Bonum Certa Men Certa

Two Factor Surveillance and Fake Security Practices

Related (older, both from early 2021): Fake Security From Linux Foundation and the Monopolies It's Fronting for | Fake Security is Still a Real Problem, Even in the GNU/Linux (and BSD) Spheres

Videos below (newer): Google Tricking Me to Get a Phone Number (2FA)! Why This is Not About Security | 2FA is a Big Tech Scam! You Must Resist!

Video download link



Video download link



Summary: Rob's videos have recently covered some of the reasons why "2FA is a Big Tech Scam!" and "Why This is Not About Security"; so today we want to highlight some of the issues (there's more on that coming up tomorrow)

OVER the past few years there was growing adoption of 2FA, which is typically marketed as "security" (sometimes falsely). A number of good articles on this topic highlighted the issues associated with recycled numbers, SS7 issues, among other things.

Two hands and many phoneSee articles like "Stop using your phone number for two-factor authentication" and read up on what Pegasus was doing. Giving your phone number away and associating a back-doored device with authentication is basically a bad idea. Also see ample media coverage about the pitfalls associated with lost devices -- a subject we'll mention in passing tomorrow.

As our associate notes, "that's the high-profile stuff requiring the attacker actually expend effort, but the topics covered in Rob's video are more relevant to your average person..."

"Part III," which we'll publish tomorrow, "could expound ever so briefly on why smartphones fail at 2FA," our associate notes.

Rob's "presentation style is a bit ranty but the substance is all accurate," our associate says. Since it's one topic we never quite covered (I am not entirely ignorant about it, but my explanation would be poor, unconvincing, terse) and since we're going to be writing more about "Smartphones" (Spyphones) in the future, it's never too late to catch up. Another under-reported and grossly neglected (barely covered) issue is ClownFlare's takeover or control of Web traffic.

For now, or today at least, we focus on the problem with 2FA over "smart" (spy) phones, just ahead of Part III of My Year as a Digital Vegan.

Andy himself has told me that "this is hard to explain. I think a key issue - as I've presented it to my cybersecurity classes ( and it's a Bruce Schneier thing) that an illusion of security (trustworthyness) of one factor can be an overall negative (real) security impact."

He has further used this analogy: "In reality they should operate as if in series/cascade however people treat the factors such they function as if in parallel, which as for an electrical circuit resistance, brings down the security."

Recent Techrights' Posts

Rumour of IBM 'Bloodbath' in Clown Computing
Performance Improvement Plans mean one step ahead or before layoffs
(Live-)Stream of Richard Stallman's Latest Talk in Europe (No Longer Live)
The latest public talk and Live-Streamed schedule were announced early on for the public to know about
Richard Stallman is Already in India, Giving Talks About Microsoft Chaffbots and More
he's already giving some talks in India
Drunk on Chatbots, LinuxSecurity.com Spews Out More LLM Slop About "Wine"
They just keep googlebombing "Linux" and "Security" using slop
Gemini Links 24/01/2025: The "Hey Hi" Hype Continues Fading, Tesla/X/Twitter/SpaceX Associate With Nazism
Links for the day
Robbery at the European Patent Office (EPO), Office Staff as 'Prisoners'
publication from the Central Staff Committee, dated yesterday
Techrights in 0.036 Seconds
Combining Gemini and HTTP/S, yesterday we served an impressive number of requests
BetaNews Run by Plagiarism Bots That Googlebomb (for SEO) "Linux"
Google rewards and thus encourages plagiarism
IBM Titles Considered Worthless and Many IBM 'Fellows' Are Vanishing (Also: IBM Staff Inside Linux Attacks the Rights of Computer Users for Recognition or Rewards Like "Distinguished Engineer")
James Bottomley is still "a Distinguished Engineer at IBM"
 
IBM Layoffs (or Replacement With Low-Cost Labourers) Far Greater Than Reported by IBM
they serve to confirm what we've long said not only in relation to IBM but also Microsoft
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, January 24, 2025
IRC logs for Friday, January 24, 2025
Dr. Andy Farnell: "Richard Stallman Chose to Stand For the Rights of People to Use Technology as They Wish. He Chose Freedom Instead of Riches."
Keeping busy in public transport
Gemini Links 24/01/2025: Drehgriffel, Computer Science and Capitalism
Links for the day
Microsoft Lost a Ton of Market Share in Web Servers Last Month (the Last Month of 2024) and Massive Losses Continue in 2025, Shows New Report
Microsoft down sharply
Microsoft (Nick Vidal) and Co-opting "Open Future" With Microsoft-led "Open Source AI Definition" (Openwashing LLM Slop and GPL Violations)
Microsoft is tainting all sorts of groups via the OSI
Microsoft, IBM, and Front Groups That Advance Racism for Profit
IBM has profited a lot from racism and it still does
FOSDEM and 'No Nazis'
the issue isn't wealth but principles
Gemini Links 24/01/2025: "Social" Control Media is Unsatisfying; An Old Call for a Gemini Without TLS
Links for the day
[Meme] Levels of Outrage
Apparently it's hip for criminals to leverage "the law" to silence their exposers
Links 24/01/2025: Earthquake, Landslide, and Official Implicated in Airplane With Landing Gear Issues (Boeing Plane) "Found Dead"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, January 23, 2025
IRC logs for Thursday, January 23, 2025
CDN Giant: Microsoft Bing and Skype Collapsed Since the LLM Hype, Same as Other Metrics Show
No wonder Microsoft managers suffer anxiety and there are several waves of layoffs even on the same month
Gemini Links 23/01/2025: Experience With Outer Wilds and Gifting a Site
Links for the day
Slopwatch: Fake 'Articles' About Linux by Brian Fagioli and by Brittany Day in BetaNews and linuxsecurity.com (LLM Slop Sites That Are Online Leeches or SEO Operations Working Against Free Software Journalism)
Two new examples for today
Links 23/01/2025: More Overt Constitutional Violations and "TikTok Executive Order" (White Flag to CCP)
Links for the day
Status of New Year's Resolutions
3 weeks later
"The AI Bubble is Popping", Now It's Bailout Time
The hype will quietly fizzle, just like "blockchains"
[Meme] When the Government of the Netherlands Participates in Your Crimes It Lacks an Incentive to Hold You Accountable for Crimes
the EPO's corrupt management boasted (on television) that it would ignore rulings against it even if issued by the highest Dutch court
Links 23/01/2025: US Constitution Already Besieged (Impeachable Offences Pile Up), Arrest Warrant for Assad
Links for the day
Microsoft's Head of Business Development Quits (Days After Two Large Waves of Mass Layoffs)
We recently learned that people close to the management are very stressed this month
[Meme] Reliable Sources
Sooner or later LLMs swallow up their own lies (that they generated), which means that over time those things will only deteriorate further, exacerbating an already-large misinformation pandemic
BetaNews Plagiarising Work in the Linux Space
The originals won't even be listed
Gemini Links 23/01/2025: US Politics and DevOps Career
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 22, 2025
IRC logs for Wednesday, January 22, 2025