this post was submitted on 20 Dec 2024
636 points (98.8% liked)

Technology

60053 readers
2817 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
(page 2) 50 comments
sorted by: hot top controversial new old
[–] someguy@pleroma.someotherguy.xyz 222 points 2 days ago (2 children)

@return2ozma @technology
10 years ago, the Feds wanted backdoors to all of phones so they could read all of our text messages. Now, the Feds want everyone not to use software that has backdoors so the Chinese cannot read our phones. The Feds don't want competition.

[–] Godnroc@lemmy.world 107 points 2 days ago (9 children)

The backdoors they use are there for freedom and justice, the backdoors the "others" use are tools of evil and security risks!

[–] Rentlar@lemmy.ca 45 points 2 days ago (5 children)

"They're the same picture"

load more comments (5 replies)
load more comments (8 replies)
[–] SirEDCaLot 12 points 2 days ago

Absolutely. They were so arrogant they never thought it would happen to us. After all, we are in charge of our own networks so why would we expect the enemy to be at the gates? Let's make those gates out of cardboard so it's easier to spy on everyone.

Of course then you have things like CALEA mandating a back door, you have cheap telecom companies that will happily buy cheap lowest bidder Chinese hardware and install it "everywhere* without concern for security (after all, it's not their data being stolen) and now the enemy isn't just at the gates but inside the walls.

A decade ago, making sure the feds could read everyone's mail was the national security priority. Suddenly when the Chinese can read everyone's mail, good security is the national security priority.

It's too bad there was no way to predict this in advance. Oh wait...

[–] uriel238@lemmy.blahaj.zone 54 points 2 days ago* (last edited 2 days ago) (3 children)

Oh it turns out we needed NSA to do its actual fucking job after all rather than holding onto exploits for the surveillance state.

Now — for the second time — we have an adversarial administration eager to weaponize government departments while Americans are vulnerable. Why? Because America is the good guys and would never abuse its extrajudicial powers (say, by detaining, rendering and torturing Americans with names similar to those of POIs.)

We could have had twenty-four years of robust communications security developments if NSA didnt sell the public out like Judas.

load more comments (3 replies)
[–] Edieto12@lemmy.ca 13 points 1 day ago (3 children)

id take email Authentication over sms Authentication if there was only them 2 let me use my 2facter app for the love of god plz i hate how banks use sms its like come on man

load more comments (3 replies)
[–] rarbg@lemmy.zip 67 points 2 days ago (1 children)

Oh man it sure would be nice if the feds had the power to regulate something like this /s

[–] da_peda@lemmings.world 55 points 2 days ago (8 children)

They did. That's the reason for this hack, they wanted Lawful Interception, they got their backdoor. It's what professionals and privacy advocates said all along, if it exists it will be abused.

[–] EncryptKeeper@lemmy.world 9 points 2 days ago* (last edited 2 days ago)

This isn’t a hack in the way you’re thinking of, nor is it a product of government mandated interception, or a back door. The salt typhoon event you’re referring to is nothing more than the tip of the iceberg of a much bigger problem, which is abuse of the dated SS7 system we’ve known about for decades.

load more comments (7 replies)
[–] bjoern_tantau@swg-empire.de 108 points 2 days ago (1 children)
[–] Ugurcan@lemmy.world 13 points 2 days ago (2 children)

Why the hell is this in 4K HDR?

[–] bjoern_tantau@swg-empire.de 13 points 2 days ago

Only the best for the worst hack in history.

load more comments (1 replies)
[–] umbrella@lemmy.ml 26 points 2 days ago (2 children)

of course it is. forced 2fa BY SMS OF ALL THINGS is one of the stupidest ideas

[–] capital@lemmy.world 14 points 2 days ago (1 children)

I assume businesses only jumped at the chance to enable SMS 2FA to get their greedy little fingers on our phone numbers.

[–] WhatAmLemmy@lemmy.world 2 points 1 day ago

It was the simplest/cheapest form of 2FA to implement. Grandma will never understand how to setup TOTP.

Capitalism requires regulations, otherwise it will ALWAYS do what is cheapest or most profitable, regardless of how dangerous or destructive.

Even stupider is supporting hardware keys for MFA, but having SMS fallback which can't be disabled (looking at you, Vanguard). I'd much rather have email as my second factor than SMS, and I literally abandoned a bank (Ally) for removing email as an alternative to SMS.

[–] Phoenicianpirate@lemm.ee 16 points 2 days ago

Hollywood hacking has nothing on real hacking it seems.

[–] shortwavesurfer@lemmy.zip 66 points 2 days ago (1 children)

Been saying that for years. It's about damn time.

[–] Screen_Shatter@lemmy.world 17 points 2 days ago (11 children)

SMS spoofing and SIM swapping have been around for ages. It was never secure and that's always been known. The number of companies that rely on it despite sending me a zillion other fucking useless emails is too damn high! Email, or better yet, an authenticator app, are far more secure. Not perfect, but better.

load more comments (11 replies)
[–] metaStatic@kbin.earth 37 points 2 days ago (3 children)

in other news grass is green

load more comments (3 replies)
[–] phoneymouse@lemmy.world 28 points 2 days ago* (last edited 2 days ago)

Thank god, give me my HMAC hash please.

Nothing more terrifying than losing your phone number these days because of all the accounts tied to it via 2FA.

[–] Imgonnatrythis@sh.itjust.works 30 points 2 days ago (1 children)

Didn't this happen quite awhile ago? I don't see anything new in this article

[–] Telorand@reddthat.com 52 points 2 days ago (1 children)

The novelty is the fact that it's ongoing. They haven't mitigated the hack. The threat actors are still inside the networks, which is why the government is telling people to switch to E2EE apps.

load more comments (1 replies)
load more comments
view more: ‹ prev next ›