turned in iPhone and got new iPhone, installed GA and yeah, no accounts. Tried to add my accounts again, but wouldn't ya know it, you need the old device to do this.

Long story short is around 8 of those accounts are now permanently locked with no way to access them.

Sweet.

Shoulda used SMS.

This is why anybody worth their salt using device based 2FA also provides you a list of backup codes that you can use if that device fails. You did write those down, right?

Also, it's not really locked to a specific device; it's that the details are only saved on the local device. You could have saved the original QR code and used that to transfer. Hell, Google Authenticator will give you that code if you ask it. You just need to do that before tossing the old phone.

Having Google Authenticator save the account information on some cloud server somewhere would totally defeat the point.


I have my windows backup somewhere
 
abhorrent1
‘’ 28 minutes ago  
Hope they enjoyed all those pictures of my dick!
 
aungen [OhFark]
‘’ 28 minutes ago  

TWX: Purple_Urkle: Fark it, I'm getting a ham radio license if I want a private conversation.

You do realize that you're not allowed to encrypt on the amateur bands and that there are people that make a hobby of trying to record transmissions on those bands, right?


I ..... think that's the joke, yes. :)
 
Purple_Urkle [TotalFark]
‘’ 28 minutes ago  

TWX: Purple_Urkle: Fark it, I'm getting a ham radio license if I want a private conversation.

You do realize that you're not allowed to encrypt on the amateur bands and that there are people that make a hobby of trying to record transmissions on those bands, right?


You do realize that jokes are things?
 
aungen [OhFark]
‘’ 27 minutes ago  

Purple_Urkle: TWX: Purple_Urkle: Fark it, I'm getting a ham radio license if I want a private conversation.

You do realize that you're not allowed to encrypt on the amateur bands and that there are people that make a hobby of trying to record transmissions on those bands, right?

You do realize that jokes are things?


JINX!
 
Chompachangas [TotalFark]
‘’ 27 minutes ago  
All data transmissions are vulnerable, so be careful what you're putting out there y'all.
 
aungen [OhFark]
‘’ 22 minutes ago  
If 200 'clients,' have their data exposed, is that like 200 people, or 200 billion people?
 
drjekel_mrhyde
‘’ 15 minutes ago  

CarnySaur: Suckers!  I deliver all my messages via carrier pigeon!


Not if a person hacked a pigeon
 
trerro [TotalFark] [OhFark]
‘’ 11 minutes ago  

MusicMakeMyHeadPound: Maybe using SMS for multifactor authentication is a bad idea


It's obviously a really weak version of it, but unfortunately, most of the good ones involve things like devices with changing codes (which can be easily lost and require said device), facial recognition (which can stop working if you shave), fingerprint scanners (which can fail if you have a papercut), and so on.

The ideal second factor would:
1. Be reasonably cheap and easy to implement
2. Not require an easily lost physical object
3. Be extremely unlikely to lock you out
4. Actually provide security

I don't think anyone's found a good mass market one yet.
 
Englebert Slaptyback
‘’ 9 minutes ago  

drjekel_mrhyde: CarnySaur: Suckers!  I deliver all my messages via carrier pigeon!

Not if a person hacked a pigeon



Once they're hacked I think they're called 'squab'.
 
edmo [TotalFark] [OhFark]
‘’ 5 minutes ago  
Nothing out there is secure.
 
Displayed 41 of 41 comments

Log in (at the top of the page) to enable voting.
View Voting Results: Smartest and Funniest

Redisplay/refresh comments
 
If you're having problems voting, quoting, or posting comments, try disabling any browser add-ons that might disable Javascript (NoScript, AdBlock, etc). See our FAQ.
 
   Forgot password? Create an account to make comments
  Use OLD/OBSOLETE HTML Buttons
If you can see this, something's wrong with your browser's CSS support. (Or you're a spambot.)
 
Before adding a comment, please take a minute to review our posting rules and our legal/privacy policy.
By commenting, you agree to these terms. You might also want to take a look at our FAQ.

Continue Farking

If you like these links, you'll love

TotalFark

All the submissions, none of the calories.

learn more | sign up
On Twitter

  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.