Reddit’s Two Factor procedures fail, while Google’s prevents years of attacks. We’ll look at the different approaches, and discuss the fundamental weakness of Reddit’s approach.
Plus a Spectre attack over the network, BGP issues take out Telegram, and more!
Sponsored By:
- Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.com
- iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!
- Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapocean
Links:
- Hey, don't route the messenger! Telegram redirected through Iran by baffling BGP leak
- Finding and Diagnosing BGP Route Leaks
- Cloud Leak: How A Verizon Partner Exposed Millions of Customer Accounts
- New Spectre attack enables secrets to be leaked over a network
- NetSpectre: Read Arbitrary Memory over Network
- Password breach teaches Reddit that, yes, phone-based 2FA is that bad
- We had a security incident.
- Google Employees Use a Physical Token as Their Second Authentication Factor
- Cisco is buying Duo Security for $2.35B in cash