No video
This might be the biggest hack ever...
The AT&T hack is terrifying. Snowflake being the cause is even MORE terrifying. 110 million or more were compromised.
SOURCES
techcrunch.com...
Ty Ph4se0n3 for the edit!
The AT&T hack is terrifying. Snowflake being the cause is even MORE terrifying. 110 million or more were compromised.
SOURCES
techcrunch.com...
Ty Ph4se0n3 for the edit!
Пікірлер: 71
Not sure why the government is concerned at all… “it’s just the metadata” right? That’s what they claim is no biggie to store
@lunalangton5776
Ай бұрын
They're concerned we'll realize what they can do with metadata.
@xuover
Ай бұрын
If like Theo said it is the call logs and each number can be uniquely identified its a massive leak. It would be possible to build a network of connected numbers. The type of linking is exactly what social networks do, and is the reason Meta (facebook) don’t charge for WhatsApp. It is such valuable data in the right hands
@NithinJune
Ай бұрын
i’m just happy the Feds are being more eu like and actually defending our data rigbts
@Kane0123
Ай бұрын
You must all be criminals… otherwise you’ve got nothing to worry about?
@zentec010
Ай бұрын
@@NithinJune Is that what you think they are doing protecting are rights? No, they are defending ATT meta data that they charge for, they stole revenue from ATT. The same data they sell to the government.
keving fang will have a field day. a roblox outage video just dropped and now AT&T hack? As modern vintage gamer would say: "Mistakes were made"
It's insane that that sort of data wasn't at least 2FA'd, locked to specific IP addresses for access and allowed an individual user to pull all the raw data.
@user-np8oz3zh1s
Ай бұрын
I run a site that allows businesses to store a lot of privacy sensitive information. It is my experience that most users hate 2FA, and using it leads to more support interactions. Since a couple of years we enforce the use of 2FA, but it has been a real struggle. Users simply don't understand the risks, or don't care. We also allow users to lock their IP, but hardly anyone uses this option. We don't even require users to understand what an IP address is, for them to use it. We also have a permissions system, and that seems to work somewhat better at preventing users from getting too much power, like exporting bulk data. We use job descriptions to set these permissions and I think that users are sensitive to the status that these jobs descriptions imply: "I'm a manager, but I'll let you just be a sales rep.". There's a clear hierarchy, and that helps.
@skulver
Ай бұрын
@@user-np8oz3zh1s A lot of that gets much simpler if you just require password manager usage, it lets you use one time login codes for most stuff. Passkeys could be an option too. For the IPs what I meant was that there should be a whitelist of IPs from which the server allows connections such that it is impossible to connect from outside your own corporate network which drastically increases the difficulty of a compromise. Obviously you can have a continuum here, someone looking at a few reports might not need much by way of security but someone who could, as in this case, export the entire corporate database, absolutely should be required to have a physical passkey and if they are not able to use one I'd argue they shouldn't have access to the entire corporate database. You are right though, different permissions require different security levels.
@friedpizza262
Ай бұрын
@@user-np8oz3zh1s your use case may make sense, but for a cloud service provider whose users are supposed to be technical using 2FA or other more advanced methods should be a requirement
"Data Warehouses were a mistake" -Everyone in AI
The question is why do we tolerate storing this information forever?
@petyrbaelish007
27 күн бұрын
Because most of us are sedated by modern life with video games, pron, endless online entertainment, and of course drugs.
GiB = Gibibyte and TiB = Tebibyte, not the same as Gigabyte and Terabyte.
AT&T has been showing they have a terrible understanding of security. its been breach after breach. not forcing your employees to utilize strong passwords and/or MFA is just beyond wild to me. as you've said, they'll likely go after the employee but in all honesty they should strengthen their security protocols and SOP's because this will just continue to happen.
People saying 2fa 2fa! password, password! Just know that 99.5% of the things do have proper protection, its that sneaky 0.05% that doesn't have protection. You protect 2000 endpoints properly, but it only takes 1 to mess you over
In this day and age, with 2FA available, passcodes etc, these companies should be held legally liable for these data breaches for not enforcing proper security protocols, and jail time is required imo for being negligent, vs just a slap on the wrist with a fines. I've seen other articles, like from Bloomberg, saying these breaches undermines national security. If you're storing sensitive data for millions of people, you are 100% responsible for protecting and securing it.
Honestly, if you didn't have general 2fa, I would at least expect a second level of authentication enforced for data exports... In one of my recent projects, if you are logged in as admin, you don't have actual admin access before you reenter your password to elevate your session, at which point it expires in 5 minutes of inactivity. That way at least session hijacking is reduced to minimal...
@Spiker985Studios
Ай бұрын
For other commenters, this is referred to as JIT elevation or JIT provisioning aka Just In Time
This is about leaked service account keys, which typically don't have 2 factor, because they are used by machines that need to access the platform on a daily. What is lacking in these systems is a way to automatically refresh these keys so that any leaked keys can no longer be abused. This isn't caused by folks leaking there personal creds
The issue here for Snowflakes is that it recently happened in end of May 2024 and at that time it was already one of the largest data breach ever. To have another of such breach less than 2 month after is really not good
Just shows how important 2FA is, especially in today's age...
If you're an AT&T customer, be extra warry of numbers you don't recognize. Also keep an eye out on communications from AT&T to learn more about what they may be offering to customers impacted by the breach.
I hate businesses naming themselves with technology. Like aight, my next company will be called for DNS will just be called Router, or LLM, or just flatout naming it REACT Inc.?
Aside from the account being breached, why did the system allow data to be exported out to the public internet?
*Battened down, not buttoned down.
Damn your content quality is top notch. I thought this video had millions of views until i saw it had like thousands.
well now its something else...
These big companies keep cutting corners to save costs with these third party vendors and the government is letting do this shit.
Love your vids Theo. Watch you most, if not every day. The use of words like terrified and scary are starting to get to be a lot. This one is kinda scary, but in some other cases, it feels a bit too much like the fear mongering that the tv “news” networks use. Anyway, just my opinion. Thanks for the good content man!
why tf are they even keeping these records in the first place?
Hopefully they won't be fined too much for it 😂
@niamhleeson3522
Ай бұрын
I don't think you will have to worry about that.
@niamhleeson3522
Ай бұрын
Haha
I’m wondering how snowflake does not recognize unknown ip or location where user is logging in.
Wow, I like that t-shirt.
"6 views, bro fell off"
@Loggerr
Ай бұрын
it posted 2mins ago lol
@shapelessed
Ай бұрын
On a Saturday...
wait aws has 2 factor authentication
Theo being an web app dev , please bring your head out of your arse. In AWS also loosing an API key is enough to get access to s3
you look five years younger on your days off
Let me guess.... They didn't have 2FA setup. ( EDIT: I should finish the video before I comment. MY bad)
Is this a commercial for AWS? You should host at home on a local network before going cloud provider.
I find the “I don’t expect you to know what Snowflake is” attitude from app developers very weird. Snowflake is industry standard DW, and used in small - med businesses as well as megacorps.
@NicolastheThird-h6m
Ай бұрын
Well, There are people interested in cybersecurity who doesn't work with bigdata and cloud services.
TL:DW; don't use Snowflake
@shapelessed
Ай бұрын
I literally just finished an event at their local office. Funny...
@MohaaAbdi
Ай бұрын
It’s not solely snakeflow’s fault. It’s mainly AT&T’s fault
@tinahalder8416
Ай бұрын
TLDR , use SSO , Okta or Duo with snowflake, always
Was attack of the pokemone fans again?
Yeah this is terrible that a whole DB can be accessed by one account without MFA set up, but I fear more a world where I have to sit at a computer and press my yubi-key for each layer of required MFA that underlying services depend on. MFA exists in spite of JWT, so we cannot simply reduce a potential MFA authentication chain to a single authentication. MFA is based on distrust of outside credentials. If you remove the option to automate then the computer becomes pen & paper. I'm against mandated MFA without having a super MFA that authenticates multiple layers of MFA.