waxwing on Nostr: Yeah I'm less concerned about the NSA type threat (if they want to "do" my github ...
Yeah I'm less concerned about the NSA type threat (if they want to "do" my github account I'm sure they can), more the "uh oh because of a bug in the auth protocol or the auth app, hackers can take over accounts" or something like that.
I mean, it is *2* FA, not 1 FA, so in theory it's not that simple, I'm just thinking in very vague terms about "central points of failure" and also "complexity is the enemy of security" (people end up often looking for shortcuts if you make security policies really burdensome).
Published at
2023-08-23 22:02:03Event JSON
{
"id": "c6c6fa225cecaf2760023210c4f61f569aef0f57929a26f66a4da6bd7414a923",
"pubkey": "675b84fe75e216ab947c7438ee519ca7775376ddf05dadfba6278bd012e1d728",
"created_at": 1692828123,
"kind": 1,
"tags": [
[
"e",
"7e00773f22bd938496cf5576696c38feb3a09473f8dab6a25b080ad083bf8b80",
"",
"root"
],
[
"e",
"cb8d6dd6b69ceb075708fe4a4fb648792ce611332f81682f321a539cbc20235a",
"wss://relay.damus.io/",
"reply"
],
[
"p",
"8685ebef665338dd6931e2ccdf3c19d9f0e5a1067c918f22e7081c2558f8faf8"
]
],
"content": "Yeah I'm less concerned about the NSA type threat (if they want to \"do\" my github account I'm sure they can), more the \"uh oh because of a bug in the auth protocol or the auth app, hackers can take over accounts\" or something like that.\n\nI mean, it is *2* FA, not 1 FA, so in theory it's not that simple, I'm just thinking in very vague terms about \"central points of failure\" and also \"complexity is the enemy of security\" (people end up often looking for shortcuts if you make security policies really burdensome).\n",
"sig": "6fb9fe3f3d5d1a9e9697ad9260e8614339539fafdf22d242119f73de45536819096bf071576739d5ef6ec15473e75c1efcd1a6846a4d36c95a8b2f15ede38a36"
}
