America’s National Institute for Standards and Technology has advised abandonment of SMS-based two-factor authentication.
That’s the gist of the latest draft of its Digital Authentication Guideline, here. Down in section 220.127.116.11, the document says out-of-band verification using SMS is deprecated and won’t appear in future releases of NIST’s guidance.
The change was first foreshadowed in May, with the agency now kicking off the first round of public comments for the document.
For now, NIST says a service still using SMS verification needs to confirm that it’s sending messages to a mobile number and not a VoIP service.
The body also says users need better protection against having messages hijacked, for example by an attacker persuading the service provider that the number has changed: “Changing the pre-registered telephone number SHALL NOT be possible without two-factor authentication at the time of the change”, the document states [NIST’s caps – Ed].
Oligarchs are all about obtaining power in whatever manner they can manage. One of their key methods is to “buy” those in positions of political power or groom one to be inserted into the mix when it is convenient for them. All of it is based on utilitarian concepts and how useful the individual is. When the individual displeases them or fails to perform, then the individual is “removed.”
We have seen numerous instances both domestically and abroad where this has happened, be that at the behest of Soros, Buffet, Gates, Zuckerberg…the list is long and distinguished. Hillary Clinton is, in this case, the oligarch in question here. Make no mistake: she is a form of an oligarch, positioning herself to become the president. Her industry: politics. She and her husband have made politics more than just an art form. They have made it a lucrative endeavor, whether selling secrets to the Chinese and then benefiting after “they” leave office, or the innumerable public speaking venues at a quarter of a million per speech, per say, complementing her book signings during these venues.
Fast-forward to Benghazi, Libya, on September 11, 2012 with the attack on the U.S. Consulate. A U.S. Ambassador and his staff were murdered…a Democrat ambassador, mind you…they do “eat their own” when necessary. Hillary Clinton was then Secretary of State. Before any charges could be filed, she tendered her resignation. We all knew that would happen and it did. Fast-forward, and after a few mock investigations by paper tigers of Congress on the hill, she was not brought up on any charges regarding Benghazi, and the principal (Obama) was shielded completely.
The Apache HTTP server and KeePass password manager are to get a free code audit, courtesy of a pilot European Commission project.
The EC-FOSSA (free and open source software auditing project) pilot was conceived by the European parliament in 2014, and given €1 million to work with. As well as code audits, it’s got the daunting job of creating an inventory of open source software in use throughout the parliament and the European Commission.
EC-FOSSA asked the public to nominate projects for the first audit, and those two were far-and-away the most-nominated, with 23.1 per cent of the 3,282 comments nominating KeePass, and 18.7 per cent favouring Apache.