|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Message-ID: <411BFE94.8010105@securescience.net> Date: Thu, 12 Aug 2004 16:34:44 -0700 From: Lance James <lancej@securescience.net> MIME-Version: 1.0 To: joe@recompiled.org Cc: bugtraq@securityfocus.com In-Reply-To: <3d91e7f90408112133fbd6c54@mail.gmail.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Joe Eversole wrote: > On Wed, 11 Aug 2004 14:10:18 -0700, Secure Science Corporation > Advisory Notice <bugtraq@securescience.net> wrote: > > >>Solution: >>- --------- >>Add 2-factor authentication (passcode requirement) by default and cease >>implicit trust of Caller-ID information. > > > T-Mobile's messaging system (in Indianapolis, at least. I do not know > if they have migrated to a single VM system) has a setting the user > can specify to require passcode when calling from mobile phone. Hence, by default! It is not on by default. > > --je > > -- Best Regards, Lance James Secure Science Corporation www.securescience.com
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |