
NIST declares the age of SMS-based 2-factor authentication over - Osiris
https://techcrunch.com/2016/07/25/nist-declares-the-age-of-sms-based-2-factor-authentication-over/
======
Matt3o12_
I don't think eliminating SMS authentication is a good idea. While it is
vulnerable to social engineering attack (and sniffing if you are near the
receiving phone), SMS authentication has proven to be invaluable for most
ordinary users. Those users are everything but eager to use anything more
secure then their 6 letter password. With tricking many users into using SMS
authentication, companies like Google have improved the overall security of
most account by a lot. While it is possible to remove an SMS authentication
mechanism, it is a lot harder and probably not worth for most accounts.

Most people will not bother to install Google authentication and just not use
2FA (who wants to steal their account anyways /s). Even if they did install
it, recovering their authentication codes if they have lost their phone is
incredible hard (because too many won't use backups – even if it is as simple
as apples iCloud backup).

What I think companyies should do is give their users a choice not to use SMS
authentication. Power users (and hopefully most high profile users) will make
use of that and normal user can just use SMS.

In the end it is always a trade off between convenience and security and sadly
convenience almost always wins for most users even for easy solutions. So we
(the developers) should provide them with the most convenient way they accept
which offers the maximum security and SMS does just that.

~~~
scrollaway
SMS auth is atrociously bad compared to offline 2fa:

\- Requires a telecom provider in the first place (in some countries, that
legally requires a passport/national ID tied to the phone number)

\- Offers no means of backup

\- Forgot to disable 2fa on that one account you log into once a year, before
changing your phone number? have fun with that

Nevermind Google Authenticator. Android and iOS should have a high quality
TOTP app installed _by default_. One that permits backups. "Users won't
install it" should NOT be a factor and if Apple/Google want their users to
start using 2FA it's in their own interest to do this anyway.

~~~
theGimp
It's still better than no 2FA, which I imagine is the alternative for the vast
majority of people.

~~~
scrollaway
Meta: Why is it that in one thread, I'm saying "same-machine 2fa is better
than no 2fa" and getting "but but it's not secure!" as replies, but when I
complain about sms auth being insecure, impractical, nonstandard and more
expensive than TOTP I'm getting "it's still better than 2fa" as a reply?

~~~
Ntrails
I agree, it _is_ bizarre to be taking different sides of the argument in
different threads...

~~~
ekimekim
I want to call this out, because I feel it's a big issue we have as humans
trying to engage in reasoned debate - the idea that an inconsistent or
changing view is somehow "weak" or invalidates the argument.

If someone is changing their opinion, that's a good thing. It means they are
taking on board new information and not blindly following their original
opinion.

If someone appears to have an inconsistent view, perhaps their position is
simply more nuanced than the simple "for or against" buckets the debate
actively tries to lump all participants into?

~~~
Ntrails
Yeah, I was sarcastically pointing out the absurdity of bitching about
different people on HN having different responses whilst he himself has
slightly different perspectives on subtly different issues...

I don't care that his view is inconsistent, I just think the complaint of
people disagreeing with him (in a comment format which encourages disagreement
more than agreement) was kinda ridiculous :)

------
ams6110
This is the perfect being the enemy of the good.

They should be calling for secure, validated SMS.

Thinking that "Joe and Jane Six-Pack" are going to use Google Authenticator,
is frankly laughable to anyone who does end-user support. But everyone
understands "get a text and enter the code here"

~~~
smsm42
Moreover, did you ever try to port Authenticator data from one device to
another? There are rumors it's possible. I work in the industry since forever,
if anybody can be called qualified for such simple task, it's me. I gave up,
too much trouble. Imagining that a regular person would even think about
getting into these woods is laughable.

Sure _Google_ allows you to port authenticator data with an easy 5-step
process. Almost nobody else does even this.

Without portability, it means losing access to your Facebook, Instagram and
Pokemon Go when you change your device? People would revolt if you do that.

So what's the alternative? We either use SMS, or we use email (which will have
like order of magnitude higher failure rate with no added security) or we
don't use 2FA at all. Or we think really hard and invent better 2FA than SMS
that works on every mobile device and is simple for the user. _Then_ we can
deprecate SMS.

~~~
bigiain
I always refuse to use the "scan QR code" thing, and everybody I've tried that
with (at least Google, Amazon, Github, Dropbox, Linode) give you a TFA secret
to type in as an alternative - I then store these in 1Password and can back
that up and use them to key Google Authenticator on additional devices. (I've
never tried to extract or backup.reuse secrets from Authenticator.)

~~~
asuffield
This only works for services using TOTP mode; HOTP prevents replay/cloning
attacks.

~~~
Rafert
The HOTP counter is something you can increment yourself if needed when
storing it somewhere?

Proper implementations of TOTP do not just rely on expiring the codes. From
chapter 5.2 of RFC 6238: "Note that a prover may send the same OTP inside a
given time-step window multiple times to a verifier. The verifier MUST NOT
accept the second attempt of the OTP after the successful validation has been
issued for the first OTP, which ensures one-time only use of an OTP."

~~~
vel0city
Yep, right at the top of page 7 of the RFC:
[https://tools.ietf.org/html/rfc6238](https://tools.ietf.org/html/rfc6238)

If it accepted the same token more than once, it couldn't possibly be called a
"one-time password".

------
Kortaggio
One of the biggest weaknesses of SMS 2FA that I didn't see the article cover
is when an attacker can socially engineer their way into your account with
your cell service provider.

I'm thinking of a high-profile example when an attacker tried to take over
h3h3's YouTube account by requesting his SIM card from T-mobile by pretending
to be a T-mobile employee:
[https://youtu.be/caVEiitI2vg](https://youtu.be/caVEiitI2vg)

~~~
legohead
The other day I forgot my Github password. When I went to go through the
password reset process, it must have triggered the 2FA because it asked for my
code. I use Google Authenticator, but I had switched to a new phone since the
last time I used GA with Github, and never scanned the code on the new phone.

So now I'm at an impasse. How do I get the code? Well, Github has a backup --
it will SMS the code to your phone! When it said this I just kind of chuckled
to myself as I also had seen the h3h3 video. Sure enough, it texted me the GA
code and I got back in control of my account.

Github actually provides a list of emergency codes that you can print out and
use as a last resort. I had printed these before and actually had them
available, but forgot about that process.

Github is trying so hard to have your account secure, but yet the SIM card
cloning threat is still there.

~~~
bigiain
Hint: don't just scan the QR codes on one device, switch to the "type in the
TFA secret" mode, and store that in your password safe (this makes it easier
to add the key to all your devices too - I have thew Google Auth app in two
phones and an iPad. I'd advise against doing that without at least considering
something better than a 4 digit pin unlock for your devices).

~~~
danieldk
_Hint: don 't just scan the QR codes on one device, switch to the "type in the
TFA secret" mode, and store that in your password safe_

I just don't use an authenticator app at all. Some password managers (e.g.
1Password) have support for storing TOTP. So, as long as I can access my
1Password vault (use a strong password!), I can access my TOTP codes.

Besides that, I prefer U2F, which is supported by GitHub.

------
wfunction
The problem with 2FA apps is that they don't also serve as an instant
notification you when someone is trying to log in as you. 2FA SMS does. This
needs to be addressed somehow before we declare the former superior.

~~~
lyonlim
Instead of SMS, wouldn't email notifications suffice? Apple (iCloud), Gmail
and Salesforce does this when there's a new login on a new device.

Furthermore, I'm not too in favour of using SMS... I have two numbers and when
I don't have both phones with me, it's a huge hassle. I end up setting up my
phones to auto forward such smses.

I use 1Password OTP support and love how it works seamlessly across my phones.

(Edited for clarity)

~~~
gambiting
When my Origin account was hacked, I found out that hackers used a very basic
vulnerability in Gmail - they've logged into my Origin account, changed the
language to Russian, and then changed the password - I received the "your
password has been changed" email, but because it was in russian, gmail
automatically put it in Spam folder and I never saw it(when I eventually found
it the message shown by gmail was "this email is in a different language than
used normally for this email address so we've automatically marked it as
spam".). Obviously by the time I realized, the "I didn't do this!" link in the
email has expired and I had to call EA to recover my account(surprisingly, I
did!).

So yeah, now I have 2FA enabled on my origin account, but I still wish I
received a text message telling me my password was changed.

------
Stratoscope
When I think of NIST, the first thing I think of is the old National Bureau of
Standards (now NIST) WWV Time and Frequency broadcast on 2.5, 5, 10, 15, 20,
and sometimes 25 MHz. (You old-timers can probably hear the radio voice
already!)

This came to mind because I just read a great PDF with a detailed history and
technical description of WWV and its sister stations WWVH and WWVB:

[http://tf.nist.gov/general/pdf/1969.pdf](http://tf.nist.gov/general/pdf/1969.pdf)

Not directly related to 2FA, of course, but that PDF is recommended reading.
These people were hardcore hackers before any of us were born!

~~~
jlgaddis
The suffix of my amateur radio callsign is WWV. A few decades ago, when I
actually talked on the radio, there would always be somebody who would ask me
what the time was.

Ironically/coincidentally, nowadays I run several stratum 1 and stratum 2 time
servers.

------
viraptor
> the verifier SHALL verify that the pre-registered telephone number being
> used is actually associated with a mobile network and not with a VoIP (or
> other software-based) service

Is that possible to do this reliably in any country right now? I know you can
easily migrate numbers and the oldschool block assignments don't mean anything
in a few countries.

~~~
djsumdog
I moved out of the country and depended on my number being on Google voice to
use existing services. I'm also curious how to check if a US number is
associated with a VoIP services.

I worked for an international Telecom whose SMS gateway would just broadcast
messages to the two other national providers if the number wasn't there's (the
other providers would drop messages that didn't belong to them). That was one
of my first assignments; writing a task that would check the ported number
database and only send the SMS to the correctly ported provider.

------
niftich
Github repo for the working documents:
[https://github.com/usnistgov/800-63-3](https://github.com/usnistgov/800-63-3)

Issue tracker (discussion/request for comments):
[https://github.com/usnistgov/800-63-3/issues](https://github.com/usnistgov/800-63-3/issues)

------
techsupporter
> "...the verifier SHALL verify that the pre-registered telephone number being
> used is actually associated with a mobile network and not with a VoIP (or
> other software-based) service."

Now this bothers me. I deliberately use a service (RingTo, discontinued for
new users) to park a handful of numbers and be able to exchange SMS and MMS
with them. One of the things I do not do is give out my actual mobile number
to every random web service that wants it for "2FA," primarily because that
now opens me up to even more phone spam. With RingTo, I just set that number
to always go to voicemail but am still able to use SMS through their app.

It is arbitrary to say "one number type is acceptable for SMS verification but
another is not." I'm actually _more_ concerned that my mobile carrier will
cough up my account to an arbitrary attacker than I am about some out-of-the-
way number parking service that I log into using credentials that are not able
to be easily discovered (an alternate e-mail address and such). My mobile
carrier is a much larger target _and_ has scores of fallible humans working
for it just waiting to be socially engineered.

~~~
greggman
I agree. Namecheap currently only supports SMS 2FA. I'm abroad with a local
sim in my phone so I registered my Google Voice # with them. It would really
suck if I had to carry my USA sim at all times and swap it anytime I wanted to
login to those accounts.

Ideally they'd support the standards so I could just use one of the many
standard OTP apps

~~~
iamshs
Same problem. Don't know why namecheap doesn't support 2FA app like FreeOTP.
Would make it so much simpler and more secure at least.

~~~
rafaelm
They've been promising to implement a better 2FA option for ages. I just got
tired of waiting and moved to another registrar.

It's a shame because in general, I've never had any problems with Namecheap.

------
sdm
It's about time. Phone numbers change too much to be used as part of a
reliable 2FA. You go on a business trip or a vacation, you of course get a
pre-paid SIM card with a local number in your country of destination. It's
simple and straightforward, most airports are lined if kiosks of vendors. But
then you can't access any of your services. You can't do your work. 2FA should
be based around something that isn't tied your location and doesn't change so
regularly.

~~~
_nedR
For international travellers, I imagine its a problem. Within a country - it
is less a problem. In india at least, we have number portability between
providers, so there is little reason to change your number.

------
AdmiralAsshat
Good riddance. I live in a basement. I can't tell you how many times I've been
scrambling to log into a service that only allows SMS-based 2FA, requiring
that I then run upstairs or outside, waiting for my phone's signal to get
strong enough that it will receive the SMS, then dash back down before the
code expires.

------
tombrossman
I'm curious, do people still consider it "two factor authentication" when you
have a mobile device generating (or receiving via SMS) one-time codes and that
same mobile device syncing passwords?

For example, if your web browser or password manager is syncing your passwords
to your mobile phone, and that's the same phone the SMS codes or TOTP app runs
on, is this completely circumventing the whole concept of "two factors"?

Asking for a friend, because I'm sure no HN readers would be dumb enough to do
this...

(also, The Register covered this same story yesterday, here's my dupe
submission:
[https://news.ycombinator.com/item?id=12157529](https://news.ycombinator.com/item?id=12157529))

~~~
chronial
See wikipedia:

> Multi-factor authentication (MFA) is a method of computer access control in
> which a user is only granted access after successfully presenting several
> separate pieces of evidence to an authentication mechanism - typically at
> least two of the following categories: knowledge (something they know);
> possession (something they have), and inherence (something they are).

So as long as your phone is sufficiently password-protected, that is is still
2fa.

~~~
tombrossman
So a laptop or phone with a fingerprint reader and TOTP app would qualify as
well I suppose. I think many people assume that two separate devices are
necessary for proper security, and I wonder if this is true?

~~~
vel0city
Yes, it would qualify. While having additional devices does increase security
(harder to break into both the laptop and a phone, or laptop and
smartcard/yubikey/RSA SecurID token) its not entirely necessary.

Many physical security systems utilize multiple factors of authentication for
access that are tied into a single reader. They often have a badge reader
(something you have) and a fingerprint/eye scanner (something you are) or a
PIN pad/digital combo dial (something you know) all built into the same device
stuck on the wall. Sometimes they'll use separate systems for this, but the
combo units are very common.

------
roywiggins
I love Google Auth, and SMS really does have security problems, but you need a
2FA method for dumb phones, don't you? Are there Java apps for it?

~~~
niftich
Or a hardware token. It doesn't have to be a software token running on your
existing phone.

That being said, several companies [1][2][3] have in fact made software
authenticators that run on J2ME.

[1] [https://guide.duo.com/j2me](https://guide.duo.com/j2me)

[2] [http://www.aradiom.com/SolidPass/2fa-OTP-security-
token.htm](http://www.aradiom.com/SolidPass/2fa-OTP-security-token.htm)

[3] [http://www.eset.com/us/products/secure-
authentication/](http://www.eset.com/us/products/secure-authentication/)

~~~
BinaryIdiot
> Or a hardware token

The trouble is with the user (the user is always the problem). What happens if
they lose their hardware token? You _must_ have a way to recover that is not
exploitable by bad guys but usable by the good people just trying to get back
into their account.

SMS fills this pretty well despite its security flaws. I'm not convinced
hardware fixes this, at least not in any current form I've seen.

~~~
mtgx
My bank gives out hardware tokens. It's super easy to use, and I trust it way
more than using SMS, even though they tried to push me over to using SMS
(probably cost cutting move on their part). When it gets lost, they can
replace it.

~~~
BinaryIdiot
That sounds like a pretty miserable user experience though. People are
forgetful and lose things. Doing something online for the ease of it only to
have to wait for something physical seems like a big step backwards as far as
UX is concerned.

Until you make good security dead simple it'll never be used by the majority.

------
mappu
One possible impetus is the rise in SMS phishing like this:
[https://twitter.com/maccaw/status/739232334541524992](https://twitter.com/maccaw/status/739232334541524992)

How do you verify that the SMS is really from your service?

~~~
BinaryIdiot
> How do you verify that the SMS is really from your service?

The way the phone system works I don't think there is an actual way. It's
inherently insecure from multiple angles. Unless there is a way to verify it,
reliably, that I don't know about but I tried looking into this before and
found essentially nothing useful.

------
kozak
The problem with 2FA is that quite often it will turn into (a weaker) 1FA when
users gets a possibility to restore their primary password by the SMS.

------
original_idea
Wouldn't PUSH notifications over the Google and Cloud networks resolve this? I
know Google Prompt and Authy do this already because of SMS. Authy posted this
a couple weeks ago: [https://www.authy.com/blog/security-of-sms-for-2fa-what-
are-...](https://www.authy.com/blog/security-of-sms-for-2fa-what-are-your-
options/)

~~~
bdcravens
Interestingly, when you sync a new device with Authy, one of the options to
verify is SMS.

~~~
vel0city
IIRC, Authy uses this SMS challenge to authenticate users to allow you to
download the database of secrets. This db is encrypted by a passphrase which
never leaves the device. So, Authy is using SMS as one part of a multi-auth
system to get to the final unencrypted data.

That said, anyone with a SIM card able to get messages for your phone number
can download the encrypted database and attempt offline passphrase recovery.
It might take a while to brute force, they seem to use a lot of hashing rounds
as it takes a couple of seconds to verify the passphrase on a 2014 Moto X.

------
pixie_
It's annoying in a lot of services I can't use my google voice number to
authenticate.

------
mankash666
Reading through the draft, the level-2 authentication and upwards (AAL-2
[https://pages.nist.gov/800-63-3/sp800-63b.html#sec4](https://pages.nist.gov/800-63-3/sp800-63b.html#sec4)
) spec is encouraging. NIST is encouraging eliminating the password and fully
embracing cryptographic authentication (like SSH public-private keys).

------
onetimepassword
The biggest threat that other people have mentioned is using social
engineering to get a new SIM card that works with your telephone number. I
have a google alert for "sim swap fraud". It's oddly under-reported in the US,
but quite common everywhere else. How bad is this?? Well, what if at attacker
obtained more information about you (ie security questions possibly obtained
from a keylogger), then was able to get your phone number, then contacted your
bank or other investment broker and drained your accounts? Yes it happens- all
the time. It's about time that NIST declares this form of 2FA insufficient.
Hopefully the rest of the world will take notice, soon.

I prefer OTP... hopefully there aren't any other RSA-type hacks in the future.

------
ComodoHacker
What's wrong with SMS to virtual number? I mean how it's less secure than
regular number?

------
ittekimasu
Coinbase, too hasn't gotten the memo yet.

[https://community.coinbase.com/t/can-i-use-google-
authentica...](https://community.coinbase.com/t/can-i-use-google-
authenticator-instead-of-sms/1104)

------
davidhyde
In South Africa, this scenario is becoming a big problem: A victim's cell
phone, in their possession, is triggered to go into no-signal state which is
sometimes not noticed for hours. During this time, criminals are somehow able
to capture communication that would have originally gone to the cell phone.
Communication like 2FA passwords. This is then used to transfer money out of
the victims bank account. How can 2FA over sms be considered safe if this is
possible?

------
Glyptodon
It's fine that there are flaws with using SMS, but the alternatives --
proprietary apps, proprietary dongles -- aren't any better. They also just
create more parties you have to trust.

And if it comes down to using public/private keys, there's no reason an open
source SMS app couldn't authenticate encrypted text messages or something.

If SMS in the clear is bad (and it probably is), then whatever is okay needs
to be broadly accessible, open, and usable.

~~~
WorldMaker
«It's fine that there are flaws with using SMS, but the alternatives --
proprietary apps, proprietary dongles -- aren't any better. They also just
create more parties you have to trust.»

TOTP and HOTP are both open OATH moderated standards. You can use any app or
dongle of your choice with any provider that follows the standards. This is a
way better alternative than SMS.

------
willvarfar
Here's a story about a friend whose phone number was hacked in a banking
Trojan attack:
[http://williamedwardscoder.tumblr.com/post/24949768311/i-kno...](http://williamedwardscoder.tumblr.com/post/24949768311/i-know-
someone-whose-2-factor-phone-authentication)

In this case it was a land line, but it's still a relevant empirical data
point for those weighing options.

------
Dowwie
The list of drafts and request for comments on a range of topics can be found
here:
[http://csrc.nist.gov/publications/PubsDrafts.html](http://csrc.nist.gov/publications/PubsDrafts.html)

Other than the SMS-based 2FA work, see: \- Identity and Access Management for
Smart Home Devices \- Multifactor Authentication for e-Commerce: Online
Authentication for the Retail Sector

------
xg15
So what exactly is the alternative? I should carry around a physical security
token with me for every single account I ever made?

~~~
dchest
Get U2F FIDO USB key ([https://www.amazon.com/s/ref=nb_sb_noss_2?url=search-
alias%3...](https://www.amazon.com/s/ref=nb_sb_noss_2?url=search-
alias%3Daps&field-keywords=u2f+fido&rh=i%3Aaps%2Ck%3Au2f+fido)) [standard,
works with Chrome & Firefox for Google, GitHub and more] and/or install Google
Authenticator on your smartphone [works with anything supporting TOTP].

------
xaduha
Any 2-factor auth is better than none.

------
forgotpwtomain
I'm somewhat surprised NIST is using github (a private company) rather than
self-hosting.

------
billpg
Does anyone have any experience of using hardware tokens (like the sealed key-
fobs) running TOTP?

For some services, I would much rather have a key-ring-ful of these devices
rather than an app on my phone which I also use for reading websites.

~~~
kabdib
I use a mix of

\- Google two-factor

\- Service-specific two-factor (e.g., Steam authenticator, which provides
other features beyond TOTP)

\- Non time-based authenticators; Yubikeys are great, and appear to be made of
some indestructible material that survives multiple trips through the wash.

------
bdamm
Eventually the government will issue identity cards with certificated key
pairs.

------
cmurf
My bank uses SMS based 2FA. I'll send them this link and reiterate they should
support U2F, or at least TOTP supported by Google Authenticator.

If SMS is problematic for 2FA, why isn't it problematic for account recovery?

------
retox
I never used SMS 2fa because I don't want my phone number out there.

------
ungzd
And still in "secure" messengers like Telegram SMS is primary authentication
method, not even secondary for 2-factor. Despite documented cases of account
hijacks this way.

------
nutanc
"For now, services can continue with SMS as long as it isn’t via a service
that virtualizes phone numbers"

How much of an affect will this have on companies providing such a service.

------
Illniyar
I failed to find in the article the reason why it's frowned upon, are there
reasons published in the guide?

------
turnip1979
The headline seems a bit click-baity. It seems to merely add some suggested
guidelines to how this is done.

------
nxzero
If SMS is out, any form of verification or identity tied to phone numbers
should be too.

------
tlrobinson
> To avoid red tape, the Institute is trying out a new method for reviewing
> and commenting on the guidelines that isn’t quite so official: GitHub.

Ironically, GitHub uses SMS-based 2-factor authentication...

~~~
petetnt
Or alternatively authenticator based 2FA, which is their suggested way.

~~~
lorenzhs
Or alternatively U2F, which uses a dongle and is phishing-proof.

------
Kiro
I will never ever use 2FA if it's not via SMS. I just don't care enough to be
bothered.

~~~
bigiain
You've never had anybody try to seriously take over the email account you
manage domains names with, have you?

(Try owning a domain name with the word "anonymous" in it, and watch the
skript-kiddies descend en-mass...)

~~~
dozzie
Well, I didn't (I'm not the OP). I host my own e-mail myself.

~~~
bigiain
I've been forwards and backwards on that one myself many times...

Do you seriously think you're more capable of securing your mail server than
Google/Microsoft/Apple?

Is the time/effort you'll spend maintaining it worth the privacy tradeoffs?

How are you dealing with outbound mail? Where are you hosting your email that
isn't already on half the spam blacklists already?

(That last one was the killer for me last time I ran a mail server of my own,
neither my home ip address, nor any of the Digital Ocean/Hertzner/Linode/AWS
vpses I could easily use/afford to make outbound mail connections with were
ever trusted by the big email providers. A self hosted mail service that
couldn't reliably get mail into the inboxes of 80+% of the people I correspond
with didn't end up being of much use... I've ended up back with Gmail and
hating myself for it.)

~~~
dozzie
> Do you seriously think you're more capable of securing your mail server than
> Google/Microsoft/Apple?

I don't know about Apple, I stay away from them.

I also stay away from Microsoft, but I had to go through some of their
products in my time, so there's good chance that I'm more capable.

And Google? Extrapolating how they interact[1] with the rest of the world,
it's not improbable, too.

[1] Did you know, they were a source for backscatter for _several years_?

> Is the time/effort you'll spend maintaining it worth the privacy tradeoffs?

Wrong question. The correct one would be: why would I give up access to server
logs (yes, I use them sometimes) just to give up my privacy on top of that?

> Where are you hosting your email that isn't already on half the spam
> blacklists already?

In a place that is not a known spam source? (Yes, this excludes AWS and
Digital Ocean.)

~~~
wtracy
>In a place that is not a known spam source?

Examples? Shall we take turns guessing the names of these elusive spam-free
providers? Your non-answer reads to me as, "Just don't use any providers that
you can actually afford, and you'll be fine!"

(Sorry if this comes across as grouchy--I can't sleep, and I have to get up
early tomorrow.)

~~~
dozzie
Well, there are smaller companies with own server rooms that offer VPS-es.

I use one in my country (Poland), and I use it since a little longer than
Amazon entered our market. I don't think such a regional provider would be of
much use to you, unless it operates in your region, of course.

What my comment boils down to is to avoid big hosting places.

------
cutie_honey
The double-speak and quack-speak is getting a little thick for me lately.

Government bodies frown heavily on end-to-end encryption, but also frown
heavily on authentication methods that are less secure.

Why, whichever directive shall I adhere to? The more secure behavior or the
less secure behavior?

Maybe I should just do whatever benefits everyone else but me.

~~~
retrogradeorbit
Remember this is the same NIST that backdoored the EC coefficients [
[http://safecurves.cr.yp.to/rigid.html](http://safecurves.cr.yp.to/rigid.html)
]. And before that devised the "explanation" of how WTC7 collapsed. [
[http://www1.ae911truth.org/en/news-
section/41-articles/927-n...](http://www1.ae911truth.org/en/news-
section/41-articles/927-nists-wtc-7-reports-filled-with-fantasy-fiction-and-
fraud-intro.html) ].

NIST is a political organisation more than a scientific one.

Here come the down votes.

~~~
Spooky23
No.

NIST is legally required to collaborate with NSA on crypto. It was widely
reported that NIST people fumed about NSA undermining heir standard and they
removed the offending crypto from the stNdard quickly.

