Post AV2jAdLct6Mm2YVDvM by varx@infosec.exchange
 (DIR) More posts by varx@infosec.exchange
 (DIR) Post #AV2jAcrqfoXyYCZRVg by lopta@mastodon.social
       2023-04-25T22:56:12Z
       
       0 likes, 0 repeats
       
       Is everyone signing out of their Amazon devices, setting up 2FA and changing passwords?
       
 (DIR) Post #AV2jAdLct6Mm2YVDvM by varx@infosec.exchange
       2023-04-26T02:28:55Z
       
       0 likes, 0 repeats
       
       @lopta I reset my password using the "compromised account" feature, since it just took a moment. Little to lose. However... I'm not convinced yet that there's a legitimate threat, so I haven't done anything beyond that.(I don't use 2FA with Amazon because their 2FA support kind of sucks, and I don't have any "devices".)It's easy for people to think they've found something serious and be dead wrong about it. I know this from the perspective both of someone who has raised a false alarm, and of someone who has to field security disclosures. So I'm holding this with some uncertainty, and I figure we'll know soon enough.
       
 (DIR) Post #AV2jAdswtD1Nhu5prc by feld@bikeshed.party
       2023-04-26T11:53:07.184645Z
       
       0 likes, 0 repeats
       
       Based on the bizarre response he sent back I think the guy's full of shit because if those things aren't compromised there's no good reason to do a thorough reset of them