The importance of multi-factor authentication
-
I always stress to other people that you can never be too careful with your personal information online. Alas, even if you are careful, it doesn't always protect you. All of my person information was nabbed in this data breach, OPM Hack[^]. The information they got was the complete documentation gathered by federal investigators for secret and top secret security clearances, which is basically your whole life, for 20+ million civilian and military personnel.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
And to think, before that I was cagy about giving up my phone number for store loyalty cards. Every time I STIG software or a database I wonder: WTF OPM DCO?
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
-
I had my CC compromised in restaurants twice -- nope, couldn't prove it, but everything pointed to the server being the culprit. Since then I pay cash in restaurants unless it's a situation where the CC does not leave my sight.
-
I've refused a free meal on my birthday in a restaurant where the catch was that I had to hand in my drivers license for scanning.
Never heard of that before, but like you, I'd refuse.
-
Ha, I've learned that some credit cards are MUCH better at detecting fraud than others. In the past 5 years, the family has lost 6 credit cards due to corporate fraud (Home Depot, Target, etc). Last year, I'm pretty sure a gas pump / station was skimming cards (and I'm careful about this) and got our main card. $1800 worth of iTunes purchases later (all in 3-4 days), every single transaction went through. CC company was not happy when I called them. "Are you sure you did not make these purchases?" yeah, right. On the other hand, my business cc company calls me at the slightest whim.
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
I have set a threshold with Discover. I get an email for any transaction over that threshold. Immediately. Lou "The trouble with children is that they are not returnable."
-
And to think, before that I was cagy about giving up my phone number for store loyalty cards. Every time I STIG software or a database I wonder: WTF OPM DCO?
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
-
Not sure if this sarcasm, but there are open source SMTP/MTA products out there. Although they have a learning curve.
Jeremy Falcon
FWIIW: 2 Open source mail servers (I am sure there are many others): Linux: Sendmail, looks like steep learning curve. Windows: hmailserver, fairly shallow learning curve. I went there having Exchange experience. Looks like good support forums, haven't had to use them. I am running hmailserver in a virtual machine on a Linux host with other VM's. Have a separate domain name (about $10 a year), run all email through an anti-spam/AV service ($30 a year for 5 email addresses), router set up to only accept email from that service (port 25). AS/AV service will also archive email (seems like that was another $20 a year for 5GB), in case my mail server goes off line. I do pay for 5 static IP's (for other reasons) but I suspect that a Dynamic IP service would suffice. Lou "The trouble with children is that they are not returnable."
-
They say that 2016 was the year of the hack. 2017 will be the year of data exploitation.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
100% agree. The current prevalence of ransomware makes this pretty apparent.
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
-
I always stress to other people that you can never be too careful with your personal information online. Alas, even if you are careful, it doesn't always protect you. All of my person information was nabbed in this data breach, OPM Hack[^]. The information they got was the complete documentation gathered by federal investigators for secret and top secret security clearances, which is basically your whole life, for 20+ million civilian and military personnel.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
Ah, so solution 2 is obvious: Don't join the army; get a Real job!
I wanna be a eunuchs developer! Pass me a bread knife!
-
100% agree. The current prevalence of ransomware makes this pretty apparent.
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
I have seen ransomware sneak into protected servers. I have no doubt that, this year, we will see ransomware grow in complexity and capability so that it can infect and encrypt corporate share drives, the holy grail of got them by the balls, and guaranteed huge payouts.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
-
Ah, so solution 2 is obvious: Don't join the army; get a Real job!
I wanna be a eunuchs developer! Pass me a bread knife!
First, I was Navy. Second, I wish is was that easy but I was not all that smart in my youth. Bad decisions made improving my life neigh impossible and were making jail time increasingly likely. Needed to step out of my life. The military provided a life reboot and I don't regret it. A lot of people in my hometown have never been outside of the state and most have never been outside the country. I, on the other hand, have been multiple countries on both sides of the ring of fire. Seeing how the world actually works and living in different cultures has made me a better human being. You can't put a price-tag on that.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
-
FWIIW: 2 Open source mail servers (I am sure there are many others): Linux: Sendmail, looks like steep learning curve. Windows: hmailserver, fairly shallow learning curve. I went there having Exchange experience. Looks like good support forums, haven't had to use them. I am running hmailserver in a virtual machine on a Linux host with other VM's. Have a separate domain name (about $10 a year), run all email through an anti-spam/AV service ($30 a year for 5 email addresses), router set up to only accept email from that service (port 25). AS/AV service will also archive email (seems like that was another $20 a year for 5GB), in case my mail server goes off line. I do pay for 5 static IP's (for other reasons) but I suspect that a Dynamic IP service would suffice. Lou "The trouble with children is that they are not returnable."
Could you send me some more details on your setup? The way you have it seems a lot more cost-effective then the way I was envisioning it. It seems that I would have to learn a lot to accomplish it being that my Linux exposure is pretty much zip.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
-
First, I was Navy. Second, I wish is was that easy but I was not all that smart in my youth. Bad decisions made improving my life neigh impossible and were making jail time increasingly likely. Needed to step out of my life. The military provided a life reboot and I don't regret it. A lot of people in my hometown have never been outside of the state and most have never been outside the country. I, on the other hand, have been multiple countries on both sides of the ring of fire. Seeing how the world actually works and living in different cultures has made me a better human being. You can't put a price-tag on that.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
You won't hear me complain about the navy (RN, in my case). My father was of decent rank, so we got to go with him wherever he was stationed. I'd seen half the world before I was old enough to go to uni -- and the RN puts on terrific events for their kids; it was not an unhappy childhood.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Could you send me some more details on your setup? The way you have it seems a lot more cost-effective then the way I was envisioning it. It seems that I would have to learn a lot to accomplish it being that my Linux exposure is pretty much zip.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
You don't have to use Linux, I use it because I also use it for my Workstation doing most of my development in Windows7/10 virtual machines. You could just as easily run the VM using a Windows system as the host, virtualbox and vmplayer are free to use, don't think player is open source though. But, if you can program in Javascript, Linux has to be child's play. If you would like more detail, email me.
Lou "The trouble with children is that they are not returnable."
-
I have seen ransomware sneak into protected servers. I have no doubt that, this year, we will see ransomware grow in complexity and capability so that it can infect and encrypt corporate share drives, the holy grail of got them by the balls, and guaranteed huge payouts.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
Funny you mention this, we just moved a client to PHYSICAL VPNs for their external users, and now, by default all shares are R/O except that persons. And the NAS is being used to send alerts of too many files are being re-written from a single PC, and we ENABLED 48hr NAS recycle bin type feature. We have all seen too many of these ransomware programs that get in, and encrypt their backups other data, and then the machine itself making it impossible to recover. I have personally adjusted my backup procedures to backup to a NAS folder that is R/O except for the backup software login credentials... It's getting dangerous out there. Kirk Out!
-
Ha, I've learned that some credit cards are MUCH better at detecting fraud than others. In the past 5 years, the family has lost 6 credit cards due to corporate fraud (Home Depot, Target, etc). Last year, I'm pretty sure a gas pump / station was skimming cards (and I'm careful about this) and got our main card. $1800 worth of iTunes purchases later (all in 3-4 days), every single transaction went through. CC company was not happy when I called them. "Are you sure you did not make these purchases?" yeah, right. On the other hand, my business cc company calls me at the slightest whim.
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Charlie, This is the ONE good thing I have to say about CitiBank. They call me while I am in line (sometimes it is creepy, it seems like they are watching me wait in line... LOL)... Text me now. Did you really spend $107.00 on duct tape and diapers? Should we send a babysitter to this house? :-))) American Express has been AMAZING with this as well. Although they deny a few more charges than I like. They have actually called me after using a gas station in a "Really Really dangerous part of Detroit" to make sure I was Okay... And I had my card with me... About 6 times I have had my card compromised, and once for over 10,000.00 on a single purchase. Never had to pay a dime of it. Will NEVER use a debit card because they don't protect you as well... Also, we found it help to call ahead and warn the company we are traveling to Russia or Australia :-)
-
Today my girlfriend has learned the hard way why you need to keep an eye on your personal digital foot-print. I am guessing that she was part of that massive Yahoo data breach from mid-2016 where they nabbed around a billion records. They managed to hijack her yahoo account. With that, they then managed to get logged into her Sprint account. Once they got into Sprint, they then proceeded to order 4 iPhone 7's and then had them shipped here, some empty storefront in Orlando, Florida. I guess the phones are already in S. America ready for sale to Argentinian tourists. In short order I had her Yahoo account secured again but her cell phone account is locked down. This all could have been avoided if she switched over to their two-factor authentication like I did when they started offering it. Some digital lessons are painful to learn :doh: :sigh:
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
What timing. Just this morning I received a life saving payment, but as my credit card was blocked because it went over limit without me knowing, the bank tells me I can make online payments, but have to wait 24 hours to be able to draw cash or swipe. I was first a little taken aback: "What, almost anonymous online payments are OK, but an in person with ID withdrawal not? You gotta be kidding!" This is after making one online payment to my ISP, then seeing my available balance, went to draw cash and was declined. But, looking back, that payment required two factor auth, via an SMS. I still think email would be more secure, but both a lot more secure than someone with my card and PIN (only happened once, when I was young and stupid), or me banking with someone that doesn't require two factor. Then all the perp needs is written all over the card I just lost, or had stolen, or jammed in an ATM, whatever means. Made me glad I've provisioned for it in my latest project, a WPF client to Web API 2. Off on a tangent, I would have sooo loved to try the API in .NET Core, but that is still such a distant planet.
Follow my adventures with .NET Core at my new blog, Erisia Information Services.
-
What timing. Just this morning I received a life saving payment, but as my credit card was blocked because it went over limit without me knowing, the bank tells me I can make online payments, but have to wait 24 hours to be able to draw cash or swipe. I was first a little taken aback: "What, almost anonymous online payments are OK, but an in person with ID withdrawal not? You gotta be kidding!" This is after making one online payment to my ISP, then seeing my available balance, went to draw cash and was declined. But, looking back, that payment required two factor auth, via an SMS. I still think email would be more secure, but both a lot more secure than someone with my card and PIN (only happened once, when I was young and stupid), or me banking with someone that doesn't require two factor. Then all the perp needs is written all over the card I just lost, or had stolen, or jammed in an ATM, whatever means. Made me glad I've provisioned for it in my latest project, a WPF client to Web API 2. Off on a tangent, I would have sooo loved to try the API in .NET Core, but that is still such a distant planet.
Follow my adventures with .NET Core at my new blog, Erisia Information Services.
Most people think that verifying who you are twice is a waste of time but, considering what the results of thieves cracking just one email account can be, I gladly accept the additional steps.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
-
...and stop using Yahoo. :^)
Jeremy Falcon
-
Either that or don't give details of your entire life over to a fruggin' web-site. Signed, Someone whose name is not Mark Wallace
I wanna be a eunuchs developer! Pass me a bread knife!
Why did she give her phone number to Yahoo/Google at first place? For safety reasons? Once your/her account data is stolen, the mobile phone number is also stolen. And bad guys from Russia, Mazambik or Serbia can easily make temporary fake phone from there. There is no such thing as security on mobile. Smartphone plus internet equals disaster. Multi-factor authentication is good, yet it cannot help you as long as your internet access point is on public router. Once again: THERE IS NO SECURITY ON MOBILE!!!!!!!!!!!
-
First, I was Navy. Second, I wish is was that easy but I was not all that smart in my youth. Bad decisions made improving my life neigh impossible and were making jail time increasingly likely. Needed to step out of my life. The military provided a life reboot and I don't regret it. A lot of people in my hometown have never been outside of the state and most have never been outside the country. I, on the other hand, have been multiple countries on both sides of the ring of fire. Seeing how the world actually works and living in different cultures has made me a better human being. You can't put a price-tag on that.
if (Object.DividedByZero == true) { Universe.Implode(); } Meus ratio ex fortis machina. Simplicitatis de formae ac munus. -Foothill, 2016
Sounds like a good reason to reinstate the draft. All people over 18 go do time in the military. It may even make the USA a better nation with less infighting.
