In the early morning hours of October 21st, 2014, Partap Davis lost $3,000. He had gone to sleep just after 2AM in his Albuquerque, New Mexico, home after a late night playing World of Tanks. While he slept, an attacker undid every online security protection he set up. By the time he woke up, most of his online life had been compromised: two email accounts, his phone, his Twitter, his two-factor authenticator, and most importantly, his bitcoin wallets.
In this article, Partap Davis spent weeks tracking down exactly how it had happened. In this article, “Anatomy of a Hack” is revealed.
I use ChatSecure + Orbot
Cryptocat is a nice alternative using Facebook contacts, though I never used it.
By flawless, it is meant that there is zero error; the prediction is not just close to the result, it is exactly the result.
If you want to learn how to do that, or learn how not to be fooled by fake predictions, read this extremely well-prepared article:
“The odds favor the attacker. Bad guys have more to gain by examining a system than good guys. Defenders have to protect against every possible vulnerability, but an attacker only has to find one security flaw to compromise the whole system.”
“Security is different from any other design requirement, because functionality does not equal quality. If a word processor prints successfully, you know that the print function works. Security is different; just because a safe recognizes the correct combination does not mean that its contents are secure from a safecracker.”
“The Most Expensive One-byte Mistake” by Poul-Henning Kamp:
One-sentence summary: It is not just your name, id-number, address, phone-number, or similar things that can be used to identify you; many other unimaginable ways are possible…
“Behind Intel’s New Random-Number Generator” by Greg Taylor and George Cox [September 2011]