@KentInPublic @bhsharp If they're not attacking, then you don't really have to worry about 2-factor either...
@bhsharp I said, the only thing 2-factor prevents is non-MITM impersonation. And hey, that's exactly right!
-
-
@bhsharp You are welcome to argue about how _important_ that type of attack is, but that is more about what kind of site it is and so on. -
@bhsharp And to be clear, I really should say non-MITM _takeover_, because really it doesn't even prevent impersonation unless... - Show replies
New conversation -
-
-
@cmuratori You said it "doesn't protect any of your data in this case". It absolutely DOES in the case where someone is just doing non-MITM -
@cmuratori attacks. That's the point, as long as by "your data" you meant e.g. my email contents, the data protected by my login credentials
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.