nanog mailing list archives
Re: gmail security is a joke
From: Jim Popovitch <jimpop () gmail com>
Date: Wed, 27 May 2015 17:06:17 -0400
On Wed, May 27, 2015 at 4:52 PM, Harald Koch <chk () pobox com> wrote:
Y'all are way too trusting ;)
Or we are much more comfortable with our knowledge. Six in one,....
If I recall from a brief experiment yesterday, three of the four options on that page are variations on "I'd like to bypass 2-factor authentication". There is really no point in any of Google's fancy account security if I can bypass all of it using Google's Identity Verification process, especially if that process is based on PII that isn't terribly difficult to obtain.
I think you are overly simplifying a piece of a very large, very complicated, highly dynamic, and daily reviewed, security pipeline. Google's Account security is not a 1 man in the basement operation. You tell me the Sender, time, last Received line, and byte size, of all the emails I received on 1-Jan-2015 and I will give you $100 per email.... or this thread can just die a miserable hypothetical death that it deserves. -Jim P.
Current thread:
- Re: gmail security is a joke, (continued)
- Re: gmail security is a joke Justin M. Streiner (May 29)
- Re: gmail security is a joke Rich Kulawiec (May 30)
- Re: gmail security is a joke Alex Brooks (May 26)
- RE: gmail security is a joke Thijs Stuurman (May 26)
- Re: gmail security is a joke Harald Koch (May 26)
- Re: gmail security is a joke Anil Kumar (May 26)
- Re: gmail security is a joke Valdis . Kletnieks (May 27)
- Re: gmail security is a joke Rafael Possamai (May 27)
- Message not available
- Re: gmail security is a joke Larry Sheldon (May 27)
- Re: gmail security is a joke Harald Koch (May 27)
- Re: gmail security is a joke Jim Popovitch (May 27)