earrietadev.xlm
@earrietadev
Followers
217
Following
207
Media
6
Statuses
201
Founder at Creit Tech Software developer and Blockchain user | Creator of @xBullWallet and @SorobanDomains
Joined September 2019
Imagine being a foreigner who is not in the fcking country trying to teach people from the fking country what it’s actually happening in the fking country. People like this doesn’t even know what the Tascon list is… same people who believe sanctions are the reason.
@MichaelAArouet Blaming everything just on socialism is simplifying things and basically telling a false narrative. In year 2005 USA started sanctioning Venezuela. Over the years the sanctions have just gotten worse and worse, crippling the countries exports and imports. In August 2019,.
2
0
1
RT @alpacasw: Bitcoin is not under attack. A pair of arrogant and incompetent developers who openly courted criminals and operated in a way….
0
10
0
Es hasta poetico que las personas que estan promoviendo una plataforma como se estan doxeando asi mismos sin darse cuenta 🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣.
0
2
1
Security is always a work in progress and we all could be hacked at some point, what we need is to spread information so others are aware of all the possible vectors. Remember, total security is really hard so it's better to put as many barriers as possible.
1
0
2
But what about you? (the user). Well, some good practices:. - Avoid opening sites you don't know.- Do not download files from random websites.- Never click on email links and instead manually go to the site.- Do not use apps you don't trust.- Tell this to all of your relatives.
1
0
1
Another cool thing some websites include is that if they see you are using your account from a different IP, they will let you know something is weird. yeah I know this could be seem as a privacy concern because they are saving your IPs but your IP is public anyways.
1
0
1
Another good one: websites should let you remove all of the open sessions without hesitation, let the user go through the pain of signing in in all of the places again. This is probably your best shot to solve this type of attack, after this change everything just in case.
1
0
1
For example, websites should prevent your account's password from being changed if you don't confirm it with your 2fa options (looking at you google). Yeah I know is not "user friendly" but sometimes we should annoy the user in pro of its security (looking at you apple).
1
0
1
But what if I tell you that none of that will work with a session stealing attack?. If you are the victim of this type of attack it doesn't matter, the hacker will still have access to the account. In such situations, what you can do AFTER the hack is what actually matters.
1
0
1
What are the general rules we have been told?:. The first rule is always: Set up 2fa and avoid like plague SMS 2fa. The second rule is using a hella difficult UNIQUE password like this: 3*NyTrVM^mN8dLGZiG@@GjT3mns9XEZZ#. And if you can set up a physical device then even better.
1
0
1
Even doe I agree with using proper 2fa solutions in order to avoid a possible hack. We also need to know that is not the magic solution either. Let's talk about session token stealing so we don't fall into the false sense of total security trap: 🧵.
Every day for the past couple months we've seen big twitter accounts get taken over & used to blast out phishing sites. Literal *children* execute sim swaps with their eyes closed to gain access to these accounts. The real question is HOW TF ARE YOU STILL USING SMS 2FA?!
1
3
7
RT @DenelleDixon: Important! We are investigating a takeover of twitter account Please do not trust comms from that….
0
202
0
This is a scam, the official account has been compromised, do not interact with this.
0
1
4
Btw the problem is not the existence of a recovery method, I myself keep my seed phrases encrypted on the cloud (yeah, call me crazy). The problem about the Ledger situation is this: the false claim made before.
0
0
0
On another episode of: How not to explain something. "Don't you guys have phones?".
1
0
1
RT @SorobanOfficial: New here? Meet Soroban 👋 . Soroban is a high-performance smart contract platform that’s purpose-built for developers.….
0
128
0
So their customer support told me that I needed to wait until I came back to Chile before I was able to use MY money. And people still ask me why I see value in cryptos. I'm ok in those situations cuz I currently have a bunch of bank accounts but that was not always the case.
0
0
1
Last week I was in Uruguay, my main chilean bank account decided to blocked my credit card while I was there so I went to the app and the app said I needed to receive an SMS so they can confirm I am who I am. I'm not even in the country and they were not able to deliver the SMS.
1
0
2
There are people who will never understand something they have never seen or lived, and that's ok because we all are ignorants in something. But when we don't want to see the truth even if is in from of us. That becomes a problem.
0
0
3