• Please use real names.

    Greetings to all who have registered to OPF and those guests taking a look around. Please use real names. Registrations with fictitious names will not be processed. REAL NAMES ONLY will be processed

    Firstname Lastname

    Register

    We are a courteous and supportive community. No need to hide behind an alia. If you have a genuine need for privacy/secrecy then let me know!
  • Welcome to the new site. Here's a thread about the update where you can post your feedback, ask questions or spot those nasty bugs!

Warning! Beware of This: Single point of failure

Jerome Marot

Well-known member
Nowadays everything wants to be linked to the unique serial number of your smartphone for "secure authentication". That makes it a single point of failure, by design. Then, the battery had to fail when I am on vacation far from the required special tools...

6DA775A3-4CBC-4DEC-AA6B-71EE21B265CC.jpeg

As the picture shows, I was able to order tools and replacement battery and did the exchange myself. But I worry about what would have happened if I had been traveling to the other side of the world.
 

Asher Kelman

OPF Owner/Editor-in-Chief
Nowadays everything wants to be linked to the unique serial number of your smartphone for "secure authentication". That makes it a single point of failure, by design. Then, the battery had to fail when I am on vacation far from the required special tools...

As the picture shows, I was able to order tools and replacement battery and did the exchange myself. But I worry about what would have happened if I had been traveling to the other side of the world.
But you were traveling “on the other side of the world“, LOL!

But you make a great point. It means one has to take one’s iOS tablet along too!

Can the iOS watch for those emergency numbers without having a functioning phone?

Asher
 

Jerome Marot

Well-known member
But you make a great point. It means one has to take one’s iOS tablet along too!

Can the iOS watch for those emergency numbers without having a functioning phone?


They are not "numbers".

The modern world considers that every customer of interest already has a smartphone. The modern world, aided by recent legislation in Europe, has also decided that two factors authentication should be compulsory when the majority of users believes that "12345" is a safe password. As a consequence, my work, my bank, etc... decided that I must identify with a smartphone. They give me an "app", which uses a cryptographic key that is uniquely linked to the smartphone serial number. The idea is that a would be hacker cannot copy the info somewhere else, the token is linked to a physical object.

If the physical object fails, I must go back to the bank, workplace, etc... to get a new token. I can't simply get a new smartphone and restore a backup as that would defeat the purpose. I also cannot get two tokens, one for a smartphone and one for a tablet.
 

Asher Kelman

OPF Owner/Editor-in-Chief
They are not "numbers".

The modern world considers that every customer of interest already has a smartphone. The modern world, aided by recent legislation in Europe, has also decided that two factors authentication should be compulsory when the majority of users believes that "12345" is a safe password. As a consequence, my work, my bank, etc... decided that I must identify with a smartphone. They give me an "app", which uses a cryptographic key that is uniquely linked to the smartphone serial number. The idea is that a would be hacker cannot copy the info somewhere else, the token is linked to a physical object.

If the physical object fails, I must go back to the bank, workplace, etc... to get a new token. I can't simply get a new smartphone and restore a backup as that would defeat the purpose. I also cannot get two tokens, one for a smartphone and one for a tablet.
Well what about someone just talking to you on the phone. Just how how they access your data?

A friend had a selfie picture taken with Vladimir and then got a call 15 minutes later congratulating her and another 15 minutes later that picture was on a plethora of Russian official websites!

Asher
 

Jerome Marot

Well-known member
Well what about someone just talking to you on the phone. Just how how they access your data?

A friend had a selfie picture taken with Vladimir and then got a call 15 minutes later congratulating her and another 15 minutes later that picture was on a plethora of Russian official websites!

This is a different problem. Please remember that these smartphones upload by default all their data to Google (Android) or Apple (iOS) servers. In the case you cited, it is likely that she did not configure her photo uploads to be private by default. Keep in mind that most hacking happens because of simple user errors.
 

Asher Kelman

OPF Owner/Editor-in-Chief
This is a different problem. Please remember that these smartphones upload by default all their data to Google (Android) or Apple (iOS) servers. In the case you cited, it is likely that she did not configure her photo uploads to be private by default. Keep in mind that most hacking happens because of simple user errors.
Does that mean, when you call an iPhone, you can gain access and copy any images not labelled as “private”?

Jérôme, is this something you or I could do, or does it require some State-financed, high level hacking?

Asher
 
Top