|
A security researcher has discovered a method that would have enabled fraudsters to steal thousands of dollars from Facebook, Microsoft, and Google by linking premium-rate numbers to various accounts as part of the two-step verification process. "I got your number on the wall"
Dang, but that's a clever idea
|
|
|
|
|
That wasn't the only 2FA problem they had.
|
|
|
|
|
Ah, the ol' two-step-aroo. Add 2 more steps and we'd have the ol' Dunkaroo:
An 4-step activity involving two people, a cooler full of ice water and a can full of beer.
Step 1: Dunkaroo Recipient submerges head in cooler of ice water for 10 seconds
Step 2: Dunkaroo Doner slaps Recipient in the face and hands them a beer
Step 3: Dunkaroo Recipient drinks beer, à la shotgun method
Step 4: Scuzz
Urban Dictionary: dunkaroos (fourth definition)[^]
modified 19-Jul-16 16:54pm.
|
|
|
|
|
I used to do that with variuos activist groups (actually small politics for time wasters) that could not take a "no" for an answer. They occupied the entire campus with groups of 3-4 students blocking the hallways and asking poeple for contribution to their pitiful party journal and the phone number to arrange their idiotic conventions - actually a bunch of people in a occupied house smoking pot together, once I went to one of these out of curiosity.
Well, I had this phone plan that gave me 5 cents for every minute of received call... so anytime they phined I kept them on the phone as long as I could. Consider that they were all but organized so if I gave the number to 10 different groups in the same day I'd receive 10 different calls. I made a good amount of phone credit those months...
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
When I was six, there were no ones and zeroes - only zeroes. And not all of them worked. -- Ravi Bhavnani
|
|
|
|
|
Kent Sharkey wrote: that would have enabled fraudsters to steal thousands of dollars from Facebook, Microsoft, and Google
For once would have been nice to see how they suffer instead of the end user.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
I'm in 2 minds as to whether this is really 'fraud'?
|
|
|
|
|
These guidelines represent a multi-year, cross-company, collaborative process aggregating the collective experience of hundreds of engineers designing, operating, and running global scale cloud services from across Microsoft; and listening to feedback on our APIs from customers and partners. Microsoft gives it a REST
|
|
|
|
|
That entire quote should be in Buzzword Bingo!
|
|
|
|
|
So a database connection error [^] goes to 4xx client error. Making client to resend the request again and again. That's weird and incomplete guideline.
Wonde Tadesse
|
|
|
|
|
Kent Sharkey wrote: Microsoft gives it a REST
a Rest in peace?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
The flaws allow hackers to easily bypass exploit mitigations in the OS and third-party apps By hook, and by the crooks using the hook
|
|
|
|
|
Microsoft has laid off almost all of the company's remaining Microsoft Press publishing staff. But Pearson is expected to keep the brand alive. Time to put the black arm band on your copy of Petzold
|
|
|
|
|
I give them another 10 years or less before they implode from stupidity and dissapear.
|
|
|
|
|
Apparently, there were only six people and almost everything was outsourced.
The last "Microsoft Press" book I read (and happened to also buy) was Richter's Advanced Windows Programming, mainly for the chapters in IOCP. You can now get even more information online and even some libraries (like ASIO[^] and ServerFramework[^]) which take care of it for you.
The best "book" on programming I've fairly recently read is online: Threading in C# - Free E-book[^]
With information like these, who needs a relatively expensive hard copy of a book, of which you usually need only a tiny fraction?
|
|
|
|
|
Much of the current research on the development of a quantum computer involves work at very low temperatures. The challenge to make them more practical for everyday use is to make them work at room temperature. As an added bonus: moths won't eat your quantum computer!
|
|
|
|
|
The company doesn’t make any products on its own, but its designs are used in billions of chips. Someone bought Advanced Idea Mechanics? Oh wait. ARM, not AIM.
Guess I need my eye prescription checked.
|
|
|
|
|
A new survey by Countercept by MWR InfoSecurity highlights all the frustrations IT security experts are experiencing as they’re trying their best to protect their company’s assets and employees. "1. You can't win. 2. You can't break even."
|
|
|
|
|
I’m a big supporter of helping software developers develop “soft skills” in addition to their technical skills—in fact, I wrote a complete book about it—but there is no denying: technical skills are important. "Ah what you got, I got the skills to pay the bills"
|
|
|
|
|
Girls Only Want Boy Friends Who Have Great Skills - YouTube[^]
#SupportHeForShe
Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
A good list for a starting junior developer. From what I've experienced, even self-named senior developers have problems meeting that list, and they certainly never grow beyond it.
Marc
|
|
|
|
|
A good list. However, I've seen rather similar lists in lots of places, and they always seem to have one problem in my opinion. For whatever reason, testing and debugging always end up at or near the end of the list. They should be listed right under "Pick a programming language". I'd rather have a junior dev who's great at testing & debugging but doesn't know the first thing about source control or build systems. I can teach someone basic source control usage in an hour. My build system can be tended by a senior who knows his way around it. Testing and debugging are things the developer is going to need to do as soon as they start writing code, and they're not trivial things to teach because they require a level of intuition that can only be garnered by experience.
If a junior dev needs help checking code in or building for deployment, then someone can help them for 10 minutes. If a junior dev needs help figuring out why their code isn't working, that can tie up someone for hours.
|
|
|
|
|
Apparently, buying someone's book is the best way. I suppose it's better than "How To Win The Lottery".
|
|
|
|
|
Microsoft as 'humanity's best chance at a level playing field'? Windows as the preferred platform for creatives? Some at the company believe it's possible. "The people. United. Will never be defeated."
repeat beyond nausea
|
|
|
|
|
Kent Sharkey wrote: United [w]ill never be defeated
If you mean Manchester United....
|
|
|
|
|
Or, per Sham 69, If the Kids, are United, they will never, be divided.
(also Repeat ad nauseum).
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|