[HN Gopher] Samsung Recent Security Incident ___________________________________________________________________ Samsung Recent Security Incident Author : rock_artist Score : 132 points Date : 2022-09-02 17:05 UTC (5 hours ago) (HTM) web link (www.samsung.com) (TXT) w3m dump (www.samsung.com) | akersten wrote: | > but in some cases, may have affected information such as name, | contact and demographic information, date of birth, and | | That's all you need to steal someone's identity. Major reason why | I never give any website my real birthday, and use a password | manager to remember all the various "birthdays" I've been | required to provide for no ostensible reason. | | If we wanted to hammer out a quick and effective privacy | legislation, it would be: you need a demonstrable reason to ask | for someone's birthday (e.g., legal reason to validate you're old | enough to open a bank account or whatever), not "i want to send a | happy birthday newsletter every year (and also sell it in a | package to data brokers)" | icedchai wrote: | That info is generally already public and easily accessible. | Try googling yourself or a relative. You can find their date of | birth, address, phone numbers, and neighbors in a couple of | minutes. | YetAnotherNick wrote: | > That's all you need to steal someone's identity | | I have this information for many billionaires. Now tell me how | to steal their identity. I would like to live their life. | capableweb wrote: | > That's all you need to steal someone's identity | | I wish we could stop propagating the idea that it's possible to | "steal someone's identity". No, you cannot take my identity | from me, I am who I am, you are who you are. | | What you can do however, with those details, is tricking | companies and committing fraud. But it should not be up to me | to make sure companies are not being defrauded, the burden is | on them to prevent that. | | Name, contact information and date of birth are so basic level | of information, that if you can commit fraud with just those | details, something is seriously wrong as the company you're | performing the fraud against. | | Some countries even have those details publicly for you to find | via public websites. So again, if that's all it takes, the | company is doing something seriously wrong. | cush wrote: | > I wish we could stop propagating the idea that it's | possible to "steal someone's identity" | | Identity theft is a term that comes from the fact that you | can use this information to open up a bank account or become | someone digitally, not because they steal your personality. | | It's a great term because exemplifies the gross negligence | and liability that comes with egregious misuse of personal | data | capableweb wrote: | If a bank allows someone to open up a bank account with | personal details that don't really belong to them, I'd call | that fraud and a failure on the banks side. "Stealing | someone's identity" sounds like I could and should have | been able to prevent that, rather than putting the blame on | the bank who accepted false personal details in the first | place. | | As I said, those details, including address and more, are | public in some countries. Those countries have learned to | live that just being able to say my name, date of birth, | address and telephone number is not enough to open a bank | account, why can other "modern" countries not adjust | accordingly too? | largepeepee wrote: | Rather than just banks, you can say it is also a systemic | problem if the details like ssn is such an important | number yet it is so easily obtained. | | There is a reason why the majority of these frauds are US | based | synu wrote: | There's a funny Mitchell and Webb sketch about it: | https://youtu.be/CS9ptA3Ya9E | nopenopenopeno wrote: | Wonderful! I will be sharing this one a lot. Thank you. | dec0dedab0de wrote: | There was a push a while back to call it bank fraud. | Because the banks are the victims and should be responsible | to protect/insure themselves. | | By calling it identity theft, we are saying individuals are | the victims and should protect the banks from someone | pretending to be them. | | Edit: I also believe there was an argument that banks | reporting to credit agencies based on fraudulent activity | from a 3rd party should be treated as libel. | [deleted] | dt3ft wrote: | In Sweden, this information is public. | sigmoid10 wrote: | I have the feeling this is mostly a US thing, where a | social security card with almost nil personal data is | widely used for identification. In Europe you won't get | very far with a birthday and a name - and you certainly | won't get a credit card or anything close to it. | omnicognate wrote: | Several bank loans and store cards were taken out in my | name using only my name, address and date of birth, in | the UK. The same cynical business logic applies the world | over: it's cheaper to clean up after the inevitable fraud | than to implement proper identity checks. This calculus | is of course aided by the fact that the detection of the | fraud and the organising of the cleanup is taken care of | entirely by the victim. "Victim", not "customer", because | usually there is no business relationship between the | company with the shitty identity checks and the person | that has to live with the consequences. | | I recommend contacting the credit rating agencies and | getting them to place a note on your record with a | password, eg. [1]. Don't wait until someone "steals your | identity". It's the only way to get these companies to do | something resembling an actual identity check. Doing it | _after_ they 've lent in your name (as the rating | agencies suggest) rather defeats the object. | | [1] https://help.equifax.co.uk/EquifaxOnlineHelp/s/articl | e/Howdo... | Nextgrid wrote: | The fact that the UK has this nasty concept of "credit | history" helps with this, since now all that's needed to | take out credit is basic details to lookup the credit | bureau profile and then they "vouch" for you. | | In countries where this doesn't exist, obtaining credit | requires providing proof of income (payslip, etc) to the | lender which they verify. A mere name/address/date of | birth might be enough to open inconsequential accounts | such as loyalty cards, but will absolutely not get you | credit - therefore the damage to identity theft victims | is greatly reduced or even nullified. | | Bad payers are still penalised even without a credit | bureau system by a register the government operates onto | which a debtor is registered for a certain period after | legal action by a lender (so this requires significant | effort from the lender - you don't get on this register | because of a telecoms billing mishap for example). | | With regards to setting a password, I wouldn't trust CRAs | to enforce this. What you can do however is pay for CIFAS | protective registration - it's usually for victims or | those at high risk of identity theft but there's no legal | requirement so anyone can pay the admin fee and get added | to the register. Lenders check this during credit | applications and this puts an instant block on any kind | of automated approval and requires them to do further | verification. | [deleted] | ajsnigrutin wrote: | In slovenia, you have your name, surname and date of | birth, but also unique citizen number (EMSO) and your | personal tax number. | | They tell you not to tell anyone your EMSO... but EMSO is | generated from your date of birth, gender, former | yugoslav republic you were born in (slovenia=50) and the | sequental number of your birth that day (0-499 boys, | 500-999 girls)... plus a checksum. So if you were born in | slovenia, are a boy, and were a third boy born on 20th | december 1970 (970... because why waste numbers?!?!), | your emso would be 201297050003K (K=checksum, too lazy to | calculate). | | We also have a tax number, that they also tell you not to | share... but then you open up an independent contractor | business (technically, it's a not a seprate company, but | "you" are the company), and your personal tax number is | published in many many online systems, info pages, you | have to put it on receipts, ads, you have to tell it when | you're buying toilet paper for work use, etc. | | But yeah... if you want to open a bank account, you need | a government issued id card (or passport), and they check | it very very throughly. | nibbleshifter wrote: | Which is absolutely demented. | reaperducer wrote: | I always find it curious that allegedly Swedish people on | HN post this sentiment over and over, but then never link | to their own personal information. | | Why not share, if it's so harmless? Isn't that the point | you're trying to make? | plugin-baby wrote: | Maybe they don't want their identity and their opinions | to be linked. | capableweb wrote: | I'm not Swedish, but a friend of mine showed me a website | for it. Here is a random example of a person who lives in | Taby, Sweden: | | https://www.ratsit.se/19290708-Bertil_Thomas_Andersson_Ta | by/... | | > Bertil Thomas Andersson - 1929-07-08 (93 years old) - | Address: Lyktgrand 2 lgh 1706, 183 36 Taby, phone number | 070-208 35 86 | | The website also adds information about income: | | > (machine translation) In Taby, Bertil Thomas | Andersson's home municipality, there are 5218 income | millionaires. The proportion of people with payment notes | in his postcode 183 36 is 7.3% and the average income is | 295 679 SEK ($27,378) per year. | | If the person runs any companies, that would be visible | as well. | | All of this is public information, for each individual | and company in Sweden (except the ones that have | requested to not be visible, or are protected) | LtWorf wrote: | I think it's way more common in USA than in europe because | here you can't just phone a bank and open an account with | your tax agency code. Normally the first time you need to go | and show your id. | traceroute66 wrote: | > If we wanted to hammer out a quick and effective privacy | legislation, it would be: you need a demonstrable reason to ask | for someone's birthday | | Not much help for the American cousins, but this already exists | throughout Europe and has done for years .... its called GDPR. | | TL;DR : If it is or it is tied to PII (personally identifiable | information) you have to: (a) Justify | collecting it in the first place (b) Justify storing | it, and storing it no longer than necessary (c) Obey | with the "right to be forgotten" and delete it on request | ItsTooMuch wrote: | You somehow forgot to mention that most (probably all) EU | countries have laws that require you to know the birthdays of | your customers - that of course overrides GDPR, or more | precisely, the law is the reason to store the information so | there's no need to find other reasons. | | Also, don't forget that these laws also have requirements on | you keeping logs, most of the time 3, 5 or more years. So | yeah you have to obey a deletion request when that time is | up, not "on request" - that would be illegal in most cases. | | In many EU countries birthdate (and more) is public | information, btw - my own birthdate is made public by the | state itself (on the business registry website), together | with my name and residence address. Same for any owner of | real estate - be it land, house or unit - names, residence | addresses and birthdates are publicly available in the online | cadastre. | Nextgrid wrote: | The GDPR has a massive enforcement problem though, so in | practice, you have little recourse if a company breaches it | and misuses your personal information. | tbihl wrote: | I don't spend much of my time worrying about this, but if you | do: | | Put credit freezes on yourself and maintain them that way as | the default. This cuts your attack surface significantly. Plant | your flag with any large government entities that are used for | collecting benefits (IRS, your state's stuff, etc.) | | Do I love the state of affairs? No, but if it were something I | worried about, I'd at least make myself a hard target. | encryptluks2 wrote: | There needs to be better laws protecting individuals that use | aliases and what not for registration. Technically, there are | certain federal laws that can make doing so illegal in certain | circumstances.. while not enforced at a high rate, I do see | them occasionally being applied unfairly and don't like knowing | that by using aliases and what not that I could be opening | myself to criminal prosecutions. | Mandatum wrote: | Having reported a critical bounty, their incident response and | disclosure process is a complete shitshow. Absolute mess of a | company. | hedora wrote: | I love how they don't say how big the breach was, what systems | were affected, or how to opt-out of them stealing your personal | information and storing it on poorly secured servers: | | > _Why does Samsung have my data?_ | | > _We collect information necessary to help deliver the best | experience possible with our products and services. We know how | important privacy is to our customers, and we provide information | about how we 're planning to use customer data, in strict | compliance with relevant privacy laws. You may visit the U.S. | Privacy Policy section of our website for more details on how we | may obtain data and for what purposes: | https://www.samsung.com/us/account/privacy-policy/._ | autoexec wrote: | > We collect information necessary to help deliver the best | experience possible with our products and services. | | When I got my first Samsung phone, it came with Samsung's | keyboard installed. I looked at the privacy policy and saw that | it was sending every single keypress to some third party whose | privacy policy said it was used for market research and to | guess at things like the education level and intelligence of | the user. Who needs malware when Samsung ships keyloggers. I | uninstalled it then did the same with every other Samsung app I | could. They obviously don't care at all about people's privacy. | On the plus side, I found some great apps that way like simple | gallery pro and markor. | notsapiensatall wrote: | From that privacy policy: | | > Information we may collect automatically includes information | about | | >* your device, including MAC address, IP address, log | information, device model, hardware model, IMEI number, serial | number, subscription information, device settings, connections | to other devices, mobile network operator, web browser | characteristics, app usage information, sales code, access | code, current software version, MNC, subscription information, | and randomized, non-persistent and resettable device | identifiers, such as Personalized Service ID (or PSID), and | advertising IDs, including Google Ad ID; | | >* your use of the Services, including clickstream data, your | interactions with the Services (such as the web pages you | visit, search terms, and the apps, services and features you | use, download, or purchase), the pages that lead or refer you | to the Services, how you use the Services, and dates and times | of use of the Services; and | | >* your use of third-party websites, apps and features that are | connected to certain Services. | | So essentially, they're saying that they can log everything | that you do on your device. | dietr1ch wrote: | I don't even know why I got an email from them to my work | email. AFAIK I've never used a samsung device at work and I | have dedicated work devices. | rvz wrote: | "We value your privacy" is just a buzzword for these companies. | TEP_Kim_Il_Sung wrote: | Translation: "We value your privacy higher than we value you, | because we get to sell it to anyone for top dollar." | A4ET8a8uTh0 wrote: | This ship kinda sailed after Equifax data breach, but I wish we | could make data a real liability ( as in, if you store it, you | are on an actual legal hook for it ). 2017 settlement[1] was | largely a joke if not an insult to all the affected individuals. | The company still operates, no one went to jail and the company | got a hard cap on potential claim from affected people. | | I don't know what the solution is exactly though ( I mean how to | effect actual change instead of posting in this forum ). | | [1]https://www.ftc.gov/enforcement/refunds/equifax-data- | breach-... | bee_rider wrote: | I guess eventually everybody's data will be leaked (are we | there yet?) and companies that would like to make loans will | have to come up with some other way of verifying their | customers. | | The credit system is a scam anyway. Oh wow thanks Equifax, you | think I should be allowed to go up to my eyeballs in debt. What | an honor, I'm flattered. | hijohnnylin wrote: | Just got the email from Samsung saying I was part of the breach. | At the end of this (extremely long and excuse-ridden) email they | inform me that I'm entitled to a free credit check every year | from credit reporting agencies. | | Can't we just fast forward to the part where they send me a $5 | check for the class action settlement? They'd save a ton on legal | fees. | WaitWaitWha wrote: | I got the same. | | I find it insulting to offer a credit check. If I wanted, I | would get 20 credit checks just this year. Credit checks are | also (mostly) free. Everyone and their mother offers them. | | Why would that do me any good for checking? How does it | remediate or mitigate the loss I have? | autoexec wrote: | > Everyone and their mother offers them. | | I'm pretty sure the US government offers them for free, and | anyone else doing it "for free" is only using at a means to | collect and sell your personal information. Using some random | site like getmemyfreecreditcheck.com or whatever is pretty | much asking for your privacy to be violated. | baldeagle wrote: | They are offering the free credit check provided by Uncle Sam- | not even footing the bill for one of their own | mrtweetyhack wrote: | [deleted] | AdmiralAsshat wrote: | I feel stupid for ever giving Samsung this much info to begin | with. But oh, they had such compelling _reasons_ to do it. Like | trading in my old phone to get a deep discount on a new one | directly from Samsung, and bypassing all the carrier bullshit! Or | locking down all of my devices, so that someone who steals my | phone can 't factory reset it without supplying my Samsung | account credentials! | NoboruWataya wrote: | When I saw this thread I went and checked my inbox to see if I | had received an email telling me I was caught by this breach. I | haven't, but what I do have are like five emails from my | carrier in the last two weeks desperately trying to get me to | upgrade to the latest Samsung phone. | | I have a Samsung from three years ago. I don't want to upgrade | or replace it until it actually breaks, as constantly upgrading | phones strikes me as wasteful. However, when I see this shit as | well as all the Samsung apps they don't let you delete or | disable from your phone, I am very tempted to just splash out | on a Pixel to install GrapheneOS. | morsch wrote: | I would like to delete my Samsung account (which I was forced to | create to access some feature of my phone). But I can't even | access my profile because I'd need to accept some new user | agreement which I won't do. I guess I could try sending them a | letter. | aborsy wrote: | How is it that security is a top priority when the company can't | correctly implement basic encryption? | | Samsung shipped so many millions of phones with insecure | encryption: | | https://eprint.iacr.org/2022/208.pdf | topicseed wrote: | > may have affected information such as name, contact and | demographic information, date of birth, and product registration | information. | | What falls under "product registration information"? | derwiki wrote: | California residents can request their data to be deleted here: | | https://www.samsung.com/us/privacy/ccpa/ | | I was surprised I even had a Samsung account so I can't think of | any reason to keep one after this. | ev1 wrote: | I received this email to a CCPA "removed" email address. | WaitWaitWha wrote: | I requested to have all my info deleted by them. Let's see how | long it takes. | | The email for my request is towards the bottom of this page: | https://www.samsung.com/us/support/securityresponsecenter/ | | I am aware this does not fix the problem of the already stolen | data, but it might make the data collection cost/benefit analysis | in favor of discarding collection all-together. Maybe. Let me | dream, would you? | shultays wrote: | Samsung stores demographic information because why not. I wonder | how much information is that | artificialLimbs wrote: | "...and have engaged a leading outside cybersecurity firm and are | coordinating with law enforcement." | | Sounds like "we got ransomeware'd". | theteapot wrote: | The whole paragraph suggests it more strongly. Specifically why | would you say "affected" rather than exposed / accessed?: | | > FAQ: Can you tell us more about what specifically happened? | In late July 2022, an unauthorized third party acquired | information from some of Samsung's U.S. systems. On or around | August 4, 2022, we determined through our ongoing investigation | that personal information of certain customers was affected. We | have taken action to secure the affected systems, and have | engaged a leading outside cybersecurity firm and are | coordinating with law enforcement. | drcongo wrote: | Blows my mind that anyone would buy a Samsung product given their | data collection addiction. | marcodiego wrote: | > may have affected information such as name, contact and | demographic information, date of birth, and product registration | information. | | No. No matter how safe of how carefully you take your security, a | vendor should NOT keep these pieces of my private information | with them. | icedchai wrote: | Most of that info is already public and easily searchable. | There are data brokers that gather public records (like real | estate) and resell them to marketers, sales people, other data | brokers, etc. It's an enormous business. Privacy is, sadly, an | illusion. | ProAm wrote: | Dont give it to them then, | marcodiego wrote: | Yes. But it is becoming increasingly difficult with "smart" | or "connected" devices. Sometimes you have to fill forms to | access services or agree with EULA's with abusive terms. If | you disagree with the terms, you become ostracized because | everybody else from your circles accepted those terms and | nobody is using your open-source/decentralized/federated | network or services. | | You can't expect common people to be reasonable and | spontaneously boycott abusive vendors. Most people are not | educated enough for that. Among those who are, most don't | care. | | We need laws to prevent this kind of abuse so vendors can't | take advantage of people who are willing to share such | information even if they are knowledgeable about its | implications. | abawany wrote: | I wonder if the GP is saying that you don't necessarily | have to provide your real dob etc. to vendors that coerce | you in this manner. I mean, don't you want to imagine a | world in which you were born on Feb-29 of some suitable | leap year? | ProAm wrote: | We don't need laws just dont buy their products. You're | asking a business to change it's business practices because | you don't like them. Free market. | notsapiensatall wrote: | My favorite suggestion for a nationwide privacy law is | simple: | | Clarify that all EULAs are null and void unless they have | been reviewed with counsel, signed, and notarized to ensure | the user understands what they are agreeing to. | | If the companies want to treat them like contracts, so | should the other party. Otherwise, it all stinks of duress. | ncphil wrote: | Amateurs. Samsung's identity system was f*ed even before this. | Only Lenovo/Motorola were worse. _Of course_ they got hacked: | they were a big fat (in a purely metaphorical sense), stupid, | target. The entire executive suite and board should be swept out | and replaced. But that won't happen because those few have a lock | on the majority of shares by either owning them outright or being | golf partners with the like-minded idiot rest. Their main focus | now, as always, is to deflect blame and preserve their positions. | Does not inspire confidence in the future of anything. No wonder | they can't get the simple things right, like providing clean | water to Flint or Jackson. The clowns have taken over the bus and | are driving it right over a cliff. | jiggawatts wrote: | Just here to remind everyone that Samsung televisions take | screenshots at regular intervals of what you watch and sends this | to be stored with the same level of "security". | autoexec wrote: | Roku does this too. | | > "Roughly twice per second, a Roku TV captures video | "snapshots" in 4K resolution. These snapshots are scanned | through a database of content and ads, which allows the | exposure to be matched to what is airing. For example, if a | streamer is watching an NFL football game and sees an ad for a | hard seltzer, Roku's ACR will know that the ad has appeared on | the TV being watched at that time. In this way, the content on | screen is automatically recognized, as the technology's name | indicates. The data then is paired with user profile data to | link the account watching with the content they're watching." | (https://advertising.roku.com/resources/blog/insights- | analysi...!) | wqeraz wrote: | Was this related to the Lapsus$ incident, or something else? | xeromal wrote: | Just got this email. I love how they don't even try to pay you | off. They just show you where to get your free credit report | where if you've already accessed it, you're screwed. | ternaryoperator wrote: | Came here to say this. The least they could have done is | provide you with a free credit report, regardless of whether | you previously used your freebie. | smm11 wrote: | I was just considering using an old iPhone instead of an S21. | Decision made. | parasti wrote: | Oh, Samsung. I just went through the most insane account recovery | process I've ever seen. Tried to register a Samsung account, but | my email was already taken. Guess I must have had an account at | some point. If you forget your password, you have to provide your | name and date of birth to reset it. If you fail to enter the | correct details many times, which I somehow did, eventually they | will send you the recovery email anyway. When I received it, it | was in a language I'd never seen. Then I discovered that it was | actually somebody else's account from Indonesia that was using my | email address without me ever knowing. So I now have a Samsung | account that was someone else's but it was using my email so it | was really mine? | ethbr0 wrote: | I've got a fairly common Gmail address as my primary. | | I get all kinds of account sign-ups, and also home purchase | paperwork and sheriff's office employment offers, from multiple | states. | | I used to feel bad, and spent a couple years trying to get in | contact and correct whoever used my email. | | Now? Fuck em. If you use my email, it's my account. I just | deleted "my" Roku account and unsubscribed to the services | attached to it (required to delete an account). | | Me deleting "your" account is the least-abusive thing I could | do if you sign up with my email address. | aliqot wrote: | >Now? Fuck em. If you use my email, it's my account. I just | deleted "my" Roku account and unsubscribed to the services | attached to it (required to delete an account). | | >Me deleting "your" account is the least-abusive thing I | could do if you sign up with my email address. | | This is illegal, CFAA of 1996. | | Them signing up with your email is a mistake, you | deliberately modifying data that isn't your own because of | that is illegal. | randerson wrote: | What is the _correct_ course of action one should take, | e.g. if OP now wants to sign up for a Roku account with | their own address and now can 't? | 8note wrote: | Make a different address? | | Mind you, if Roku doesn't want to do business with you, | there's no correct way to trick them into it | [deleted] | galangalalgol wrote: | Signing up for services using other people's email? Or | canceling services attached to your iwn email? | derwiki wrote: | It wouldn't also fall under CFAA to fraudulently sign up | with the wrong email? | tester756 wrote: | >At Samsung, security is a top priority. | | Every company, always. | zac23or wrote: | > At Firefighters, firefighting is our top priority. We | recently discovered that our base of operations caught fire | and, as the fire hydrants and fire extinguishers did not work, | it was incinerated. | | An absurd, insane message. | fsociety wrote: | The iconic "yes we do have a security department" doublespeak. | cProdigy wrote: | hmmm | dreamcompiler wrote: | At Samsung, like at every other company, perception management | is a top priority. And we will never understand why managing | perceptions while ignoring reality always fails. | lizardactivist wrote: | Other companies keep the lid on when it happens to them. Samsung | has the decency to inform you quickly and clearly, gotta give | them that. | fartcannon wrote: | No, I won't give them anything. They don't need to take this | information. They shouldn't have it. I think they and everyone | else collecting data should be held far more accountable than | they are for the damage they do when that data leaks. | vardump wrote: | Luckily I gave all fake information to Samsung. Because I | expected this to happen. | hayst4ck wrote: | From a post above: | | > your device, including MAC address, IP address, log | information, device model, hardware model, IMEI number, serial | number, subscription information, device settings, connections | to other devices, mobile network operator, web browser | characteristics, app usage information, sales code, access | code, current software version, MNC, subscription information, | and randomized, non-persistent and resettable device | identifiers, such as Personalized Service ID (or PSID), and | advertising IDs, including Google Ad ID; | | Regardless of how fake you think the information you gave them | is, if you use your phone, there is more than enough | information to attain a real identity and connect that to other | identities. | | IMEI alone will uniquely identify your device, and therefore | you, and it will be connected to a phone company that is | probably willing to sell your data. | | https://arstechnica.com/tech-policy/2021/03/t-mobile-will-te... | vardump wrote: | I wonder what kind of information they got out of my TV. | Well, obviously at least IP address. | | Maybe some viewing habits data. In which case they'll | probably conclude I mostly like cartoons about ponies and | talking, people rescuing dogs... | hayst4ck wrote: | TV's can probably scan your local network which means at | the very minimum getting MAC addresses which can tell you | the manufacturer and maybe more, of various devices on your | network. | vardump wrote: | It can do that all it wants, won't be able to see any | other devices on my network. | | Although it could scan for nearby wifi access points. | Maybe also for bluetooth devices. It also got a | microphone... | | Business idea: A service to strip microphones and | antennas out of brand new TVs? | hayst4ck wrote: | There is no winning via tech, only regulation. | | Supposedly amazon set up an AWS service to leverage 5G | (https://aws.amazon.com/private5g/) allowing | significantly more devices. The idea being that our | fridges, TVs and other household devices could talk | directly to a private service without having to be | subject to your in home firewalls/DNS blocking/etc. | SoftTalker wrote: | Coincidentally (?) I got an unsolicited text message yesterday | with my "Samsung account verification code." ___________________________________________________________________ (page generated 2022-09-02 23:00 UTC)