Well, thanks to the Streisand effect I really want one of these now.
Iāve been doing BLE hacking for a few years now (strictly for legit purposes) but it involves a rather cumbersome solution of using a laptop with a Bluetooth sniffer board and WireShark to decode the packets. Itās not super reliable, and it often takes a lot of effort to get the data I want. If this device makes this process simpler that could be a real time saver for me.
Iāve also wanted something I could use to test if RFID shielding thatās on a lot of wallets and things these days is actually effective or not. This seems like it could fit the bill.
If Amazon is banning it then thatās unfortunate since you canāt beat their shipping, but I guess they just wonāt be able to get my money.
Must just be USian Amazon:
And Best Buy is just doing what Iāve been recommending for years. 
I need a bonus.
As usual, companies using 2FA to paper-over their security lapses. For the user, it throws all their personal security through a single point of failure, since they allow whoever has the phone number to override any password protection.
When you actually do need some assistance in a big store - donāt look confused, wandering around wide-eyed in search of an employee. Try to look determined, but a bit shifty. Like you may or may not be about to nick something. A friendly āCan I help you?ā person (underpaid, overworked, ritually abused per company policy) in a polyester outfit with logos on it will materialize out of thin air richt next to you within seconds.
Disclaimer: the overall quality of your shopping experience may be subject to location (of the store) and outward appearance (of you).
I kind of despair at the thought of training retail end users on FIDO2 keys, but for developers it ought to be straightforward.
Sending an SMS is just plain lazy.
It also assumes continued social use of phones as phones, the kind with an actual phone number. If the call logs on my kidsā phone bills are anything to go by (never mind it going straight to voice mail when I call), they almost never actually use the ātelephoneā.
Or my favourite: turn to your wife and say, just loudly enough, āI thought we agreed on $15,000 as the budget for this.ā (Thatās assuming Best Buy; adjust accordingly for the Lexus dealer.)
2FA is hardly limited to SMS, in fact that was the first thing I banned as an admin for our IDP, TOTP, FIDO, or push notification.
Maybe, but the 2FA systems Iāve encountered all grab for the phone.
Canada Revenue Agency does have the option of making computer voice calls rather than SMS, which I use because their SMS usually hits the five minute time-out before it gets to my phone.
My phone hasnāt had an update in five years, and my provider is a low-end company thatās changed ownership three times since I switched to them. Low trust.
Iāve been able to do TOTP with HMRC, and Iām beginning to overdose on acronyms.
Yeah, I do think the big issue is most people donāt have phones which could provide a lot of those optional factors, both google authenticator and ms authenticator offer totp, and can offer MFA for unlocking access to the codes. Shouldnāt need loads of cpu, one hopes,
This bit was a new one on me:
He said the cunning thieves even fooled the GPS tracker, which says the car is still in the drive.
So, a faulty Faraday pouch, possibly? Or a fraudulent one?
Fraudulent, because I doubt that they have a connection to electrical ground. Itās just flapping in the radio breeze.
It will attenuate the signal somewhat, but then re-radiate it inside.
