Collaborate Disseminate
There are two bits of apparently contradictory advice on the internet. The first is somewhat harder to find because it seems so obvious:
Don’t give out your personal information unless you first find out how it’s going to be used and how… Continue reading Is there a cryptographic solution to the GDPR SAR ID check problem? [migrated]
When shopping on temu, while logged in to an account for which temu has a credit card and physical address and browsing normally, I am presented by an slider CAPTCHA frequently enough that it is irritating.
From a search here, it seems a u… Continue reading What is the purpose of the temu captchas?
It is reported that it seems people are brute forcing the lastpass database and extracting cryptocurrency seeds.
A basic functionality of LastPass is that it will pick and remember lengthy, complex passwords for each of your websites or o… Continue reading Is there a good reason offline brute force attacks work on the lastpass database of random passwords? [closed]
There are commercial spyware products on the market that allow access to significant functions on the infected phones without the users knowledge. These include ALIEN and PREDATOR from Intellexa, and FORCEDENTRY and Pegasus from NSO.
Pass… Continue reading Do commercial spyware products allow the attacker to access services protected by PIN secured passkeys on Android/iOS phones?
HSBC Bank plc (UK) has a OTP system to confirm online payments via SMS. The 6 figure number is sent to the user who enters it into the website. Sometimes the cards registered email address is requested at the same time. This is via a tex… Continue reading What is the value of no paste text boxes for bank web sites?
For example Microsoft Outlook web based email service can be configured to require both a username/password combination and a time-based one-time password (TOTP) generated by the algorithm described in RFC 6238. This will frequently be im… Continue reading Is a TOTP with RFC 6238 and a password in a manager 2FA? [duplicate]
I asked this question in money about telling my bank about using a second hand or grey market mobile phone. The the implication of some of the comments is that any worry is misplaced.
It seems to me that one could be exposed to financial … Continue reading Is using a second hand/grey market phone for banking security a credible risk?