TechCrunch: A leaky database of SMS text messages exposed password resets and two-factor codes. “A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more. The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages.”
SMS
MakeUseOf: How Sending One SMS Message Can Back Up a Web Page to Google Drive
MakeUseOf: How Sending One SMS Message Can Back Up a Web Page to Google Drive . “Here’s a fast way to save an article or a web page. Just SMS that URL to yourself and save the web page as a PDF file to your Google Drive account to read later.” NICE.
How-To Geek: How to Set Up Craigslist Alerts (for Email or SMS)
How-To Geek: How to Set Up Craigslist Alerts (for Email or SMS). “Whether you’re looking for apartments or used gadgets on Craigslist, you don’t have to keep checking the website. You can stay on top of things by getting notified when new posts go up that match your searches.”
Ars Technica: Password breach teaches Reddit that, yes, phone-based 2FA is that bad
Ars Technica: Password breach teaches Reddit that, yes, phone-based 2FA is that bad. “In a post published Wednesday, Reddit said an attacker breached several employee accounts in mid-June. The attacker then accessed a complete copy of backup data spanning from the site’s launch in 2005 to May 2007. The data included cryptographically salted and hashed password data from that period, along with corresponding user names, email addresses, and all user content, including private messages. The attacker also obtained email digests that were sent between June 3 and June 17 of this year. Those digests included usernames and their associated email address, along with Reddit-suggested posts from safe-for-work subreddits users were subscribed to.”
MakeUseOf: How to Send Text Messages Using Email
MakeUseOf: How to Send Text Messages Using Email. “There are quite a few messaging apps that you can use from the comfort of your computer, but if you’re looking for a quick and easy way to send text messages without whipping out your phone, most US carriers make that pretty easy too.”
The Verge: Facebook admits SMS notifications sent using two-factor number was caused by bug
The Verge: Facebook admits SMS notifications sent using two-factor number was caused by bug. “Facebook this evening clarified the situation around SMS notifications sent using the company’s two-factor authentication (2FA) system, admitting that the messages were indeed caused by a bug. In a blog post penned by Facebook Chief Security Officer Alex Stamos, the company says the error led it to ‘send non-security-related SMS notifications to these phone numbers.'”
Warning: A simple text message can crash iOS and macOS (BetaNews)
BetaNews: Warning: A simple text message can crash iOS and macOS. “The chaiOS bug, as it’s been dubbed, links to a page of code on GitHub. When the recipient clicks on the link, Apple’s Messages app freaks out, and ultimately crashes. Bugs like this are a nuisance rather than a genuine worry, and Apple does tend to roll out updates for such issues pretty quickly, so there’s a good chance it will be fixed in the near future.” I don’t think this has been weaponized, so it’s more of an “Oh boy this is annoying” issue than a security issue.
