Telecommunications service provider, Smart Axiata, has blamed an employee for swapping a customer’s phone number to another person without approval after it was called out by the Ministry of Post and Telecommunications (MPTC) yesterday for failing to protect the rights and benefits of mobile phone service users.
Read more: https://cambodiainvestmentreview.com/20 ... e-service/
Smart Axiata blames rogue employee after regulator says company failed ‘to protect the rights and benefits of mobile pho
Love a nice pho.
Used to be a place in Kampot.
It’s just soup though.
Used to be a place in Kampot.
It’s just soup though.
I no you don’t no. Know way to no.
Keep this in mind if you use multi-factor authentication with a Smart sim. Sim-swapping by rogue employees in the West has resulted in financial losses when the "hackers" were able to take over internet banking or crypto accounts.....
Sensitive functions like these should be dual control with good logging/auditing. To deter other staff it might be a good idea if Smart terminated the contract....
Sensitive functions like these should be dual control with good logging/auditing. To deter other staff it might be a good idea if Smart terminated the contract....
I don’t have one smart cell in my body.
I no you don’t no. Know way to no.
2FA using anything related to a mobile number is completely broken, for anybody. It does not provide additional protection against somebody with malicious intends.
Why: The easy sim-swap and effectively "open" mobile phone communications.
What to do: Get separate 2FA devices and/or things like pregenerated OTP.
2FA using a mobile phone is broken for everything related to government and/or commercial trust/security.
Why: Mobile phones do have the options to receive "hidden/silent" sims, with configuration instructions. The interface for that with the rest of the phone is leaky, with the consequence, anybody with access to the phone uplink connection, is able to sent those instructions. Read about Pegasus.
What to do: Don't use mobile phones for anything serious.
Why: The easy sim-swap and effectively "open" mobile phone communications.
What to do: Get separate 2FA devices and/or things like pregenerated OTP.
2FA using a mobile phone is broken for everything related to government and/or commercial trust/security.
Why: Mobile phones do have the options to receive "hidden/silent" sims, with configuration instructions. The interface for that with the rest of the phone is leaky, with the consequence, anybody with access to the phone uplink connection, is able to sent those instructions. Read about Pegasus.
What to do: Don't use mobile phones for anything serious.
-
- Similar Topics
- Replies
- Views
- Last post
-
- 3 Replies
- 1121 Views
-
Last post by Spigzy
Fri Sep 06, 2019 6:04 pm
-
- 23 Replies
- 7385 Views
-
Last post by C-Mon
Mon Sep 11, 2017 10:02 pm
-
-
GIOVANNI MILITELLO is caught trying to steal a phone from bar staff, blames the wrong bar on social media
by Bong Burgundy » Tue Jul 14, 2020 11:28 pm » in Cambodia Speakeasy - 23 Replies
- 6518 Views
-
Last post by tuk-tukfish
Tue Jul 21, 2020 5:56 pm
-
-
-
Back to dating Westerners after failed Khmer relationship?
by seidier » Mon Dec 04, 2017 5:08 pm » in Family, children and relationships - 23 Replies
- 12557 Views
-
Last post by logos
Thu Dec 06, 2018 11:18 am
-
-
-
PM blames US Embassy as mastermind behind Sokha "treasonous plot"
by kansaicanuck » Tue Sep 12, 2017 10:05 am » in Cambodia News - 78 Replies
- 12276 Views
-
Last post by cyclingqueen
Mon Sep 18, 2017 10:14 am
-
