Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Finally got back my T-mobile account (yes, it was a sim swap, meaning that someone socially-engineered T-mobile itself to take over my phone number).
48 replies
186 recasts
590 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Main learning re twitter was: > A phone number is sufficient to password reset a Twitter account even if not used as 2FA. Can completely remove phone from Twitter. I had seen the "phone numbers are insecure, don't authenticate with them" advice before, but did not realize this
10 replies
11 recasts
95 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
I don't remember when I *added* the number; my guess is that it was required to sign up for twitter blue.
4 replies
2 recasts
53 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Anyway, glad to be on farcaster, where my account recovery can be controlled by a good wholesome ethereum address :)
19 replies
71 recasts
292 reactions

aferg pfp
aferg
@aaronrferguson
Glad you’re back. Sorry you got sim swapped :-( Are T-Mobile going to add some extra protection to your mobile to prevent this going forward? I am anxious that mobile companies are woefully unprepared to curtail social engineering…especially if AI can simulate a speaker since many telecoms use voice for auth
1 reply
0 recast
4 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
yeah I added all kinds of hardening to the account itself, and to various other apps
3 replies
2 recasts
22 reactions

dinislam pfp
dinislam
@dinislam.eth
can you describe what you asked t-mobile to do? also a t-mobile customer here, keen to harden
0 reply
0 recast
0 reaction