Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
MattJ100 a day ago

You're very wrong, because account takeover can still happen due to a compromised email account. People can and do permanently lose access to their email account to a third party.

TheNewsIsHere a day ago | parent | next [-]

Having worked in security on a fairly high profile, highly visible, largely used product — one of the fundamental decisions that paid off very well was intentionally including mechanisms to prevent issues with other businesses (like Google) from impacting user abilities for us.

Not having email change functionality would have been a huge usability, security, and customer service nightmare for us.

Regardless of anything else, not enabling users to change their email address effectively binds them to business with a single organization. It also ignores the fact that people can and do change emails for entirely opaque reasons from the banal to the authentically emergent.

ATO attacks are a fig leaf for such concerns, because you, as an organization, always have the power to revert a change to contact information. You just need to establish a process. It takes some consideration and table topping, but it’s not rocket science for a competent team.

cromka a day ago | parent | prev [-]

This is a logical fallacy. That's like saying security of the website is not important because someone can still steal your laptop.

MattJ100 a day ago | parent [-]

What logical fallacy, exactly? I think you're perhaps misunderstanding the conversation. This translates just fine to your proposed analogy.

In your analogy, the claim would be that some online account is tied to a laptop and whoever possesses the laptop has access to that account. The online service does not permit the account owner to revoke access from that laptop and move the account to a different laptop. I stand by my statement that this would be a serious security hazard. Because yes, laptops can and do get hacked or stolen, just like email addresses.

Where your analogy isn't quite as strong is that at least you can generally add additional anti-theft protections such as full-disk encryption to a laptop, while with an email account generally 2FA is the best you can do.