Tag: Ars Technica (page 1 of 3)

Securing your digital life

Usually, guides to securing your digital life are very introductory and basic. This one from Ars Technica, however, is a bit more advanced. I particularly appreciate the advice to use authenticator apps for 2FA.

Remember, if it’s inconvenient for you it’s probably orders of magnitude more inconvenient for would-be attackers. To get into one of my cryptocurrency accounts, for example, I’ve set it so I need a password and three other forms of authentication.

Overkill? Probably. But it dramatically reduces the likelihood that someone else will make off with my meme stocks…

Security measures vary. I discovered after my Twitter experience that setting up 2FA wasn’t enough to protect my account—there’s another setting called “password protection” that prevents password change requests without authentication through email. Sending a request to reset my password and change the email account associated with it disabled my 2FA and reset the password. Fortunately, the account was frozen after multiple reset requests, and the attacker couldn’t gain control.

This is an example of a situation where “normal” risk mitigation measures don’t stack up. In this case, I was targeted because I had a verified account. You don’t necessarily have to be a celebrity to be targeted by an attacker (I certainly don’t think of myself as one)—you just need to have some information leaked that makes you a tempting target.

For example, earlier I mentioned that 2FA based on text messages is easier to bypass than app-based 2FA. One targeted scam we see frequently in the security world is SIM cloning—where an attacker convinces a mobile provider to send a new SIM card for an existing phone number and uses the new SIM to hijack the number. If you’re using SMS-based 2FA, a quick clone of your mobile number means that an attacker now receives all your two-factor codes.

Additionally, weaknesses in the way SMS messages are routed have been used in the past to send them to places they shouldn’t go. Until earlier this year, some services could hijack text messages, and all that was required was the destination phone number and $16. And there are still flaws in Signaling System 7 (SS7), a key telephone network protocol, that can result in text message rerouting if abused.

Source: Securing your digital life, part two: The bigger picture—and special circumstances | Ars Technica

A glimpse into the future of autonomous electric vehicles

Ideally, we’d all be using mass transit rather than just switch fossil fuel-based vehicles for their electric equivalents. But, as a student of human nature, I recognise that autonomous electric vehicles might be a pragmatic stop-gap.

This is an interesting article, as it puts a price on how much these vehicles might cost by the hour (~7 Euros) and talks about what people might be doing while waiting for them to recharge (playing video games!)

The German automaker is considering charging an hourly fee for access to autonomous driving features once those features are ready. The company is also exploring a range of subscription features for its electric vehicles, including “range or performance” increases that can be purchased on an hourly or daily basis, said Thomas Ulbrich, a Volkswagen board member, to the German newspaper Die Welt. Ulbrich said the first subscription features will appear in the second quarter of 2022 in vehicles based on Volkswagen’s MEB platform, which underpins the company’s new ID.3 compact car and ID.4 crossover.

Source: What would you pay for autonomous driving? Volkswagen hopes $8.50 per hour | Ars Technica

At times, our strengths propel us so far forward we can no longer endure our weaknesses and perish from them

Psychedelic image representing billionaires steamrollering the earth

🤑 We can’t have billionaires and stop climate change

📹 How to make video calls almost as good as face-to-face

⏱️ How to encourage your team to launch an MVP first

☑️ Now you can enforce your privacy rights with a single browser tick

🤔 Why Life Can’t Be Simpler


Quotation-as-title from Nietzsche. Image from top-linked post.