Live Breaking News & Updates on Mister Doffman

Stay updated with breaking news from Mister doffman. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.

STOP: Opt out of phone numbers as authentication tokens


Richi Jennings
Industry analyst and editor, RJAssociates
 
This week brings yet more examples of poor design. Specifically: Two apps trusting phone numbers without properly authenticating the actual user.
First, a deadly denial-of-service attack on WhatsApp, in which combining two subtle side effects can lock out users from their accounts. And second, a really dumb authentication bug in a wireless provider’s app.
Watch out these things come in threes. In this week’s
Security Blogwatch, we got the 411 (ask your parents).
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: 
Cracking Enigma.
What’s the craic, Zak? Mister Doffman reports ....

United States , Richi Jennings , Mister Doffman , Dan Goodin , Ernesto Canales Pere , Michael Crider , Issa Asad , Artem Russakovskii , Security Blogwatch , Suddenly Whatsapp , Link Wireless , Karl Bode , Mobile Account , South Florida , Registered Coward , Experian Treatment , ஒன்றுபட்டது மாநிலங்களில் , பணக்காரர் ஜென்னிங்ஸ் , டான் குடின் , மைக்கேல் சிறுதேர் , வழங்கல் அசாத் , இணைப்பு வயர்லெஸ் , கார்ல் போட் , கைபேசி எண்ணுதல் , தெற்கு புளோரிடா ,