|
https://goatkcd.com/936/ sadly this isn't nearly as amusing as id hoped
|
# ? Aug 20, 2017 21:46 |
|
|
# ? May 13, 2024 23:05 |
|
Mo_Steel posted:Can't wait to have a password manager implanted in a chip in my arm that I unlock with a specific set of hand gestures along with a voice password and then find some way to get it to autotype using my nerve endings, let's get this techno future going already. *jerking off motion* "i'm in"
|
# ? Aug 20, 2017 22:01 |
|
anatoliy pltkrvkay posted:https://goatkcd.com/936/ 1875 is slightly better. Yet sadly far less security related.
|
# ? Aug 20, 2017 22:21 |
|
maskenfreiheit posted:that's fine tbh... the big thing is i have it in place and if they give away my $ without it they're 100% liable and possibly getting slapped by the ftc for deceptive practices. This happened to the chief technologist of the FTC and.... nothing happened. I cant find an article confirming that she did not have a pin or passphrase associated with the account, but it happened to Krebs as well https://www.ftc.gov/news-events/blogs/techftc/2016/06/your-mobile-phone-account-could-be-hijacked-identity-thief
|
# ? Aug 20, 2017 22:28 |
|
Trabisnikof posted:Can you point to some past FTC enforcement actions against companies who customer service reps allow account changes without suffient authorization? not specifically. but at the higher level, if you make a representatiom about your product, if you don't follow through that's a deceptive trade practice. so if you say "we offer verbal passwords to ensure no unauthorized persons can use your brokerage account" (which several companies do) then authorize a trade w/o it, that's a deceptive trade practice, which triggers section 5 authority (The SEC probably has some stuff that applies too but nothing I can rattle off the top of my head)
|
# ? Aug 20, 2017 22:30 |
|
maskenfreiheit posted:not specifically. I don't think it counts as deceptive trade practices if they have the official policy of "mandatory verbal passwords" and then just incentivize the gently caress out of breaking that rule with inane call center evaluation metrics. right?
|
# ? Aug 20, 2017 23:39 |
|
Trabisnikof posted:I don't think it counts as deceptive trade practices if they have the official policy of "mandatory verbal passwords" and then just incentivize the gently caress out of breaking that rule with inane call center evaluation metrics. right? if you market a feature/policy then don't follow it, that's deceptive. the entirety of the ftc's privacy authority, for example, comes from the fact that if you publish a privacy policy then don't follow it, that is a deceptive trade practice. similarly, making security claims of ways you protect a user's data then not following through are also deceptive. now, if they discipline the rep and make the customer whole, nothing would come of it, and i suspect someone who's account was drained w/o the verbal PW would almost certainly be made whole.
|
# ? Aug 20, 2017 23:44 |
|
https://twitter.com/coderobe/status/899338754690883584
|
# ? Aug 20, 2017 23:54 |
|
maskenfreiheit posted:that's fine tbh... the big thing is i have it in place and if they give away my $ without it they're 100% liable and possibly getting slapped by the ftc for deceptive practices. maskenfreiheit posted:if you market a feature/policy then don't follow it, that's deceptive. the entirety of the ftc's privacy authority, for example, comes from the fact that if you publish a privacy policy then don't follow it, that is a deceptive trade practice. My bank account is protected by a SMS, because actual two factor is too hard for banks. Hackers take 5 figures from me. Who, pray tell, ACTUALLY makes me whole here, in reality?
|
# ? Aug 21, 2017 00:02 |
|
Volmarias posted:My bank account is protected by a SMS, because actual two factor is too hard for banks. Hackers take 5 figures from me. Who, pray tell, ACTUALLY makes me whole here, in reality? it's my understanding you're not responsible for fraud, you should file a police report and threaten to contact CFPB.
|
# ? Aug 21, 2017 00:31 |
|
my credit union has supported 2fa via totp for years. suck it up nationwide bank customers
|
# ? Aug 21, 2017 00:42 |
|
maskenfreiheit posted:it's my understanding you're not responsible for fraud, you should file a police report and threaten to contact CFPB. that's almost definitely the case but given what i know about banks i can't imagine getting the money back will be an easy or painless process
|
# ? Aug 21, 2017 00:56 |
|
vOv posted:that's almost definitely the case but given what i know about banks i can't imagine getting the money back will be an easy or painless process yeah, this is why i have two checking accounts one is direct deposit, and pays out to rent, ccs, etc. the other i keep a couple k in and use at atms to get walking around money worst case if someone skims my atm pin it's not as huge an issue
|
# ? Aug 21, 2017 01:28 |
|
i have only debt so if someone steals my atm pin lol jokes on them
|
# ? Aug 21, 2017 01:33 |
|
maskenfreiheit posted:yeah, this is why i have two checking accounts literally everything you post gives more evidence to the idea that you're participating in some kind of criminal enterprise
|
# ? Aug 21, 2017 01:38 |
|
CommunistPancake posted:literally everything you post gives more evidence to the idea that you're participating in some kind of criminal enterprise don't dox me
|
# ? Aug 21, 2017 01:40 |
|
maskenfreiheit posted:yeah, this is why i have two checking accounts poo poo that's not a bad idea
|
# ? Aug 21, 2017 01:40 |
|
Fergus Mac Roich posted:poo poo that's not a bad idea yeah the problem is if someone drains your account they can keep the funds frozen while they investigate, and then your rent/cc bills go unpaid.
|
# ? Aug 21, 2017 01:44 |
|
CommunistPancake posted:literally everything you post gives more evidence to the idea that you're participating in some kind of criminal enterprise lol if you arent gently caress the law
|
# ? Aug 21, 2017 01:51 |
|
CommunistPancake posted:literally everything you post gives more evidence to the idea that you're participating in some kind of criminal enterprise i have three checking accounts do i look like a criminal (it's so I can physically separate my "fun money", my wife's "fun money" and the "don't touch this it pays the bills" money because i can't logically separate them because i am bad)
|
# ? Aug 21, 2017 14:20 |
|
ate all the Oreos posted:i have three checking accounts do i look like a criminal so which dark net market do you run?
|
# ? Aug 21, 2017 15:52 |
|
maskenfreiheit posted:so which dark net market do you run? criminalfloweroutlet (dot) org
|
# ? Aug 21, 2017 15:58 |
|
I really really hope that multiple accounts doesn't flag anything
|
# ? Aug 21, 2017 15:58 |
|
Subjunctive posted:I really really hope that multiple accounts doesn't flag anything at one point i was doing what flyertalk calls "manufactured spending". this involves artifically generating charges on a credit card to meet a minimum spending requirement and receive sweet, sweet airline points. the general idea was to purchase generic visa gift cards. they passed a law that these cards have to be able to be run as debit cards. you can use debit cards to buy money orders. so you buy a bunch of $500 gift cards at kroger (2.99 per 500), use them to buy money orders at like 25¢ per 1k, then deposit the money order at your bank - funds immediately become available because it's a MO, and then you can pay down the couple thousand on your CC immediately so you're not at your CL limit. i did this with two different credit cards, generating enough points to fly to prague and back first class, and nobody batted an eye it takes a lot to weird out banks, they have godview and people are weird the main thing they're worried about is withdrawals or transfers over 10k, or people doing a series of transactions that are under 10k. so as long as you don't withdraw 9999k from both accounts in one day nobody cares. now that internet banks are a thing it's incredibly common to have a local bank to get a good rate on a mortgage and be able to deposit cash, and an internet bank that refunds atm fees so you don't have to hunt
|
# ? Aug 21, 2017 16:06 |
|
Subjunctive posted:I really really hope that multiple accounts doesn't flag anything i mean i have all the accounts linked to each other so i can do transfers and they're all set up with direct deposit so like they're about as un-hidden as possible ... i'm on a terrorist watch list aren't I
|
# ? Aug 21, 2017 16:10 |
|
i bet now you'll think twice before committing a terror
|
# ? Aug 21, 2017 16:11 |
|
https://twitter.com/raulmarcosl/status/899572749768773632 Half a million stolen and counting.
|
# ? Aug 21, 2017 17:06 |
|
edit: someone posted this before me i am bad
|
# ? Aug 21, 2017 17:06 |
|
it just works! and works and works and works and works and works and works
|
# ? Aug 21, 2017 17:28 |
|
maskenfreiheit posted:You can set up a verbal password on your cell provider so any changes require that password (or going into a store and presenting a physical ID). doesn't matter much when the helpful Verizon CSR just waves you through without it and lets your account get hijacked 4 times in a week. Happened to my coworker in the next office and the walls were really thin so I got to hear all his fun conversations with their lovely support
|
# ? Aug 21, 2017 17:40 |
|
BangersInMyKnickers posted:doesn't matter much when the helpful Verizon CSR just waves you through without it and lets your account get hijacked 4 times in a week. Happened to my coworker in the next office and the walls were really thin so I got to hear all his fun conversations with their lovely support i'm sure someone's done the math and they lose less money just letting people get hacked than they'd lose from people forgetting their password and consuming way more customer service time see, the free market works!
|
# ? Aug 21, 2017 18:30 |
|
That's actually the funny thing, from a friend who remained at Sarnsung for far too long. Carriers don't care about users rooting their phones to get around whatever garbage is there, which is what you'd think. They care about users rooting their phones because of the support costs of these people inevitably loving it up and the front line CSRs and phone sales people not knowing what to do with it.
|
# ? Aug 21, 2017 18:36 |
|
Volmarias posted:That's actually the funny thing, from a friend who remained at Sarnsung for far too long. Carriers don't care about users rooting their phones to get around whatever garbage is there, which is what you'd think. They care about users rooting their phones because of the support costs of these people inevitably loving it up and the front line CSRs and phone sales people not knowing what to do with it. it seems like "you hosed up your phone and voided the warranty and we're (seriously) not responsible for it so hey, buy a new phone" wouldn't be such a bad deal
|
# ? Aug 21, 2017 18:38 |
|
MALE SHOEGAZE posted:it seems like "you hosed up your phone and voided the warranty and we're (seriously) not responsible for it so hey, buy a new phone" wouldn't be such a bad deal i guarantee you people don't start out by saying "oh by the way i rooted it," they just go "it broke fix it"
|
# ? Aug 21, 2017 18:39 |
|
ate all the Oreos posted:i'm sure someone's done the math and they lose less money just letting people get hacked than they'd lose from people forgetting their password and consuming way more customer service time that's basically it cost benefit analysis means the consumer loses every time
|
# ? Aug 21, 2017 18:39 |
|
MALE SHOEGAZE posted:it seems like "you hosed up your phone and voided the warranty and we're (seriously) not responsible for it so hey, buy a new phone" wouldn't be such a bad deal thing is that the customer that shows up either; 1) obnoxiously ties up your customer service for ages, demanding to talk to ever-higher-up managers, and referring to random forum posts by people claiming to work for the carrier making strange promises; or; 2) pays a $300 monthly bill streaming 10 bpc anime from home around the clock and paying for every extra imaginable in both cases they are far better off if they can keep them from messing up their phone to start with
|
# ? Aug 21, 2017 18:48 |
|
Cybernetic Vermin posted:thing is that the customer that shows up either; 1) obnoxiously ties up your customer service for ages, demanding to talk to ever-higher-up managers, and referring to random forum posts by people claiming to work for the carrier making strange promises; or; 2) pays a $300 monthly bill streaming 10 bpc anime from home around the clock and paying for every extra imaginable yeah that makes sense.
|
# ? Aug 21, 2017 18:49 |
|
speaking of usernames, it appears that if you work for SHI (samsung heavy industries) you can just pick whatever the gently caress you want for your @samsung.com e-mail address so if you deal with them on the reg then you will see some weird poo poo in your SMTP transport logs. based on a bunch of internal systems doco i found for their internal stuff a while back their e-mail addys match their UPNs so their e-mail is effectively their username for most SSO stuff. i think DSME (daewoo shipbuilding & marine engineering) does this as well, maybe it's a SK thing...
|
# ? Aug 21, 2017 19:22 |
|
Diva Cupcake posted:https://twitter.com/raulmarcosl/status/899572749768773632 has there ever been anything butt related that wasn't a hilarious clusterfuck of stupidity and bad life decisions? the only thing I can think of is satoshi loving off into the sunset before the lolbertarians showed up.
|
# ? Aug 21, 2017 20:20 |
|
|
# ? May 13, 2024 23:05 |
|
Harik posted:has there ever been anything butt related that wasn't a hilarious clusterfuck of stupidity and bad life decisions?
|
# ? Aug 21, 2017 20:21 |