00:00​ I hacked Linus!
00:59​ How Steve Jobs and Steve Wozniak hacked the telephone network
02:22​ Early history of the telephone
07:08​ The kidnapping of Sheikha Latifa
08:41​ How Signalling System No. 7 works
11:03​ Why SS7 is vulnerable to hacking
12:15​ How hackers gain access to phones
16:17​ How I was able to spy on Linus’ phone
18:09​ How hackers can intercept text messages
21:04​ How your location can be tracked via SS7
29:03​ How to protect your phone from hacking

  • umbrella@lemmy.ml
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    3
    ·
    2 months ago

    im always downvoted and screamed at for saying this but yeah.

    i hate stupid forced 2fa

    • ExtremeDullard@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      17
      ·
      2 months ago

      2FA is great. It’s the best tool there is against impersonation and account takeovers.

      But it’s only great PROVIDED

      1. It’s a real, proper second factor like a hardware token or - less great but okay - a “secure” cellphone app. When it’s a totally insecure factor like SMS, 1FA is preferable.
      2. It’s not such a PITA that you hate using it.
      3. When it’s a proprietary app from one of the big data sonsabitches, it’s also an app to spy on you and your activities.
      • umbrella@lemmy.ml
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        2 months ago

        yes i agree! apps like aegis shows its possible to do it in a reasonable way.

    • njordomir@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 months ago

      Agree. I appreciate that banks offer 2FA, but do I really need to be forced to give up a real phone number to access a forum, news site, etc.? No.

      Whose job is security? Mine, the user, and if I decide one of my accounts is a throwaway or I just mash some keys to get access to something, I shouldn’t have to sign up for 2FA to do it.