Profile picture
, 7 tweets, 5 min read
1/ If you haven’t done so already, make sure your @telegram has a password. It’s not a default requirement.

If you don’t, you’re vulnerable to an account compromise, a growing trend that’s in its early days but likely to become an epidemic in crypto (similar to SIM swapping).
@telegram 2/ I learned this the hard way. I also learned SIM swapping the hard way in 2016, and then watched it sweep like a digital plague through crypto in the following years.
@telegram 3/ @ohmstone helped me immeasurably through this process and also pointed out @telegram’s lack of a “compromised account recovery process” is an embarrassment, as is its lack of default requiring a password.
@telegram @ohmstone 4/ I appreciate the help @telegram gave me, but sit in a privileged position in crypto, and fear others will not be able to pull the same strings when they need it.
@telegram @ohmstone 5/ I implore @durov and his @telegram team to get on top of 1) protecting users from these attacks 2) helping users recover compromised accounts.

*Especially* if there are to be #cryptoassets with irrevocable transactions tied to these accounts (e.g., $TON)
@telegram @ohmstone @durov 6/ Things got weird on my end as the hacker called me numerous times, and confessed he performed the attack through session hijacking: owasp.org/index.php/Sess…

But my understanding is there are a variety of ways to compromise TG accounts if there’s no password.
@telegram @ohmstone @durov 7/ Sure, some of you will call me an idiot user, and that’s fair. But a platform should protect its users against their idiocy. Right now, @telegram is not doing a great job of protecting its users.
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Chris Burniske

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#cryptoassets

More from @cburniske see all

Profile picture
Chris Burniske
@cburniske
1/ "Protocols provide structure for businesses, but are *not* businesses themselves; they are systems of logic that coordinate exchange between suppliers (businesses) and consumers of a service."
2/ As coordinators of exchange, protocols should be minimally extractive, whereas businesses are incentivized to be maximally extractive (that’s profit, and a business is valued as a multiple of its profit).
3/ Any unnecessary extraction from the process of exchange is a tax that will be weeded out by copy-paste competition in the world of open-source protocols. The benefit accrues to all of us as consumers.
Read 4 tweets
Profile picture
Chris Burniske
@cburniske
@durov @telegram my TG account (same handle as my Twitter) was compromised & the hacker is scamming your users through my social network.

My personal situation is “okay” (I'd like my identity back), but I feel worse for the people getting tricked into irreversible losses of $$.
@durov @telegram @durov @telegram a few friends & I have been working since yesterday to shut the account down - unfortunately, your UI appears to have no solution once the account is compromised, and no TG support can be found.

Please have one of your staff DM me through Twitter to resolve.
@durov @telegram As a side note, @telegram is marketed as a secure app, but does not present a process to resolve account compromises.

Given the # of crypto folks on your platform + the increasing rate of TG compromises, I would recommend implementing a compromised account recovery process 🙏
Read 3 tweets
Profile picture
Chris Burniske
@cburniske
The @KeybaseIO airdrop of $120M in $XLM has been refreshing from a user perspective. No vested interest from @placeholdervc, just fanboy-ing.
@KeybaseIO @placeholdervc Information about $XLM was communicated in a playful yet clear tone, and while everything relevant was communicated, it never became overwhelming.
@KeybaseIO @placeholdervc Prioritizing supporters that *earned* this $XLM by using the app early is smart from @KeybaseIO, as is requiring 3 "devices" in order to qualify (a hack for app-installs).
Read 3 tweets

Related threads

Profile picture
Adonis Dionysus
@nieun_san
Chanyeol finishes work one evening.
He glances at his watch. 8:30pm. He has some time to spare to kill before he goes home.

He starts walking, his mind wandering back to this person name byun who was his first love and his biggest heart ache.
The night was cold and the taller tries to find some warmth from his coat. His face mask was drawn down to his chin so he could take a deep breathe and release a misty air.

He had a long day. Its been like this every day as well for past few years.
Sometimes Chanyeol wants to quit. He wonders if producing music is really what he wants to do for remainder of his life when the industry has become more demanding. He doesn't remember the last time he had a proper sleep, or the last time he was able to do things so freely.
Read 306 tweets
Profile picture
Ida Bae Wells
@nhannahjones
I have gotten a lot of really shitty (often racist) feedback on the #1619Project and almost nothing surprises me, but I have to say this made me sit down. Someone sent this to *my house* to complain that I haven’t done enough to make sure he got a FREE copy of the project.
So, let’s just be clear here: The Sunday NYT costs $6. We do not give it away for free. I am a reporter but I *personally* fundraised in order to print free copies to ensure we could get the #1619project into the hands of people who aren’t Times subscribers or who can’t afford.
These free copies have gone to low-income schools, to places that serve low-income black communities such as the Schomburg, and in Benton Harbor and OKC. We’re giving out free copies in Detroit. Hot 97 gave out free copies. And we gave out free copies outside the Times.
Read 5 tweets
Profile picture
Youngme Moon
@YoungmeMoon
1/With apologies for another long thread (feel free to mute!), I found myself asking myself more questions about Apple this morning. Here are my thoughts on “Should Apple Make a TV?” (1-23)
2/There was a time when Steve Jobs flirted with building a TV. Not an add-on device (a la the current Apple TV add-on), but an actual television. Eventually, the company abandoned the idea.
3/This was the right decision for that era. 10 years ago, Apple was a luxury device maker – selling highly differentiated, beautifully designed products at a premium price. Televisions, meanwhile, were low-margin commodities – “dumb boxes.”
Read 23 tweets
Profile picture
Jim Grace #FBPE
@mac_puck
I recently looked at "all them rules" that the EC imposed on the UK against our will. The Brexiters also like to bewail the tyranny of the ECJ, but usually cannot cite a single judgement. So here are all 89 judgements against HMG over the last 30 years (3 per year😱). Enjoy...
1) 09-07-91 e.ur-lex.europa.eu/legal-content/…
ECJ: Unbelievable! You just moved your territorial waters further out! Did you really think no-one would notice?
UK: Ahh..soz. Ruler must have slipped, haha. Britannia "rules" the waves, wot wot!
(2) 10-10-89 eur-lex.europa.eu/legal-content/…
ECJ: This law you passed: "A boat ain't British if it's owned or crewed by Wogs, Frogs, Dagoes or Wops". REALLY?!
UK: They're allowed as ballast…
Read 90 tweets
Profile picture
Kirstie Whitaker
@kirstie_j
Last twitter thread for this job with me, @AutisticaUK & @turinginst! Because the deadline is THURSDAY 17 JAN! Just two days to get your application in 😱🤗🤩

I’m going to give you my opinions on how to write a good cover letter. I hope they’re helpful!

turing.ac.uk/work-turing/re…
Let’s start by saying these are only my opinions. I’ll justify them so I hope they make sense to you. But different selection committees will have different requirements. Don’t over generalise to different positions :)
Here’s a screenshot of the application procedure from the job ad. It asks for a CV, contact details of your referees, and a covering letter.

Not much, right?

I think this makes the application pretty freaking hard! Let me explain why.
Read 24 tweets

Trending hashtags

#BillOfRights #AbolishICE #BlueforSudan #handmarked #Compromise #RuleOfLaw #Hassan4VA #maunakea #Internet_Blackout_in_Sudan #StartupMgmtTips #GiletsJeunes #ThreadnoughtBingo #drumrolls #yay #WeAreMaunaKea #ACCEP #AppleHeartStudy #Telegram #IranSanctions #SudanUprising #LOLwut #EasierToRead #1619project #Resistance #endthread
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!