Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
apple sued over two factor aithentication
11 views
Skip to first unread message
badgolferman
Feb 9, 2019, 8:15:45 PM2/9/19
to
A class action suit has been filed that accuses Apple's two-factor
authentication of being too disruptive to users, taking too much time out
of a user's day when it is needed, and abusive since it can't be rolled
back to a less safe login method after 14 days.
https://appleinsider.com/articles/19/02/09/apple-being-sued-because-two-factor-authentication-on-an-iphone-or-mac-takes-too-much-time/amp/
————-
I don’t like two factor authentication and wish I could roll it back, but
there’s no option to do that now. Maybe this lawsuit will give us that
option someday.
authentication of being too disruptive to users, taking too much time out
of a user's day when it is needed, and abusive since it can't be rolled
back to a less safe login method after 14 days.
https://appleinsider.com/articles/19/02/09/apple-being-sued-because-two-factor-authentication-on-an-iphone-or-mac-takes-too-much-time/amp/
————-
I don’t like two factor authentication and wish I could roll it back, but
there’s no option to do that now. Maybe this lawsuit will give us that
option someday.
nospam
Feb 9, 2019, 8:32:20 PM2/9/19
to
In article <q3nu00$euo$1...@news.albasani.net>, badgolferman
his claim is that it takes 2-5 minutes, which is utter bullshit.
appleinsider timed it at 22 seconds, which is longer than usual. last
time i did it, it was maybe 10 seconds. it's also done once to trust a
device, not every single time.
> 媼媼-
>
> I don箃 like two factor authentication and wish I could roll it back, but
> there箂 no option to do that now.
two factor should be mandatory everywhere. with all the numerous data
breaches, people would be protected.
> Maybe this lawsuit will give us that
> option someday.
it won't and almost certainly will never be heard in court, it's that
stupid of a lawsuit, and the lawyers who filed it should be immediately
disbarred. they have wasted far more time than two-factor ever would.
<REMOVETHISb...@gmail.com> wrote:
> A class action suit has been filed that accuses Apple's two-factor
> authentication of being too disruptive to users, taking too much time out
> of a user's day when it is needed, and abusive since it can't be rolled
> back to a less safe login method after 14 days.
>
> https://appleinsider.com/articles/19/02/09/apple-being-sued-because-two-factor-
> authentication-on-an-iphone-or-mac-takes-too-much-time/amp/
yet another stupid lawsuit.
> A class action suit has been filed that accuses Apple's two-factor
> authentication of being too disruptive to users, taking too much time out
> of a user's day when it is needed, and abusive since it can't be rolled
> back to a less safe login method after 14 days.
>
> https://appleinsider.com/articles/19/02/09/apple-being-sued-because-two-factor-
> authentication-on-an-iphone-or-mac-takes-too-much-time/amp/
his claim is that it takes 2-5 minutes, which is utter bullshit.
appleinsider timed it at 22 seconds, which is longer than usual. last
time i did it, it was maybe 10 seconds. it's also done once to trust a
device, not every single time.
> 媼媼-
>
> I don箃 like two factor authentication and wish I could roll it back, but
> there箂 no option to do that now.
two factor should be mandatory everywhere. with all the numerous data
breaches, people would be protected.
> Maybe this lawsuit will give us that
> option someday.
stupid of a lawsuit, and the lawyers who filed it should be immediately
disbarred. they have wasted far more time than two-factor ever would.
arlen holder
Feb 9, 2019, 9:10:22 PM2/9/19
to
On Sun, 10 Feb 2019 01:15:44 +0000 (UTC), badgolferman wrote:
> A class action suit has been filed that accuses Apple's two-factor
> authentication of being too disruptive to users, taking too much time out
> of a user's day when it is needed, and abusive since it can't be rolled
> back to a less safe login method after 14 days.
Offhand...
> A class action suit has been filed that accuses Apple's two-factor
> authentication of being too disruptive to users, taking too much time out
> of a user's day when it is needed, and abusive since it can't be rolled
> back to a less safe login method after 14 days.
I admit zero empirical experience with two-factor authentication (2FA).
o I readily admit I don't even use a PIN code lock on my phone.
o Nor do I bother to use the fingerprint sensor as such.
Yet ... I'd like to ask a question ... but only of open minded people:
Q: What would be _different_ about Android versus Apple 2FA?
That is, why is Apple being sued, and, for example, not Google?
================
Now I read the article which has 5 legal claims, it seems:
================
1. Apple isn't getting user *consent* to enable 2FA
2. Simultaneously, Apple requires a trusted device/number + a password
NOTE: Those are two independent complaints, which happens a lot in law.
3. Apple is violating the California Invasion of Privacy Act
4. Apple is violating the California Computer Crime Code
5. Apple is violating the Computer Fraud & Abuse Act
1. DETAILS REGARDING THE CONSENT CLAIM:
A. On or about Sept 2015, 2FA was "enabled" which required explicit consent
B. Apple sends an email which is insufficient warning of irrevocability
2. DETAILS REGARDING THE COMPLEXITY CLAIM:
A. Enter password on device 1
B. Enter password on device 2 which MUST be connected to the Internet
C. (Optional) Select "Trust"
D. Wait for & receive 6-digit code on device 2
E. Enter six-digit code on device 1
3. DETAILS REGARDING THE PRIVACY ACT:
A. California Penal Code 630 et seq.
B. Lack of consent for Apple to intercept & make inaccessible device 1
C. Apple obtains personal information by becoming a man in the middle
4. DETAILS REGARDING COMPUTER CRIME CODE:
A. California Penal Code 502
B. Apple interferes with login access to device 1
C. Apple does this by "altering the computer system"
D. Apple did this on purpose to "wrongfully control" device 1
E. Losses resulted
5. DETAILS REGARDING COMPUTER FRAUD & ABUSE ACT:
A. 18 USC 1030 et seq.
B. Device 1 is used for interstate commerce and/or communications
C. Apple intentionally accessed device 1
D. Apple obtained personal information about activities on device 1
E. Apple intentionally locked out the user from device 1
F. Apple damaged device 1 without the users' consent
G. Apple did not provide a chance to opt out of this intentional damage
H. Apple has harmed user & has obtained personal information as a result
Whew.
They're essentially independent complaints (which is normal in law).
Having only skimmed the complaint, I would like to ask the question of
open-minded intelligent adults on this newsgroup, after admitting I
have zero experience with two-factor authorization on iOS or Android:
Why Apple, that is...
Q: What would be _different_ between Android versus Apple 2FA?
Lewis
Feb 10, 2019, 2:08:09 AM2/10/19
to
In message <090220192032275524%nos...@nospam.invalid> nospam <nos...@nospam.invalid> wrote:
> two factor should be mandatory everywhere. with all the numerous data
> breaches, people would be protected.
Not as long as companies will use SMS as one of the factors.
> two factor should be mandatory everywhere. with all the numerous data
> breaches, people would be protected.
--
I WILL NOT EXPOSE THE IGNORANCE OF THE FACULTY Bart chalkboard Ep. 8F15
0 new messages