HackerTrans
TopNewTrendsCommentsPastAskShowJobs

squirrel_fetus

no profile record

comments

squirrel_fetus
·3년 전·discuss
Pretty cool! The question is how cool?
squirrel_fetus
·4년 전·discuss
The way I interpret it, the worry is that something happens that allows Google, Apple, Microsoft, or some other password aggregator to take advantage of a perfect storm event (whether real or manufactured surreptitiously).

An example situation that comes to mind most easily would be some password aggregator having passwords stolen without realizing it. Let's assume that there's some backdoor or vulnerability in at least one system that allows bulk downloading of unencrypted username/password pairs and contact information. Then let's say a kid gets hold of that and thinks it might be funny to bulk send everyone's passwords to all of their contacts.

The password aggregator that has a truck driven through its security hole hopefully looses business. But then Google, Apple, Microsoft, etc., say something to the effect of...

"See? You really can't trust *anyone* but us. We are truly perfect and without any more truck holes of course. If people really wanted independent 2-factor authentication, they would have used it! Lots of people didn't, and look what happened. We need to save people from themselves!"

...Then the hooks come out.