Kevin Lee recently co-wrote a fascinating study about how easy it is for an attacker to gain control of another person’s cell phone. From there, the attacker can use the phone’s multi-factor authentication tool – usually a security code provided over a text message -- to do all kinds of damage, including making unauthorized purchases. As part of the study, his research team managed to fool five wireless carriers, including Verizon Wireless, AT&T and T-Mobile, into moving a customer’s account to a different phone’s SIM card without their permission. He’s a doctoral student in computer science at Princeton, affiliated with the Center for Information Technology Policy.
There’s been a lot of anxiety lately about the security of the American balloting infrastructure, but Andrew Appel has been thinking about this question...
We take our mobile phones everywhere we go, and it’s become scary easy for services and apps to collect information about our movements. But...
Does anyone actually read privacy policies? What's in them, and why can't we usually understand them? On our second season finale, we’ll talk with ...
