• Please use real names.

    Greetings to all who have registered to OPF and those guests taking a look around. Please use real names. Registrations with fictitious names will not be processed. REAL NAMES ONLY will be processed

    Firstname Lastname

    Register

    We are a courteous and supportive community. No need to hide behind an alia. If you have a genuine need for privacy/secrecy then let me know!
  • Welcome to the new site. Here's a thread about the update where you can post your feedback, ask questions or spot those nasty bugs!

Warning! Beware of This: Single point of failure

Jerome Marot

Jerome Marot

Well-known member
Nowadays everything wants to be linked to the unique serial number of your smartphone for "secure authentication". That makes it a single point of failure, by design. Then, the battery had to fail when I am on vacation far from the required special tools...

6DA775A3-4CBC-4DEC-AA6B-71EE21B265CC.jpeg

As the picture shows, I was able to order tools and replacement battery and did the exchange myself. But I worry about what would have happened if I had been traveling to the other side of the world.
 
Asher Kelman

Asher Kelman

OPF Owner/Editor-in-Chief
Jerome Marot said:
Nowadays everything wants to be linked to the unique serial number of your smartphone for "secure authentication". That makes it a single point of failure, by design. Then, the battery had to fail when I am on vacation far from the required special tools...

As the picture shows, I was able to order tools and replacement battery and did the exchange myself. But I worry about what would have happened if I had been traveling to the other side of the world.
Click to expand...
But you were traveling “on the other side of the world“, LOL!

But you make a great point. It means one has to take one’s iOS tablet along too!

Can the iOS watch for those emergency numbers without having a functioning phone?

Asher
 
Jerome Marot

Jerome Marot

Well-known member
Asher Kelman said:
But you make a great point. It means one has to take one’s iOS tablet along too!

Can the iOS watch for those emergency numbers without having a functioning phone?
Click to expand...


They are not "numbers".

The modern world considers that every customer of interest already has a smartphone. The modern world, aided by recent legislation in Europe, has also decided that two factors authentication should be compulsory when the majority of users believes that "12345" is a safe password. As a consequence, my work, my bank, etc... decided that I must identify with a smartphone. They give me an "app", which uses a cryptographic key that is uniquely linked to the smartphone serial number. The idea is that a would be hacker cannot copy the info somewhere else, the token is linked to a physical object.

If the physical object fails, I must go back to the bank, workplace, etc... to get a new token. I can't simply get a new smartphone and restore a backup as that would defeat the purpose. I also cannot get two tokens, one for a smartphone and one for a tablet.
 
Asher Kelman

Asher Kelman

OPF Owner/Editor-in-Chief
Jerome Marot said:
They are not "numbers".

The modern world considers that every customer of interest already has a smartphone. The modern world, aided by recent legislation in Europe, has also decided that two factors authentication should be compulsory when the majority of users believes that "12345" is a safe password. As a consequence, my work, my bank, etc... decided that I must identify with a smartphone. They give me an "app", which uses a cryptographic key that is uniquely linked to the smartphone serial number. The idea is that a would be hacker cannot copy the info somewhere else, the token is linked to a physical object.

If the physical object fails, I must go back to the bank, workplace, etc... to get a new token. I can't simply get a new smartphone and restore a backup as that would defeat the purpose. I also cannot get two tokens, one for a smartphone and one for a tablet.
Click to expand...
Well what about someone just talking to you on the phone. Just how how they access your data?

A friend had a selfie picture taken with Vladimir and then got a call 15 minutes later congratulating her and another 15 minutes later that picture was on a plethora of Russian official websites!

Asher
 
Jerome Marot

Jerome Marot

Well-known member
Asher Kelman said:
Well what about someone just talking to you on the phone. Just how how they access your data?

A friend had a selfie picture taken with Vladimir and then got a call 15 minutes later congratulating her and another 15 minutes later that picture was on a plethora of Russian official websites!
Click to expand...

This is a different problem. Please remember that these smartphones upload by default all their data to Google (Android) or Apple (iOS) servers. In the case you cited, it is likely that she did not configure her photo uploads to be private by default. Keep in mind that most hacking happens because of simple user errors.
 
Asher Kelman

Asher Kelman

OPF Owner/Editor-in-Chief
Jerome Marot said:
This is a different problem. Please remember that these smartphones upload by default all their data to Google (Android) or Apple (iOS) servers. In the case you cited, it is likely that she did not configure her photo uploads to be private by default. Keep in mind that most hacking happens because of simple user errors.
Click to expand...
Does that mean, when you call an iPhone, you can gain access and copy any images not labelled as “private”?

Jérôme, is this something you or I could do, or does it require some State-financed, high level hacking?

Asher
 
You must log in or register to reply here.
Top