Searching We.Love.Privacy.Club

Twts matching #follows.
Sort by: Newest, Oldest, Most Relevant
os-x-daily
feeds.twtxt.net
 (2y ago)

Beta 3 of iOS 17.1, iPadOS 17.1, MacOS Sonoma 14.1 Released for Testers
Apple has released the third beta versions of iOS 17.1, iPadOS 17.1, and MacOS Sonoma 14.1, for users who are enrolled in the beta testing programs for Apple system software. As usual, the betas are first available to developers, and then are soon followed by the same build for public beta testers. Apple announced several … [Read More](https://osxdaily.com/2023/10/10/beta-3-of-ios-17-1-ipados- … ⌘ Read more

⤋ Read More
os-x-daily
feeds.twtxt.net
 (2y ago)

Beta 2 of iOS 17.1, iPadOS 17.1, MacOS Sonoma 14.1 Released for Testing
Apple has issued the second beta versions of MacOS Sonoma 14.1, iOS 17.1, and iPadoS 17.1, for users who are participating in those beta testing programs. The beta 2 builds are available first for edevelopers, and are soon followed by public betas. iOS 17.1, iPadOS 17.1, and MacOS Sonoma 14.1 will likely include some new … [Read More](https://osxdaily.com/2023/10/03/beta-2-of-ios-17-1-ipados-1 … ⌘ Read more

⤋ Read More
abucci
anthony.buc.ci
 (2y ago)

How Google Authenticator made one company’s network breach much, much worse | Ars Technica

🤦‍♂

WHY are these big companies treated as though they are the be all and end all of infosec? These are rookie mistakes Google’s making, at scale.

Unfortunately Google employs dark patterns to convince you to sync your MFA codes to the cloud, and our employee had indeed activated this “feature”. If you install Google Authenticator from the app store directly, and follow the suggested instructions, your MFA codes are by default saved to the cloud. If you want to disable it, there isn’t a clear way to “disable syncing to the cloud”, instead there is just a “unlink Google account” option.

Like, never ever put your multi-factor tokens into a single cloud storage location! The whole point of this being “multi” factor is that there is a separate, independent physical factor involved in the authentication process. If the authenticator app on your phone puts the tokens in the cloud, then it reduces the security that comes from having a second factor. This is basic stuff.

Of course, never ever use Google Authenticator. All it does is generate TOTP and HOTP codes, which you can do with any OTP app, preferably an open source one that’s been vetted.

⤋ Read More