Re: Google mail and security to stupid levels!
Social engineering, eh? Mmm, time people looked for the padlock and made sure the address in the address bar is what they expect. Yes, yes, asking the impossible, I know. But still the only viable solution, unless we'd all like to have an Internet run exactly like the iOS App Store.
If services like Google's are to be trusted with all this important data (and I'm damned if I understand why they should), then I think they need controls sufficient to let users decide what level of security is required, such as the second factor. What I take issue with fundamentally is the idea that users can't be trusted with security. It's exactly like all these fraud detection systems at banks, the only practical consequence of which are to lower the bar on security, cost the banks (and hence the taxpayer) in reparations, and piss off customers. Nobody wants risk or liability, I understand completely, but an authentication mechanism should stand alone on merit. Other wise it's just snake oil that leads people to a false sense of security.
_______________________________________________ Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector