top | item 36766756 (no title) asd88 | 2 years ago > The inconvenience to the deactivated account is minor: one SMS verification code and the account is back, queued messages get received, etc.Unless I spin up simple automation to deactivate your account every hour. discuss order hn newest yokto|2 years ago This is trivial to mitigate with per-account rate limiting.On top of that, if a specific account is targeted at the rate-limit, a flag could be put in place to let support disable the automation for that account. dotancohen|2 years ago And once that happens, I then steal the target's phone.If we're talking about deactivating someone's account via email, we are already talking about a targeted attack. load replies (1)
yokto|2 years ago This is trivial to mitigate with per-account rate limiting.On top of that, if a specific account is targeted at the rate-limit, a flag could be put in place to let support disable the automation for that account. dotancohen|2 years ago And once that happens, I then steal the target's phone.If we're talking about deactivating someone's account via email, we are already talking about a targeted attack. load replies (1)
dotancohen|2 years ago And once that happens, I then steal the target's phone.If we're talking about deactivating someone's account via email, we are already talking about a targeted attack. load replies (1)
yokto|2 years ago
On top of that, if a specific account is targeted at the rate-limit, a flag could be put in place to let support disable the automation for that account.
dotancohen|2 years ago
If we're talking about deactivating someone's account via email, we are already talking about a targeted attack.