The Armageddon Of Stupidity: SMS Password Management SNAFU

via Zack Whittaker, reporting at Techcrunch, comes what may be the Armageddon (or should be) of SMS Messaging to facilitate password resets, password modifications, and two-factor authentication codes. The stunning level of incompetence displayed by the owners, managers and administrators of the system under scrutiny is quite simply astounding (No server level password, database open to the internet, et cetera). And… Then There’s This.

“The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages.” – via Zack Whittaker, writing at Techcrunch, comes the astounding story of incompetence and a nearly complete lack of competency…

*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.infosecurity.us/blog/2018/11/17/the-armageddon-of-stupidity-the-sms-password-management-snafu