This study needed a mix of creativity, grunt work, and knowledge of the industry. All credit to @PrincetonCITP PhD students @kvn_l33 and @bkaiser93, as well as my faculty colleague @jonathanmayer (who previously worked at the @FCC on wireless carrier security).
-
-
The reason the attacker didn’t manage to ruin my life is that I was on baby duty that night with a newborn who was keeping me awake. My wife was extremely confused when I woke her up, handed her a crying baby, and said I had to go take care of an emergency.
Prikaži ovu nit -
When I called customer service, I was in for a shock. They were not able to authenticate me (despite apparently having no problem authenticating the attacker). In particular, their system for emailing me a one-time password failed but they insisted the problem was on my end.
Prikaži ovu nit -
In the craziest twist, we had *just* completed our initial analysis and knew the weaknesses of my carrier’s authentication protocol, and so I was able to use that info to talk the rep into handing me back my own account.
Prikaži ovu nit -
Until the carriers fix these problems, you’re at risk of a SIM swap. But you can protect yourself right now. Take a few minutes to check all your online accounts. Make sure 2-factor authentication is enabled, and it’s a secure option such as an authenticator app, and not SMS.
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
In addition to celebs, CEOs, etc., there have been a few high profile Security researchers targeted recently. Do you believe your attacker "targeted" you, or just random?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.