I'm looking for great floss that helps teams to collaborate. Is there any groupware you could advice?

In this moment most of our online interactions pass through sever organized by companies with capitalistic interest. ...well and the interest of creating a good service. But still are they mostly organized through strict hierchical orga structure. The problem with this is that the power is not fair distributed. Thought it might be of interest to start building up the own infrastructure?

And I asume there are enough ppl interested in. A good start would be to get a discourse running with some folks through the fediverse as there are already +1 mio using it. Anyone in here interested?

why don't we share server costs via torrent? like ppl viewing a website sharing this data with other ppl just started to view the webside. And you even don't need fast upload rates as you can just have many small packages being distributed. Is there any argument speaking against that, beside the one it's under development?

check out #webtorrent if you haven't already https://webtorrent.io/ #p2p #server #internet #torrent

This looks promising.

This is a follow-up on my previous post on people using social engineering to hijack someone's cell phone number to get their 2FA SMS messages. Original post is here

I could have named this post: Most sites do 2FA wrong; 2FA via SMS isn't true 2FA; A better 2FA

Anyway, yes I started out doing 2FA via SMS messages because that is what most websites prompt you to do, register your phone number to get a code via SMS to use as 2FA. I thought it was a great idea, until I read how easy it is for anyone to call your cell phone provider and "steal" your phone number and associate it with another physical phone. So they don't even need the phone that "you have", they just need your phone number. Not good! (I'm not even going to get into intercepting your SMS messages on the network).

But there is hope. Using an authenticator application on your phone, someone would truly need to steal your physical device for any chance at intercepting your 2FA method. Even if they do steal your phone number, they don't have the app on your phone. This seems much more secure.

Even before switching to an authenticator app I was getting annoyed by SMS 2FA. Most annoying would be sitting at a login screen for a minute or two just waiting for an SMS message to arrive. And sometimes the SMS wouldn't even arrive and I'd have to click "I didn't get the SMS" and try again. Such a waste of time. Authenticator apps are much quicker, the number is generated instantly.

If you have looked into these apps you have probably read about Google Authenticator and Microsoft Authenticator. I've used the Google one and it was fine, but I have since gone Google free on my Android, but there is another option that I have found is excellent called Duo Authenticator. It does present a warning about Google services not being installed but it works just fine. (If I remember correctly I used the Yalp Store app to download Duo from the Google Play Store without a google account). There are also some open source authenticator apps on FDroid but I haven't tried those.

The only thing that concerns me now is what happens if I upgrade my phone or lose it and need to replace it? If anyone knows please comment, I'll have to read up on that. Do I need to log into each website using my old 2FA app, then update the 2FA settings to my new phone?

How do you use 2FA?

I have created this new community called "Digital Life" as a space to post and discuss about aspects of coping with modern technology in our every day lives. I came to Movim looking for a more secure and focused way to socialize without being blasted by ads and news stories some analytics intelligence thinks I want to see. I want to be more secure and thoughtful about my online presence and what corporations or agencies can see and know about me.

So I am thinking about posting about some topics and hoping to get some discussion and tips from you about what you have done to manage your digital life. What do you want to talk about? Some ideas I want to throw out there to get more perspective on are:

• Online opsec
• email provider options and management
• using vpn
• syncing your data between multiple devices
• going google/apple/facebook/whatever free
• alternative application markets
• digital currency
• alternative operative systems
• encryption

So look for my first topic post soon, and comment here if there is anything specific you would like to see posted.

-Supernova