Telecommunications service provider, Smart Axiata, has blamed an employee for swapping a customer’s phone number to another person without approval after it was called out by the Ministry of Post and Telecommunications (MPTC) yesterday for failing to protect the rights and benefits of mobile phone service users.
Read more: https://cambodiainvestmentreview.com/20 ... e-service/
Smart Axiata blames rogue employee after regulator says company failed ‘to protect the rights and benefits of mobile pho
Love a nice pho.
Used to be a place in Kampot.
It’s just soup though.
Used to be a place in Kampot.
It’s just soup though.
pew, pew, pew, pew!
Keep this in mind if you use multi-factor authentication with a Smart sim. Sim-swapping by rogue employees in the West has resulted in financial losses when the "hackers" were able to take over internet banking or crypto accounts.....
Sensitive functions like these should be dual control with good logging/auditing. To deter other staff it might be a good idea if Smart terminated the contract....
Sensitive functions like these should be dual control with good logging/auditing. To deter other staff it might be a good idea if Smart terminated the contract....
I don’t have one smart cell in my body.
pew, pew, pew, pew!
2FA using anything related to a mobile number is completely broken, for anybody. It does not provide additional protection against somebody with malicious intends.
Why: The easy sim-swap and effectively "open" mobile phone communications.
What to do: Get separate 2FA devices and/or things like pregenerated OTP.
2FA using a mobile phone is broken for everything related to government and/or commercial trust/security.
Why: Mobile phones do have the options to receive "hidden/silent" sims, with configuration instructions. The interface for that with the rest of the phone is leaky, with the consequence, anybody with access to the phone uplink connection, is able to sent those instructions. Read about Pegasus.
What to do: Don't use mobile phones for anything serious.
Why: The easy sim-swap and effectively "open" mobile phone communications.
What to do: Get separate 2FA devices and/or things like pregenerated OTP.
2FA using a mobile phone is broken for everything related to government and/or commercial trust/security.
Why: Mobile phones do have the options to receive "hidden/silent" sims, with configuration instructions. The interface for that with the rest of the phone is leaky, with the consequence, anybody with access to the phone uplink connection, is able to sent those instructions. Read about Pegasus.
What to do: Don't use mobile phones for anything serious.
-
- Similar Topics
- Replies
- Views
- Last post
-
- 3 Replies
- 2030 Views
-
Last post by Spigzy
Fri Sep 06, 2019 6:04 pm
-
-
GIOVANNI MILITELLO is caught trying to steal a phone from bar staff, blames the wrong bar on social media
by Bong Burgundy » Tue Jul 14, 2020 11:28 pm » in Cambodia Speakeasy - 23 Replies
- 7473 Views
-
Last post by tuk-tukfish
Tue Jul 21, 2020 5:56 pm
-
-
- 0 Replies
- 2632 Views
-
Last post by Bong Burgundy
Wed Nov 08, 2023 6:13 pm
-
-
What are the health benefits of exercising on a bicycle?
by hoo da fook » Wed May 22, 2019 2:28 pm » in Health and fitness - 44 Replies
- 14217 Views
-
Last post by GMJS-440
Sun Mar 22, 2020 12:10 am
-
-
-
What are the health benefits of exercising on bicycle?
by Rachel83 » Mon May 20, 2019 2:22 pm » in Health and fitness - 9 Replies
- 2938 Views
-
Last post by logos
Tue May 21, 2019 9:58 am
-