Sign in / up

back to article SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more

What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday. Here's what else went down: Text message systems exposed online A text-message gateway biz called Voxox reportedly left vital systems open on the internet, allowing any miscreant to inspect it in real …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Pascal Monett Silver badge
    FAIL

    What a load of bull

    "And predicting a world class chess player’s next move definitely is at least as difficult as predicting a cybercriminal’s next move"

    Even if you consider the world's most awesome chess player, he still only has an 8 x 8 board and 16 pieces, most of which only have one kind of movement.

    Equating that with predicting what a cybercriminal might think of, when Windows 1 0 can't even get its own patches right, is just bullshit of the most blatant level.

    Predicting what a cybercriminal might do can only happen if you know all the stuff he might try. And given that the blackhats are continually educating multi-billion dollar companies on what their vulnerabilities are, your predictions are about as useful as yesterday's horoscope.

    0 5 Reply
    1. MiguelC Silver badge
      Reply Icon

      Re: What a load of bull

      "Even if you consider the world's most awesome chess player, he still only has an 8 x 8 board and 16 pieces, most of which only have one kind of movement."

      And I'm sure you did the math on that one...

      5 0 Reply
      1. hayzoos
        Reply Icon

        Re: What a load of bull

        I don't know why everyone is being so harsh on @Pascal Monnet. He has a point, even comparing by numbers, the playing field of cybersecurity is vastly more complex than chess. The full set of chess is definable. We have chess programs, we have chess playing programs able to defeat top human players. If it was as easy as chess, then where are our programatic weapons to defeat even the average cybercriminal?

        The real problem is, thinking it is possible. It is a similar problem as making something foolproof.

        0 0 Reply
    2. steviebuk Silver badge
      Reply Icon

      Re: What a load of bull

      Do women not play chess then?

      0 0 Reply
    3. GnuTzu
      Reply Icon
      Boffin

      Re: What a load of bull -- Numbers

      Computer scientists are supposed to be good with numbers, and they're supposed to know how the numbers for this sort of thing relate.

      Yet, it's true that the numbers for chess are constants, while the numbers for hackers are constantly changing. I suppose you'd have to create categories to pigeon hole things in to get the numbers to map.

      0 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    Extortion hoaxes

    This week we've had BT telling us our Virgin internet connection is about to be cut off, and Microsoft telling us our only remaining (and switched off) Windows computer has a virus. It looks like someone has at last paid for a new script. ("Your secure email database has been hacked...")

    They would be more useful if they phoned up Microsoft to tell them they have a problem with their computer. It might get some action.

    0 0 Reply
  3. Dan 55 Silver badge

    SMS '2FA'

    As if it weren't bad enough, here's another reason not to use it.

    I would have thought one-time codes wouldn't have been stored, but there you go. You just need to watch and type faster.

    0 0 Reply
  4. hayzoos

    Re: SMS '2FA'

    Outsourced Authentication, to save money, probably lowest bidder, What could go wrong?

    Wait, don't answer that. It is called saving money at all cost.

    I'm trying to be funny, it doesn't help the despair.

    1 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    I'm surprised

    I'm surprised m-science.com haven't been hit. For years, they've been supplying their service and logins as http. "SMS voting system" (If their site wasn't secure, I'm pretty sure none of their sms services are).

    Reported them and over a month later they finally implemented SSL. Appears they are under new ownership but I still don't trust that company or site. Their login and password policy is still piss poor & I'm sure there is still an exploit in there somewhere.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like