By John Gruber
Kolide by 1Password ensures that if a device isn’t secure, it can’t access your apps.
Justin Williams:
I like to think I take an above average amount of steps to secure myself online: I use a password manager, unique passwords as complex as the site will allow, and turn on 2-factor authentication when possible. A true security expert will likely find some sort of flaw in my setup, but I’ll argue that I am doing more than 95% of the planet.
So how did I, someone who is reasonably secure, have his cell phone disabled, his PayPal account compromised, and a few hundred dollars withdrawn from his bank account?
Two-factor authentication using your cell number is only as secure as your wireless carrier’s protection against social engineering — which, alas, might be terrible.
★ Friday, 7 July 2017