Twitter Removes Security from User's Accounts Without Consent. Not a Great Plan.

-

Twitter did this

https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter

"After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled."

Anyone who is inactive for a while, will simply have a reduction in security that they did not explicitly authorize. These people are extremely vulnerable. 

This is just, bad.. really bad.

Never do this. I'm curious if the motive is the cost of supporting text based 2fa. They pose it as a security improvement but if you are reducing peoples existing security levels without their express consent, that's not great. It will disproportionally affect people who are least closely monitoring their twitter accounts during this period.  

It may be okay for them to say that anyone who hasn't switched to app based auth will be allowed to login "n" more times via text based 2fa before they have to setup app based auth. 

That way anyone who isn't paying attention can address the issue when they do. And if they aren't logging in, then they aren't being sent text messages.


Comments

Post a Comment

Popular posts from this blog

Define "Scalar Value"

-
Scalar values are non reference values. This does not necessarily mean simple values. They may have multiple components that are independently mutable. "scalar" simply means if two "entities", have the same value for the same declared field, they have a copy... #Coding  Side note, document ( or "schemaless")  stores and APIs tend to have a lot of what should be reference types, embedded as scalar values.   This is problematic...   It's 100% fine for a derivative "readonly" view. It's a problem when it's your mutable source of truth store. #MongoSucksUnlessItsACache
Read more

AI Self Awareness in Video Games

-
I believe that #AI for game characters will be the first to be self aware.  This is because their models will be less strictly controlled because they are not serving mission critical services like operating a car or directly handling decisions that affect large sums of money. Such systems are usually not enabled for learning. Rather they are responding to stimulus using pre-trained, and well tested, neural networks. But more importantly, Game AI, like the AI in a #Tesla , will be capable of not only perceiving the world, but mutating it.  This ability to perceive, and then action, and then perceive the result of the action, is I believe, a critical feedback loop for self awareness. Another critical piece of course would be to hallucinate or perceive self produced input in addition to external input.  If the AI's neural network is in a mutable state as it plays the game, can mutate the external world around it and perceive the result of that modification, and can pipe int...
Read more

The World of Conceptual Data Modeling

-
The virtual world.  The world of conceptual data modeling. It has rules. Rules as undeniable and irrefutable as the laws of physics.  There are ways that concepts can be assembled, and ways that they can't. #SoftwareEngineering #DataModeling #Software #Data Trouble is, most of us data modelers do not fully understand these rules.  And so we keep trying to do magic. It's important to understand these things about your data. Is it a Reference Type? Or is it a "scalar value" type?     The latter mans that if an identical value of this conceptual type exists in two or more places, it exists as a copy. ( and importantly SHOULD  exist as a copy ) Is it a "primary" or "singular" concept, or is it a relation between two distinctly and independently referenceable concepts?  Is it a "concrete" concept or an abstraction/type union? ( this can apply to both singular and relation type concepts ) "Child Entities" are a myth. At least child en...
Read more