this post was submitted on 23 Jan 2024
39 points (95.3% liked)

Security News

2445 readers
1 users here now

founded 2 years ago
MODERATORS
 

cross-posted from: https://lemy.lol/post/18411383

I just got the email from haveibeenpwned. F Trello.

top 14 comments
sorted by: hot top controversial new old
[–] HeartyBeast@kbin.social 11 points 9 months ago* (last edited 9 months ago)

Thanks for the heads-up, I've just changed my password

Edit - Duh, passwords weren't actually leaked - the ttackers queried Trello with email addresses and got back names, usernames and if the addresses were valid.

[–] infinitevalence@discuss.online 7 points 9 months ago

Well I deleted my account today so good job I guess.

[–] EmperorHenry@infosec.pub 7 points 9 months ago (1 children)

remind me again how digital IDs are going to make us safer when every company with people's personal details is constantly getting hacked?

[–] ComradeKhoumrag@infosec.pub 1 points 9 months ago (1 children)

Centralized or decentralized digital ID?

[–] EmperorHenry@infosec.pub 0 points 9 months ago (1 children)

Neither! They're both a bad idea.

[–] ComradeKhoumrag@infosec.pub 0 points 9 months ago (1 children)

If it's decentralized, you're original point about companies being able to get hacked doesn't apply anymore

[–] EmperorHenry@infosec.pub 0 points 9 months ago (1 children)

Digital IDs are still horrible.

[–] ComradeKhoumrag@infosec.pub 1 points 9 months ago (1 children)

The current ID system we have - social security numbers - are infinitely worse. Add 1 to it and it's another valid SSN. Most of the numbers can be determined with regional info

[–] EmperorHenry@infosec.pub -1 points 9 months ago (2 children)

I don't know who's paying you and all the others to say that shit, but digital IDs aren't about keeping anything safe, it's about controlling the population and locking them out of society when they misbehave. If you make any political statement that rocks the boat you don't exist anymore. If you become a whistleblower, you don't have any freedom anymore. If you do anything at all that the oligarchs don't want you to do, you're not a person anymore.

@EmperorHenry do... Do you think you're somehow immune to this today? People who piss off the powers that be today are silenced pretty effectively. Nobody needs any digital ID infrastructure to do that.

[–] ComradeKhoumrag@infosec.pub 0 points 9 months ago (1 children)

No one's paying me anything, and I'm well informed of the civil liberty issues surrounding government IDs in general, let alone digital or paper.

What I am referencing is decentralized digital ID. There is no ominous they or third party who could control you with a decentralized digital ID. We already have a pretty shitty ID system, but a better ID system with less centralized control can exist

[–] EmperorHenry@infosec.pub 0 points 9 months ago (1 children)

digital IDs are still hackable, even if you have total control over your own, it's still hackable and it gets tracked everywhere you have to show it.

[–] ComradeKhoumrag@infosec.pub 1 points 9 months ago (1 children)

Everything is hackable, even the current form of id we have which is SSN. Decentralized digital ID is orders of magnitude harder to hack, and has even less government control over the ID process. The expectation value to crack modern encryption is measured on eons even if you're using all the power in the sun and physically perfect efficiency in energy to computation conversion

[–] EmperorHenry@infosec.pub 0 points 9 months ago

Everything is hackable,

and digital ID won't make it any better