Security is not the user’s responsibility
As you read this, systems are hacked all the time and that is most likely your fault but shouldn't be.
As you read this, systems are hacked all the time and that is most likely your fault but shouldn't be.
Test Automation Engineer at AVL List GmbH, Conflict Mediator, Lecturer at Austrian Mathematical Olympiad
3 个月Great article! To share my latest pet peeve: My mobile phone provider insists on cold-calling me every two months to ask if I would like to upgrade to a better service contract. The call invariably starts with the caller informing me that they've just sent me a text message with a four-character code, which I am to please read to them aloud to verify it's me. (*They* called *me*!) The text message is identical to the one I receive when I need to reset my password. I went so far as to send emails to the provider and visit their shop to tell them: "It looks like someone is spoofing your number, then asking me for a code to steal my account." They keep insisting that no, this is, in fact, the legitimate procedure. To the best of my understanding, here is what's happening: They outsourced the cold calling to a call center. The call center agents work on a commission-based payment. More likely than not, they had a few bad apples who "sold" new contracts without having even called the customer. To prevent that, the callers are now required to retrieve that four character code as proof that they have actually reached me. So I have a guess where it is coming from, but I have some serious doubts about the solution they've come up with.