11-29-2023, 03:30 AM
|
#1 (permalink)
|
Human Environmentalist
Join Date: Aug 2010
Location: Oregon
Posts: 12,803
Thanks: 4,326
Thanked 4,476 Times in 3,441 Posts
|
Identity Theft
I went online in 1995. The small scale of things then meant the risks were also smaller. In such simple times, I used a single username, and 2 password iterations so that I could remember it without writing stuff down. Unimportant stuff like forum logins had a more simple password, and important stuff like bank accounts had a more complex password. I've probably created a hundred accounts or more using that logic.
About a year ago, I was locally remotely (it's not an oxymoron) connected to a server and got disconnected. That almost never happens on an internal network. I got paranoid that someone else had used my credentials to remotely connect to it and boot me from my session. Then I attempted to log into my WiFi router, and the credentials had been changed. I unplugged it, and then reset to factory default. Changed credentials to something new. Removed the idiotic port forwarding for RDP to my server using the default 3389 port. Changed server password...
Yesterday I couldn't get into Netflix. Someone changed the credentials. It took 90 minutes for me to wrestle back control of my account. I dismissed the incident as probably forgetting to sign out of a device somewhere, and someone taking advantage of that fact.
Today I got a text message that Kahil started shopping for my Walmart order. Then a text that Ryan was picking out my order. Then a text that Darren was gathering my Walmart order.
Asked my wife if she ordered anything from Walmart and she said no. Looked at my current email account and saw no Walmart activity except the twin mattress I ordered a few days ago (1.5 year old can plank, pivot, and drop from the crib rails). Tried to log into my old email account, and the credentials didn't work. Filthy Russian hackers had gained control of it. I hadn't used that account since 2009. I wrestled back control of that email account, and called Walmart to cancel the orders.
The hackers deleted the Walmart emails on the legacy email platform to try to conceal them. The hackers changed both the password and email address of that old Walmart account, meaning I had no way to recover that account, so I canceled it. Somehow it had a valid credit card of mine on it, and my parents received nasal spray and dog treats today, addressed to my sister. At one point, 2 Walmart carriers were at my parents at the same time. Very funny kids. $220 of nonsense items sent to my parents by identity thieves.
My comment is that as technologically sophisticated as I am, it strikes me that less savvy folk stand even less chance than me at thwarting attacks.
My question is what are some best practices to harden technology and reduce attack footprint?
Seems the old logic of 1 username and 2 passwords depending on importance is not good enough. I've enabled 2FA (two factor authentication) on the important stuff now.
My sense is that AI will make people extremely vulnerable in the future, and the counter will be AI. My other scary thought is that I can only see a few possible outcomes:
1. high trust society
2. no trust society
3. no society
1 seems unlikely. 2 seems probable and unfortunate. 3 is the result of the failure of 1 and 2.
|
|
|
The Following User Says Thank You to redpoint5 For This Useful Post:
|
|
Today
|
|
|
Other popular topics in this forum...
|
|
|
11-29-2023, 04:02 AM
|
#2 (permalink)
|
Eco-ventor
Join Date: Oct 2010
Location: sweden
Posts: 1,645
Thanks: 76
Thanked 709 Times in 450 Posts
|
How do we know that this is really you? /s
__________________
2016: 128.75L for 1875.00km => 6.87L/100km (34.3MPG US)
2017: 209.14L for 4244.00km => 4.93L/100km (47.7MPG US)
|
|
|
The Following User Says Thank You to jakobnev For This Useful Post:
|
|
11-29-2023, 04:46 AM
|
#3 (permalink)
|
Master EcoModder
Join Date: Aug 2012
Location: northwest of normal
Posts: 28,687
Thanks: 8,143
Thanked 8,922 Times in 7,365 Posts
|
Ask me why I don't use credit cards or do business over Internet.
__________________
.
.Without freedom of speech we wouldn't know who all the idiots are. -- anonymous poster
____________________
.
.Three conspiracy theorists walk into a bar --You can't say that is a coincidence.
|
|
|
The Following User Says Thank You to freebeard For This Useful Post:
|
|
11-29-2023, 11:38 AM
|
#4 (permalink)
|
Somewhat crazed
Join Date: Sep 2013
Location: 1826 miles WSW of Normal
Posts: 4,415
Thanks: 538
Thanked 1,205 Times in 1,063 Posts
|
I believe the initial problem is leaving current credit card data online. One can expect the commercial people to be lackadaisical about security. Can't get my data by scraping because it isn't there, I memorized my numbers and park bogus numbers in the two accounts I use. Yes it is a wee bit more time consuming to enter the number every time, but hey, I'm retired now, got lotsa time. For wallyworld, it's 10 minutes down the street, I can go there in person and purchase with unhackable cash. Instant delivery also. What is not to like. freebeard has the ultimate security, but pays a minor price for it.
__________________
casual notes from the underground:There are some "experts" out there that in reality don't have a clue as to what they are doing.
|
|
|
The Following 2 Users Say Thank You to Piotrsko For This Useful Post:
|
|
11-29-2023, 11:42 AM
|
#5 (permalink)
|
Batman Junior
Join Date: Nov 2007
Location: 1000 Islands, Ontario, Canada
Posts: 22,534
Thanks: 4,082
Thanked 6,979 Times in 3,614 Posts
|
Quote:
Originally Posted by redpoint5
...Then a text that Darren was gathering my Walmart order.
|
They spelled my name wrong.
|
|
|
The Following 2 Users Say Thank You to MetroMPG For This Useful Post:
|
|
11-29-2023, 01:37 PM
|
#6 (permalink)
|
Master EcoModder
Join Date: Aug 2012
Location: northwest of normal
Posts: 28,687
Thanks: 8,143
Thanked 8,922 Times in 7,365 Posts
|
Quote:
What is not to like. freebeard has the ultimate security, but pays a minor price for it.
|
I met one of the Internet greybeards once, don't recall his name. He was quoted as saying that the three legs underpinning Internet were anonymity, authentication and digital cash.
We got the first two, and if Bitcoin protocol had existed from the beginning we'd have had the third, but the CC companies got in first.
The problem with cards is that they expose the account with each transaction, where with Bitcoin only the transaction itself is exposed.
__________________
.
.Without freedom of speech we wouldn't know who all the idiots are. -- anonymous poster
____________________
.
.Three conspiracy theorists walk into a bar --You can't say that is a coincidence.
|
|
|
The Following User Says Thank You to freebeard For This Useful Post:
|
|
11-29-2023, 02:39 PM
|
#7 (permalink)
|
Human Environmentalist
Join Date: Aug 2010
Location: Oregon
Posts: 12,803
Thanks: 4,326
Thanked 4,476 Times in 3,441 Posts
|
I'm wondering what will happen when AI can render a face based on Facebook photos? Things requiring facial recognition to unlock might be fooled by AI.
Voice recognition will probably be easily fooled by AI generated voice.
Looking through the logs of the compromised email account, a bot was attempting to log in every 10 minutes on average, for days (maybe even years). Then I saw the entry from a few days ago that said "password change successful" after a continuous stream of unsuccessful login attempts. That's when the hackers gained control of my account. Oh, and of course they used a proxy so the IP and country was constantly changing.
If many bots are all attacking at once, it can crowd out legitimate login attempts. DDoS.
Quote:
Originally Posted by freebeard
Ask me why I don't use credit cards or do business over Internet.
|
'Cause spending 10min of hassle to get the charges removed is harder than the constant hassle of not being able to purchase things where they are affordable, and delivered to your doorstep?
I'll be picking up the items from my parents and returning them, so the CC company won't even be out anything except for whatever it cost for the couriers. I wanted to buy WallyWorld cheap powdered dish detergent anyhow (hardly anyone carries powdered detergent anymore), so there's my excuse for the trip.
Last edited by redpoint5; 11-29-2023 at 03:09 PM..
|
|
|
11-29-2023, 03:20 PM
|
#8 (permalink)
|
Master EcoModder
Join Date: Aug 2012
Location: northwest of normal
Posts: 28,687
Thanks: 8,143
Thanked 8,922 Times in 7,365 Posts
|
I learned that I can watch Best Buy's website, and when the Raspberry Pi 5 is available next month I can go to their Customer Service dept., put down cash and they will deliver to my doorstep.
__________________
.
.Without freedom of speech we wouldn't know who all the idiots are. -- anonymous poster
____________________
.
.Three conspiracy theorists walk into a bar --You can't say that is a coincidence.
|
|
|
11-30-2023, 10:55 AM
|
#9 (permalink)
|
Somewhat crazed
Join Date: Sep 2013
Location: 1826 miles WSW of Normal
Posts: 4,415
Thanks: 538
Thanked 1,205 Times in 1,063 Posts
|
So cash payment is the deciding factor of when you get a 5? Interesting.
__________________
casual notes from the underground:There are some "experts" out there that in reality don't have a clue as to what they are doing.
|
|
|
11-30-2023, 01:02 PM
|
#10 (permalink)
|
Master EcoModder
Join Date: Aug 2012
Location: northwest of normal
Posts: 28,687
Thanks: 8,143
Thanked 8,922 Times in 7,365 Posts
|
The constraint is availabiity.
For the 4 I ordered online and sent in a check. I have that option.
__________________
.
.Without freedom of speech we wouldn't know who all the idiots are. -- anonymous poster
____________________
.
.Three conspiracy theorists walk into a bar --You can't say that is a coincidence.
|
|
|
|