this post was submitted on 24 Dec 2023
462 points (98.9% liked)
Programmer Humor
19623 readers
2738 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Wow would you look at that, still none of them cover what SMS is >:( Almost like it's not a second factor, and fuck every corporation that tries to claim that it is
SMS is something you have, IE access to your phone. Doesn't mean it's the best option, SMS is notorious for being insecure
The 10,000 support staff with dubious social engineering training at your service provider are not "something you have". Case in point literally a few weeks ago https://arstechnica.com/tech-policy/2023/12/verizon-fell-for-fake-search-warrant-gave-victims-phone-data-to-stalker/
This is an article describing someone impersonating an officer and submitting a fake warrant. It's incredible that Verizon fell for it, but what does it have to do with SMS?
It means that if I want access to something that has been texted to you, I don't exactly need to be a government in order to get it.
It would be fine if it weren’t for sim swapping.
But try asking anyone at your bank about a yubikey and watch them stare at you like you have broccoli growing out of your ears.