lucretius

Next, some seller of tweeks, inspired by this thread, will be offering for sale, toilet paper with "special" properties for audiophiles.

Is this any different than the "back door" that pkane2001 that speaks of? As stated above, the employee risk can be signicficantly reduced (but never eliminated).

Agreed, employees are the week link and the risk here will never be completely eliminated but the risk can be somewhat reduced through continued and vigilant training, rules (and sanctions), appropriate tracking, proper segregation (e.g. why not send all requests to reset an account to the compliance team?), and frequent compliance reviews.

I get that. But you won't find the secret keys to use in Google Authenticator in the email. And the phone hardware isn't spoofed/cloned, only the phone number is spoofed. And normally (I say normally because coin exchanges are mostly unregulated) the information you must provide to reset your account isn't something that you would find in an email.

I don't disagree that customer reps are easily fooled or that secret questions are bad second factors -- but you must know a little something about the account holder other than an email or telephone number to fool them. Here are some of the security procedures at Kraken (coin exchange); 2FA (Google Authenticator and Yubikey) to keep your account secure* No Phone/SMS account recovery, your account stays in your hands Email confirmations for withdrawals with self-serve account lock Configurable account timeout for another layer of protection Customizable, granular API key permissions with range boundaries Global settings time lock for extreme security when you're away PGP signed and encrypted email for secure communication SSL encryption to protect you when browsing Kraken Constant, real-time monitoring for suspicious activity Sensitive data is fully encrypted at rest and in transit *unfortunately, enabling this is optional.

Yes, but it's not true for any crypto exchange that I know -- Google Authenticator is widely used for 2FA (if the account holder bothers to turn it on) in the industry. And when resetting your access to a bank account, normally 2FA isn't all that is used; they make you answer the security questions.

What crypto exchange relies upon text messaging your phone for 2FA -- that's is rather uncommon.

I should have noted that crypto exchanges use a 2FA that doesn't rely on calling you up on the phone or sending you an email etc. They use Google Authenticator or equivalent. Getting back into a "locked-out" account takes a lot more verification than merely sending an email (and/or providing one's phone number).

I take it that this gentleman had held his crypto on an exchange and also did not have 2FA set. In any case, someone with that much crypto should have known better and should have (a) kept the bulk of it in cold storage, and (b) used 2FA for the amounts held on the exchange. If one really must keep really large amounts on an exchange (to facilitate large trades), then at least spread it around various exchanges. Crypto exchanges have a reputation for going bust and making your crypto and fiat deposits disappear.

Thanks, Paul! I adjusted the access settings to the C:\ProgramData\DeltaWave folder and the problem is fixed. Strangely, I used the same user account that had created the error (this user account previously had full control access to "This folder only" and not the files, etc.) . Also strange, the _DeltaWaveDefault.dw file already had the appropriate permissions before adjustments. WIndows ... pffft.

Hi Paul, When I close DeltaWave, I get this error message: Any ideas? Thanks!

fas42 must have one of these:

I don't think that's the case. I've heard a lot of bad or mediocre 24/96 files. I'm willing to bet that a bad redbook file is spawned from a bad 24/96 master.

MQA stock is really beginning to look like it was a pump and dump stock. I'm wondering how much of the share ownership was via private placements? Were the record labels who invested duped? Was Reinet duped?

A distinction without a difference?