Farewell, Skype

This post is more than a year old. The information, claims or views in this post may be out of date.

At 12:37pm today, out of the blue, I got this email:

Not cool.

So, the funny thing about that email is that I requested no such reset. At the time, I was chatting to the plumber who was replacing my blown geyser element. Resetting my Skype password was the furthest thing from my mind.

I panicked, naturally, and got straight back to my desk, clicking that link to reset my password.

Now, every other system on the face of God’s green earth, since roughly 1990, will email you a link to reset your password if so requested. Skype is apparently too good for that – instead of just being able to plug in my registered email address, it gave me a 20-point questionnaire, including things like:

  • What’s my name?
  • What’s my email address?
  • Name at least 5 contacts on your account
  • When last did you make a Skype Credit purchase?
  • Did you use a credit card, or PayPal?
  • If it was a card, can you give a few of the digits?
  • When did you register the account?

Color me surprised, right? I filled in as much as I could, and got a message saying that my request had been accepted, and I’d be contacted shortly.

What the shit?

That form? Exactly the same as the previous form, except this time on a Microsoft.com domain, and it had even more questions. So I filled that in too, getting upset all the while.

I’m not concerned about the credit on the account – it’s a couple Euro I can afford to lose. I’m not even concerned about not being able to use the account, since I barely use it anyway. I’m concerned that whoever’s done this will now use my account to spread infected URLs and other nasties (best case) or is a malicious hacker who is out to ruin my reputation (worst case).

I hit submit on the form and get this:

Fucking done.

24 hours is more than enough time for a bad actor to do all the damage they’re going to do. If my account was set up for automatic recharge, that could include some financial damage too, plus I run the risk of my PayPal account suspended for fraudulent activity.

All of this could be avoided if Skype’s password reset policy wasn’t the loosest policy on the block. Apparently, to get a password reset, you just need a name, email, and up to 5 contacts on the account – not impossible to get from watching someone on Facebook for a bit and making some educated guesses.

As this gentlemen found out back in 2013: http://www.businessinsider.com/spammers-can-easily-hijack-your-skype-account-says-a-security-researcher-who-lost-his-account-six-times-2013-4

So I’m officially done with Skype. In the event I can recover that account, I’m messaging everyone on it where to find me elsewhere, and shutting it down. It’s insane that in 2016, a system as pervasive at Skype has worse security than a 9-year old’s secret handshake.

From now on I’ll just stick to systems that use two-factor authentication, and don’t just hand out free password resets to anyone that asks. I’ll keep my Contact page up to date.

It’s the stories we tell ourselves

This post is more than a year old. The information, claims or views in this post may be out of date.

I’ve been blogging more or less since 2007. At first I thought it was really cool that you could run a website with a CMS, and publish whatever nonsense you wanted on the internet.

Then social media started getting cool. I still remember when Twitter started becoming a thing in South Africa – I was one of the first 300 or so people to sign up. The group was small enough that we could maintain a manually-edited wiki page with all our handles.

Boy, did it blow up fast. But I digress.

In my blogging, I’ve never had much of a particular focus. My posts were a bit of a mess, ranging from technical tips to sociopolitical commentary, to silly videos. At no point was I really invested in building a particular narrative – or telling a particular story.

Thing is, I LOVE stories. Stories are the thing I can talk about forever, in almost any context. Each of us sees the world differently, and each of us has a story to tell.

I never thought my own story would be particularly interesting – I mean, who wants to voyeuristically peer into the life of a total stranger on the internet?

(Quite a few people, come to think of it, but I digress. Again.)

What I did think would be better, though, would be collecting and sharing the stories that I thought were really clever, and/or inspiring.

Stories are what shape everything around us. Cultures, religions, companies, brands – they’re all stories. Narratives built and refined over time, handed down from generation to generation, diffused through society.

What’s new in 2016 is the ability for everyone to tell their story to everyone else. I don’t think we’ve quite figured out yet – as a species – how to deal with the internet, but over time this too will all become a story. Hopefully, not a cautionary one.

So what I’m going to try this time around is identifying, sharing, dissecting and analyzing stories. I have a particular fondness for fantasy and sci-fi, and will probably start there.

I’m hoping to accomplish two things with this. First, to write more (doh), and secondly, to revisit all the stories that impacted me, personally, over the course of life so far.

Maybe a few years into this, I’ll be better equipped to start telling stronger stories of my own, but I’m not shooting for the moon just yet 🙂