41
submitted 10 months ago by Blaze@lemmy.zip to c/securitynews@infosec.pub

cross-posted from: https://lemy.lol/post/18411383

I just got the email from haveibeenpwned. F Trello.

top 14 comments
sorted by: hot top controversial new old
[-] HeartyBeast@kbin.social 12 points 10 months ago* (last edited 10 months ago)

Thanks for the heads-up, I've just changed my password

Edit - Duh, passwords weren't actually leaked - the ttackers queried Trello with email addresses and got back names, usernames and if the addresses were valid.

[-] EmperorHenry@infosec.pub 8 points 10 months ago

remind me again how digital IDs are going to make us safer when every company with people's personal details is constantly getting hacked?

[-] ComradeKhoumrag@infosec.pub 1 points 10 months ago

Centralized or decentralized digital ID?

[-] EmperorHenry@infosec.pub 1 points 10 months ago

Neither! They're both a bad idea.

[-] ComradeKhoumrag@infosec.pub 1 points 10 months ago

If it's decentralized, you're original point about companies being able to get hacked doesn't apply anymore

[-] EmperorHenry@infosec.pub 1 points 10 months ago

Digital IDs are still horrible.

[-] ComradeKhoumrag@infosec.pub 2 points 10 months ago

The current ID system we have - social security numbers - are infinitely worse. Add 1 to it and it's another valid SSN. Most of the numbers can be determined with regional info

[-] EmperorHenry@infosec.pub 1 points 10 months ago

I don't know who's paying you and all the others to say that shit, but digital IDs aren't about keeping anything safe, it's about controlling the population and locking them out of society when they misbehave. If you make any political statement that rocks the boat you don't exist anymore. If you become a whistleblower, you don't have any freedom anymore. If you do anything at all that the oligarchs don't want you to do, you're not a person anymore.

[-] ComradeKhoumrag@infosec.pub 1 points 9 months ago

No one's paying me anything, and I'm well informed of the civil liberty issues surrounding government IDs in general, let alone digital or paper.

What I am referencing is decentralized digital ID. There is no ominous they or third party who could control you with a decentralized digital ID. We already have a pretty shitty ID system, but a better ID system with less centralized control can exist

[-] EmperorHenry@infosec.pub 1 points 9 months ago

digital IDs are still hackable, even if you have total control over your own, it's still hackable and it gets tracked everywhere you have to show it.

[-] ComradeKhoumrag@infosec.pub 2 points 9 months ago

Everything is hackable, even the current form of id we have which is SSN. Decentralized digital ID is orders of magnitude harder to hack, and has even less government control over the ID process. The expectation value to crack modern encryption is measured on eons even if you're using all the power in the sun and physically perfect efficiency in energy to computation conversion

[-] EmperorHenry@infosec.pub 1 points 9 months ago

Everything is hackable,

and digital ID won't make it any better

@EmperorHenry do... Do you think you're somehow immune to this today? People who piss off the powers that be today are silenced pretty effectively. Nobody needs any digital ID infrastructure to do that.

[-] infinitevalence@discuss.online 7 points 10 months ago

Well I deleted my account today so good job I guess.

this post was submitted on 23 Jan 2024
41 points (100.0% liked)

Security News

2489 readers
1 users here now

founded 2 years ago
MODERATORS