One of the guys who created the CIA torture program says that waterboarding a prisoner, who has been held in jail for 13 years and never charged with a crime, over 80 times, only “verged” on breaking the law. Gee, I’d hate to see what ACTUALLY breaking the law looks like.
Imagine what kind of person you have to be to get paid $80 million to design a torture program.
One of the downsides of technology is that it makes it easier for bad people in distant lands to do bad things. A couple of years ago we got hacked and learned some good security lessons as a result. They might help you avoid finding yourself in a similar situation.
A couple of years ago, my mobile phone number and Chrissy’s mobile phone number were both fraudulently ported to another carrier – meaning somebody set up fake accounts with a phone carrier in our names, then requested that new carrier transfer our numbers over from our existing carrier. This is known as “number portability” and was set up years ago to make it easy for people to change service providers. Of course when they did that, nobody foresaw the day when mobile numbers would be used as authentication for bank accounts, etc. All they needed to provide to port our numbers was our mobile number, name, DOB and address. Pretty easy information to get, especially if they have access to your Facebook profile, etc. The number gets ported over to the new carrier within minutes and our phones were left with “SOS Only”. No signal. No carrier. If you’re lucky, you get a SMS message just before it happens. Chrissy got one – I didn’t. But it wouldn’t have mattered anyway, because we were camping and didn’t have much reception.
Once the hackers have access to your phone number, then any account where you have 2-factor authentication (2FA) connected to that number (eg bank accounts, email accounts, Dropbox, any cloud service) can be lost minutes later. The process is simple. They try to login to your online account (which requires them to know your email address or bank account number) – and check the “Forgot Password” box. That generates a six digit code which is sent to the mobile number as a text. They enter that number online and then create a new password. They can also change the email address on the account, the security questions, etc. And, of course, empty the bank accounts – which is what they did to us.
They also took over a couple of my email accounts which, of course, they use to try to find out things like your bank account number, family details (birthdays, names, passport numbers, etc). All of which they can use for further identity theft. All of this took a few minutes from start to finish.
Fortunately we got our money back quickly (although I had to play hardball with the bank). We also got our mobile numbers back, that took a few days. And with those I could retrieve the lost email accounts.
So that’s how it happens. Here’s what I did afterwards to try to prevent it happening again.
Remove my public mobile number from all forms of 2FA.
Where possible, use a physical security token for 2FA for things like bank accounts. I set up new accounts with a new bank, got tokens on our accounts, and locked the accounts down so the token is required for every login. It means always having the token on my person but that’s a small price to pay.
Where a physical token isn’t possible, try to use a Time-based One-Time Password algorithm (TOTP) authentication app, like Google Authenticator. It works for Gmail, Dropbox, Evernote, Stripe, Facebook, Twitter, PayPal, etc. You need to provide a six digit code for every login and that code is provided the app on your phone (not the mobile number on the phone). An alternative is something like Yubikey, a USB-based physical token but support for Yubikey isn’t widespread yet.
Where I can’t use a physical token or GA, I have set up a separate, totally secret mobile number. It’s on a SIM card which is sitting in an old iPhone 4 I had lying around which surprisingly still works. It’s only purpose now is to receive 2FA texts. The number will never be made public and therefore should be difficult to fraudulently port.
Hope you find that useful. I highly recommend setting something like this up. ID Fraud is apparently a lot larger (and easier) than I previously understood.
I’m sure we’ve all seen some pretty dumb ass posts from Australians about our role in climate change over the last week. Just reading their arguments makes me think maybe climate change is a GOOD thing – not because their arguments hold any water, but because once we’re all dead, I won’t have to listen to their stupid shit any longer. These people are even dumber than anti-vaxxers.
But as an act of public service, I provide for you this rebuttal you can feel free to copy and paste, with or without attribution, as often as you like.
DEAR CLIMATE CHANGE DENIALIST:
First of all, stop pretending you have any respect for science. You don’t. Here’s how I know – people who respect science, listen to scientists. Not the fringe dwelling kind living under a bridge somewhere, but the consensus of scientists working in a field. Yes yes, we all understand that scientists on the fringes sometimes have good ideas – that is, in fact, how science works. But just because an idea is on the fringe doesn’t mean it’s correct. Before we accept it as being correct, it has to first be vetted by the majority of the scientists working in the field.
And the vast majority of climate scientists say your arguments about climate change are stupid. And you aren’t listening to them. So shut the fuck up and stop pretending that you give a shit about science. Fuck me sideways.
Second – we all know the human contribution to CO2 is small. And if you had paid ANY attention to the scientists, you would know that our small contribution is too much for the planet to handle. It’s like filling a bathtub to the brim with water… and then adding a small amount. The atmosphere is now, thanks to humans, overflowing with CO2. And that “small” amount has enormous consequences to life on this planet. It’s like if the overflowing bathtub was sitting on a live wire and you are standing on the floor beside it. But how did I get electrocuted? I ONLY ADDED A SMALL AMOUNT. How come you people are too stupid to STILL not know this? Fuck me sideways again.
Third – as for Australia’s contribution to CO2 levels, yes, it’s relatively small, because we have a relatively small population. But we’re also one of the largest producers of CO2 per capita. We are only 0.3% of the world’s population, yet we’re produce 1.1% of the CO2. The argument “oh we’re so small so it doesn’t matter what we do” is simply psychopathic. It’s like saying “I only committed 1% of the murders last year out of the total number of murders, so what does it matter?” If you had been around in the 1930s, I’m sure you’d be saying “we’re such a small country, what can we do about Hitler?” Fuck me sideways. You people. Listen – some Australians think we, as a nation, have a responsibility to be ethical. We aren’t great inventors – Australia didn’t invent the iPhone or Facebook – but we are a highly educated people with a lot of advantages. We’re fairly rich per capita and we have a pretty good life compared to most people on the planet. We also are the one of the world’s largest producers of coal, you know, that stuff that produces a lot of CO2. We also have a large coastline and lots of sun, hot rocks and wind that could be used to generate LOTS of green energy. So maybe we should try to pull our weight. And if we aren’t out there leading the world, showing them how it’s done, standing up and being counted, being as proud of ourselves as innovators on the climate change front as we were when we nailed a secret fin to a fucking sailboat, then we are part of the problem. YOU are part of the problem. And FUCK YOU for being that. Psychopaths.
Fourth – don’t fucking talk to me about the economic affects of trying to do something about climate change, you stupid fucking cunt. Just what do you think the fucking economic impact of the decline of coal as an export is going to be? Or the economic impact of rising temperatures and rising sea levels? Our current bushfires are NOTHING compared to what’s coming down the pipe. What is the cost of complete ecological collapse going to be? Coastlines under water. Farming completely fucked. Tourism fucked. The air and water will be fucked. How the fuck do you think the economy is going to work when we’re all fighting over the vehicle Max passed two days ago that could haul that tanker? Oh wait, you probably think you’re going to be Humungus in this scenario. But in reality you’re already proving yourself to be Toadie, Humungus’ sycophantic suck-ass. You’re already sucking on the engorged, dripping cock of the Murdoch press, so you won’t need to learn any new skills.
Fifth – you ask what could Australia’s government have done to prevent all of this? For a start, they could have taken the Garnaut report seriously. Then they could have tried to act like world leaders, not a bunch of numbnuts, sticking their heads in the sand. They could have helped the country prepare for the increasing heat and drought that Garnaut successfully predicted – you know, investing in fire-fighting and water infrastructure, that kind of stuff, instead of spending all of their energy trying to stop five people and a blind dog from getting into the country on a boat. They could have been ringing the alarm bells, at home and around the world, fighting the good fight against psychopathic behaviour from people like Trump, Murdoch and the fossil fuel industry. But they didn’t. Moron after moron has sat in the PM’s chair and done nothing, absolutely nothing, to prepare this country for the coming storm. Instead they have sucked on Murdoch’s dick. It must be getting crowded in Murdoch’s pants.
You’re embarrassing yourself. And you’re embarrassing us as a nation, because people are watching to see what we do. And you are making us all look like the deformed love children of Pauline Hanson and David Icke.
So please – do us all a favour and shut the fuck up.