It's not related to this particular breach, but given this and Uber's other issues, it's not out of the realm of possibility that at some point they had a more serious breach involving loss of password hashes or interception of credentials at login.
(But in all likelihood the poster's account was just compromised through the usual means, otherwise there would be more reports of hacked accounts.)
The article states that this disclosure came out of an board commissioned investigation into the activities of Sullivan’s security team. Do you think that other more serious breaches discovered by this investigation is hidden, or is this more of a general sentiment around how you perceive Uber?
in reality the house voted against requiring the government to add a clause into the EU Withdrawal Bill that would have then bound the government to include it as part of the EU withdrawal:
Clause 7, page 6, line 18, at end insert—
“(g) fail to pay full regard to the welfare requirements of animals as sentient beings.”
Member’s explanatory statement
This amendment holds Ministers to the animal welfare standards enshrined in Article 13 of the
Treaty on the Functioning of the European Union.
which isn't the same thing as "voting against animals feeling pain"
the government could still do this, just it isn't bound to
(the environment secretary has been on a bit of a roll recently, such as requiring CCTV in slaughterhouses, a total ban on bee-harming pesticides, and so on)
If they don't fork, everyone affected by this will lose all of their ETH.
Many would argue the correct thing to do is to not fork and say that people knew the risks beforehand, etc. But that's what people said last time and they still forked, with no (apparent) severe consequences other than complaining about integrity. Two forks may be harder to justify.
As a general trend, I don't think so, but this thread seems to be an anomaly. This is the first HN thread in a while where I felt like I stumbled into a default subreddit or something.
spez GbK4WZMpXZgmYlQ+H3/68Q== shill
daniel X03MO1qnZdYdgyfeuILPmQ== password
spladug Xee7PCMnQfRh88zRPBunoA== yee
neil KrljkMfb40Od500MmwsXZw== hunter2
neal Xr4ilOzQ4PCOq3aQ0qbuaQ== secret
sam BtgOsMULSaUJtJ8kJOjIBQ== dog
neel 0HfyRN74pw5ep1i9g1L82A== cat
kneel g+Spau2WQ2xiG5gJ4lizCQ== fish
kevin yOjfiVwsrhZrrQJ/3xUzWw== garbage
kavin 31PKJoJAynZnDIVm7lRWig== computer
kovin G43Qgw1Fk6OIrzganMC2WA== fish2
powerlanguage A9kE9Zud+aPy76hqmMj3lQ== eggdog
robin q67PjKP5jcE+7susJjzT7Q== bird
justin zRTDI5AgJOcshQqoKNY0pw== case
you bXHoGvP3ISkv0Fxrk0vS+Q== gullible
In terms of user security, that's just not a good idea. Google has likely prevented an absurd number of account compromises (and therefore identity theft, fraud, personal information leakage, espionage...) by recognizing logins from new devices and unfamiliar locations. Google's user account security practices are pretty much the best in the business.
It's silly to think Google doesn't already know everything about every device you log in from, so that horse is already out of the barn and running on the highway privacy-wise. They might as well use that information to actually protect their users since they're already using it for advertising.
I'm sure that Google's decision has improved the account security of the average user, but I'd really like it if there were some way I could signal them that I'm not an average user. My password likely has more entropy than the hash they check it against; if that gets compromised, the attacker also has access to any other information Google would use to identify me. Which is a joke anyway, since "which city do you usually log in from" is hard to answer when you've been using a VPN for more than a year. I dread the day when they make 2FA mandatory and my account security becomes vulnerable to a social-engineering attack hijacking my phone number.
You CAN add a phone number, then ask you use FreeOTP token, then delete the phone number. Great, right?
No. Because if you click that "I forgot my password / don't have access to my 2FA" button, they do let you use your phone number to identify yourself, even though you've deleted your number from your google account.
(But in all likelihood the poster's account was just compromised through the usual means, otherwise there would be more reports of hacked accounts.)