Pages

Friday, 25 May 2018

Facebook security

Facebook recently announced that they tightened up their security, and have removed 583 fake accounts.

And they've put uip a notice saying that if you log in from a different computer, they're going to do a check on whether you're really you. Which sounds nice.

So we went away for a few days, and I logged in from the hotel's wifi, using a portable I took with me. So the IP address was different, and if Facebook had dumped any cookies on my computer, they weren't on this laptop.

Facebook immediately spat me out. So this is their security is in action. But what happened next ...

They asked me for a mobile number, so they could send a six digit verification code. Obviously I'm not going to give them my usual number. I dn't want to start getting spam on it.

So, I went around the houses. I have an old iPhone 4, inherited from Ladysolly a while back, and just festering in a drawer. I went to Vodafone to get it unlocked, which was pretty easy. Then I did a full reset, to wipe off all the data.

Then I went to freedompop.com. You pay £7 or so, and you get free minutes, texts and data. Not very much, and I think they're hoping I'll top up and pay for more. But I won't. And as a surprise, they gave me a second sim for an extra 1p. Nice. So I put the sim into the old iPhone, and gave Facebook that number.

And Facebook was happy, and I was happy, and everything is tickety-boo.

But.

Facebook didn't actually do any verification of me at all. All they verified, is that the person who logged in, also owns a phone.

It's just more "Security Theatre".

So. In future, when I go away, I'll VNC into the computer that Facebook expects me to be using, and they'll never know that I'm hundreds of miles away, using my laptop. I tested it, and it works fine.




No comments:

Post a comment