Sign in / up

back to article Shuttered Instagram holes opened 20 million accounts to hijack

Security consultant Arne Swinnen says Instagram has shuttered brute force authentication holes that allowed hijacking of some 20 million accounts. The NVISO infosec man says an absent authentication control coupled with an insecure direct object reference vulnerability meant attackers could commandeer some four percent of …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    ... and this is why I can't trust any of these jokers with my phone number for 2-factor authentication.

    4 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    And the real issue is....

    ... .why these companies need your phone number in the first place?

    The whole Internet worked pretty well without asking your phone number for many years... then came the data slurping companies looking for unique IDs...

    Event "two factor auth" is often just a bait to make you give them your unique ID....

    2 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: And the real issue is....

      Bait is the word, especially when it's Google asking.

      "We know you refused the last 50 times, but how about maybe giving us your phone number this time. It will er ... make your account safer and stuff".

      2 0 Reply
      1. solo
        Reply Icon

        Re: And the real issue is....

        The real issue is, why even trivial products have been allowed to become so important in our life. Looking the world through other people's lenses is invaluable, I am actually talking about phone numbers.

        1 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    will there be another fappening?

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like