|
|
|
|
|
|
by colechristensen
2350 days ago
|
|
|
It is, in many ways, a worse vulnerability than rubber-hose cryptanalysis. When you run away from the person with the hose, you can change your passwords and they won't be compromised any more. If somebody has your phone, a physical address associated with you, and some basic biographical information, they can continue recovering access to your accounts in a way which is difficult to escape, especially because of the misplaced trust in using phone numbers for security. The threat in that situation is being vulnerable and having to digitally escape as well as physically escape, and if you don't do both simultaneously you can be continuously compromised in a way which is very difficult to succeed. |
|
|