[nour_]

Dick Morrell urgently advising Amazon users to sign out of all devices, reset their passwords, and delete 2FA tokens due to an unspecified security issue. The issue appears to be related to Amazon Echo devices, which have been accused of scanning users' Wi-Fi networks and sending detailed profiles of network equipment back to Amazon. The code for this functionality is allegedly contributed by the US National Security Agency, raising concerns about privacy and unauthorized surveillance. Users are encouraged to take immediate action to protect their accounts and devices, as the full extent of this security problem is still unclear.

[MiguelHudnandez]

It's unclear if he's also recommending to leave echo devices disconnected, or just cycling the auth info.

Based on what he's sharing now, there are hints of two issues:

1) authentication information including MFA secrets might be leaked and need to be cycled. (this would be surprising)

2) Echo devices perform undisclosed reconnaissance on nearby wifi networks (not particularly surprising)

These seem like totally separate issues with different impacts and different mitigation techniques.

[zamnos]

What do you mean undisclosed?

It's totally right there! Right in the privacy policy no one read, on page 53, in size 2 font, in the cellar, in the display department, in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.'

[Freedom2]

Is there any evidence of this policy existing? What sources do you have that there is indeed a door with a sign that says as such?

[rideontime]

This user appears to be generating comments with GPT.