Feed aggregator

Here are hints and answers for the NYT Strands puzzle No. 390 for March 28.

Looking for reliable internet providers in Vermont? CNET's internet experts have picked the top options that'll suit everyone's needs.

Alongside new field upgrades and scorestreaks, the zombies map coming in Season 3 will have a perk not seen since Black Ops Cold War.

'Signalgate' continues to rumble on, with even more of the Signal messages that were shared between Trump officials – and, inadvertently, The Atlantic – revealed today. But how exactly did this group chat debacle happen, and what does it say about Signal? We've answered all of this and more in our one-stop explainer about the app that's in the eye of a political storm.

With robust privacy credentials, Signal has long set the standard for secure messaging. But in the wake of those revelations that US government officials inadvertently added a journalist to a group chat where confidential military plans were discussed, there are fresh (and mostly unfair) question marks over how reliable the app’s protections really are.

Signal’s reputation has made it popular with journalists, politicians and privacy advocates. Used correctly on an Android or iOS device, it can absolutely make your conversations more secure. Even so, it’s not a tool designed for sharing classified information.

So why have senior US politicians been using it for sensitive national security communications? And how safe were those messages? Here’s what you need to know about Signal – and how to use it properly for private messaging.

What is Signal?

• Signal is a secure messaging app with end-to-end encryption
• It’s operated by the Signal Foundation, a non-profit organization
• Open source code makes the platform more resilient

Signal is a messaging app that's available for iOS and Android devices. Like the best messaging apps, it supports cross-platform text, voice and video chats. What sets Signal apart is its robust privacy features: it’s regarded as the benchmark for secure mobile communications. Which makes Signalgate all the more ironic, even though it has little to do with the app's technical security.

End-to-end encryption ensures messages can only be read by the sender and receiver, while open-source code ensures that there are fewer vulnerabilities for hackers to exploit.

(Image credit: Shutterstock / BigTuneOnline)

Signal was created in 2012 by Moxie Marlinspike. It’s now run by the Signal Foundation, a non-profit organization founded in 2018 by Marlinspike and WhatsApp co-founder Brian Acton. The Foundation relies on donations rather than ad revenue to fund its services. That means users can enjoy an ad-free and tracker-free experience, knowing that their data won’t be sold to third parties.

In our in-depth Signal review, we noted that the app offers “fewer bells and whistles than the more popular (and less secure) messaging apps”. Instead, its developers have focused on creating a secure, minimalist communications tool.

It’s this approach which has made it popular with everyone from whistleblowers and activists to journalists and privacy advocates, who favor its more secure architecture.

How safe and secure is Signal?

• Used correctly, Signal is the most secure messaging app
• It’s only as secure as the devices sending and receiving messages
• User error can compromise the privacy of group chats

Used correctly, Signal has the most robust privacy credentials of any major messaging app. It has the most layers of security at both the front-end and back-end. Messages themselves are deeply protected against hacking, while the app offers a toolkit to ensure communications are only seen by who they’re intended for.

So how did a journalist from The Atlantic end up on a group chat with US government officials, including Vice-President JD Vance and White House chief of staff Susie Wiles? Signal CEO Meredith Whittaker maintains that the app is “the gold standard” in private communication. Here’s the challenge: as strong as Signal’s security features are, they are reliant on the end user understanding how they work.

This incident was not really a failing of Signal. The journalist in question did not infiltrate the group chat through a backdoor. Instead, a member of that chat – which included 18 people – unintentionally but actively added the reporter to the group, who was then privy to sensitive messages discussing air strikes in Yemen.

(Image credit: Shutterstock / Shutterstockies)

Any group chat is only as secure as its members. Even with disappearing messages enabled, there is a window in which anyone in that group can read them. By mistakenly adding the journalist to the group, the US official became responsible for compromising its integrity.

Some voices have criticized the fact that the app allowed this, but the option to add a contact to a chat is a core function of group communications. The fault here doesn’t lie with Signal – the reality is that, as secure as the app is, it’s not an appropriate platform for sharing highly confidential state information.

What’s more, messages sent on Signal are only as secure as the device that is receiving them. If a smartphone is compromised or left unlocked, all of the Signal messages on that device can be read. There is also nothing to prevent someone simply reading messages over your shoulder.

Matthew Mittelsteadt, a technology policy research fellow for the Cato Institute, said as much in a statement emailed to CNN. “Messages may be secure when they are in transit between phones, but once they reach the recipient, security can indeed fail.”

(Image credit: Shutterstock / Boumen Japet)

This is why the use of Signal by top US officials fell far short of government security protocols. Data expert Caro Robson, quoted by the BBC, said communications like these would usually take place on “a very secure government system that is operated and owned by the government using very high levels of encryption.”

While officials from the Trump administration have claimed that none of the information shared was classified, a memo from the Defense Department circulated in 2023 and obtained by NPR banned the use of mobile apps for "controlled unclassified information”. Since the leak, the Pentagon has issued an advisory prohibiting the use of Signal even for “unclassified information”.

National Security Adviser Mike Waltz has acknowledged the failing. Speaking to Fox News, he described it as “embarrassing” and took “full responsibility”.

How does Signal work?

• Signal uses open-source, end-to-end encryption to secure messages
• The Signal Foundation doesn’t monetize user data or sell ads
• User features are designed for security, including personal PINs

Signal offers greater security in three key ways. The first is through end-to-end encryption, which means messages are scrambled in transit, then decoded when delivered to the intended device. No-one else can read these messages, not even Signal.

While other messaging apps also offer end-to-end encryption, Signal’s is more secure because it’s open source. Not only does this make the platform more transparent, but it also allows absolutely anyone to examine the code for potential vulnerabilities. This community scrutiny makes it more likely that problems are found and fixed before hackers can exploit them.

(Image credit: Signal)

Then there are the Signal Foundation’s principles. The app itself collects less user data than other services, with message history stored on user devices rather than Signal’s servers. Of the very limited information that is collected by Signal, none of its is monetized: as a non-profit, the Foundation relies on donations rather than advertising revenue. That also means users won’t be tracked or encounter ads on the platform.

Finally, there are the safety features integral to the user experience. These include a personal PIN to secure your profile and the option to hide your phone number. Every one-to-one Signal chat also has a safety number, which can be used to verify that you’re communicating with the right person. In addition, you can’t be added to a group chat without giving your express approval.

How to get started with Signal

• The Signal app is available for iOS and Android devices
• Setup requires a phone number to receive a verification call or text
• Privacy features include personal PIN numbers and disappearing messages

Getting started with Signal is pretty easy – the app is free to download from the App Store for iOS devices and the Google Play Store for Android smartphones. To create an account, you need a phone number which will be verified by phone call or text message. Once you’ve set up your account, your number will be hidden from other Signal users by default (see below).

The app's interface and basic functions will be familiar to anyone who has used a messaging app such as WhatsApp, Messenger or Telegram. Tap the pencil icon to start a one-on-one or group chat. Within a chat, you can share messages, photos and voice notes. You can also tap the phone or camera icons to start voice or video calls.

If you’re keen to secure your messages, there are a few more advanced features to explore and configure. A Signal PIN can be used to recover your profile and settings on a different device. It’s configured by going to Signal Settings, tapping Account then selecting Change your pin.

Signal also encourages users to verify Safety Numbers. These are generated for every one-on-one chat to confirm that you’re sending messages to the right person. To view a Safety Number, open a chat, tap the header and select View Safety Number. To verify it, you would ideally compare numbers with the recipient in person. Otherwise, you can share it using a trusted channel.

(Image credit: Signal)

Disappearing messages add an additional layer of privacy. After a set period of time, the contents of messages are no longer visible, whether they’ve been read or not. You can set a default timer by going to Signal Settings > Privacy > Default timer for new chats. You can also configure timers for specific chats. Just go to chat settings and select Disappearing messages.

Signal also offers features to keep your communications activity hidden. Screen Security stops a preview of Signal appearing when you switch apps. You can enable it by heading to Settings > Privacy and selecting Screen Security on Android or Hide Screen in App Switcher on iOS.

In addition, you can hide Signal calls from your device’s call log. This is enabled by default, but to double check, head to Signal Settings > Privacy and look for Show Calls in Recents.

Finally, to manage the visibility of your phone number, go to Signal Settings > Privacy > Phone Number and tap 'Who can find me by my number'. To set up a unique username that you can use instead of your number, go to Signal Settings > Profile.

Even with all of the above features enabled, remember that your Signal communications are only as secure as your smartphone itself. To avoid a leak of information like the US government suffered, be sure to activate your device’s full set of security features, keep it locked with a passcode when not in use and don’t access sensitive messages in public. For more tips on how to keep your phone safe, read our dedicated feature here.

You might also like...

• Signal encrypted messaging review
• Best encrypted messaging app for Android
• Should you ditch unencrypted messaging apps? Here's what experts say

The Republican congresswoman's nomination had been expected to easily clear the Senate — but Republicans are concerned about holding on to their thin majority in the House of Representatives.

(Image credit: Kent Nishimura)

• Ascent GX10 is Asus's take on Nvidia's DGX Spark AI supercomputer
• ServeTheHome spotted the product at GTC 2025 and went hands on
• The site took photos and noted the AI computer is lighter and cheaper

Nvidia has recently been showing off DGX Spark, its Mac Mini-sized AI supercomputer built around the GB10 Grace Blackwell Superchip.

Originally called Project Digits, the device has been created to bring advanced model development and inferencing directly to desktops. Although it looks like a mini PC, it’s incredibly powerful and designed to handle demanding AI workflows such as fine-tuning, inference, and prototyping without relying entirely on external infrastructure.

Aimed at developers, researchers, data scientists, and students working with increasingly complex AI models locally, it comes with 128GB of LPDDR5x unified memory and up to 4TB of NVMe SSD storage. The DGX Spark isn’t cheap at $3999, but if you’re looking to save some money without cutting corners, there are some alternatives.

The lighter choice

Dell’s Pro Max with GB10 and HP’s ZGX Nano AI Station are DGX Spark clones, built around the GB10 Grace Blackwell Superchip. Asus also has its own GB10 AI supercomputer clone, the Ascent GX10, which is priced at $2999, significantly less than Nvidia’s offering.

Shown off at Nvidia GTC 2025, (as, naturally, was Nvidia’s own DGX Spark), the Ascent GX10 comes with 128GB of unified memory, and the Blackwell GPU with fifth-generation Tensor Cores and FP4 precision support. While DGX Spark has 4TB of storage, Asus’s version only has 1TB.

ServeTheHome was at the conference and spotted the Ascent GX10 on Asus’s stand where it snapped a few photos of the product.

The site also noted, “The front of the system has the ASUS logo and a power button. This may sound strange, but ASUS using plastic on the outside of the chassis in parts versus Nvidia using more metal is an interesting trade-off. Nvidia DGX Spark feels in hand much more like the Apple Mac Studio from a density perspective while the Asus felt lighter. If you truly want this to be a portable AI box, then ASUS may have a leg up, especially if you want to cluster it.“

On the rear of the system, STH says there’s an HDMI port, four high-speed USB4 40Gbps ports, a 10GbE NIC for base networking, and a dual-port Nvidia ConnectX-7, which Nvidia described as an Ethernet version of the CX7 designed for RDMA clustering.

STH’s Patrick Kennedy noted, “For some context here, a Nvidia ConnectX-7 NIC these days often sells for $1500–2200 in single unit quantities, depending on the features and supply of the parts. At $2999 for a system with this built-in that is awesome. Our sense is that folks are going to quickly figure out how to cluster these beyond the 2-unit cluster that Nvidia is going to support at first.”

(Image credit: ServeTheHome) You might also like

• These are the best mobile workstations you can buy right now
• Asus debuts its own mini AI supercomputer: Ascent GX10 costs $2999
• Project Digits is now DGX Spark; HPE, Dell jump on Petaflop mini AI bandwagon

The Trump administration says it hopes to save $11.4 billion by freezing and revoking COVID-era grants. Addiction experts say clawing back the federal funding is risky and could put patients at risk.

(Image credit: Andrew Harnik/Getty Images)

Made famous on TikTok and YouTube, the hit viral series will air live.

Alpaka bags are known for their rugged construction and durability. You can snag one of these top quality bag for up to half off if you're an Amazon Prime Member.

• There are reportedly no current plans for another iPhone mini
• The last 'mini' model launched in September 2021
• 1 in 5 TechRadar readers say sub-6 inches is the best phone size

The last 'mini' phone we saw from Apple was the 5.4-inch iPhone 13 mini, which launched in September 2021, and was replaced by the 6.7-inch iPhone 14 Plus – and it seems unlikely that Apple is going to bring back a smaller iPhone model any time soon.

Bloomberg reporter Mark Gurman, who is usually a reliable source when it comes to Apple, said in a live Q & A (via MacRumors) that Apple has "really shifted away" from smaller form factors and that its engineers "are not working on a smaller iPhone right now".

The current iPhone line-up comprises the 6.1-inch iPhone 16, the 6.7-inch iPhone 16 Plus, the 6.3-inch iPhone 16 Pro, and the 6.9-inch iPhone 16 Pro Max – so if you want anything smaller than 6.1 inches in terms of display size, you're out of luck.

Gurman did say Apple might one day reconsider their position if market pressures change, but don't expect anything for the foreseeable future. This year, the iPhone 16 Plus is predicted to be replaced by the iPhone 17 Air, possibly with the same screen size.

Should Apple reconsider?

The Galaxy Z Flip 6 at least folds down to a small size (Image credit: Samsung)

Apple never said anything officially, but market reports suggested the iPhone 13 mini wasn't a great seller – which most likely sealed its fate. But according to many TechRadar readers, the iPhone 13 mini was the perfect size for a smartphone.

We ran a poll on the TechRadar WhatsApp channel asking you what your favorite phone screen size was. Top of the pile, with 241 votes out of 799 (31%), was the largest size besides foldables: phones 6.9 inches or bigger, such as the iPhone 16 Pro Max.

In second place, however, were phones with screens under 6 inches in size – like, for example, the iPhone 13 mini. This size got 171 votes (21%), but unfortunately for small phone fans, it's getting harder and harder to find more compact handsets.

Clearly, not enough of the people who like smaller-sized handsets went out and bought an iPhone 13 mini, and Apple has taken note. If you fall into that category, you could try a flip foldable like the Samsung Galaxy Z Flip 6 instead.

You might also like

• These are the best iPhones you can buy right now
• Everything we're expecting from the iPhone 17
• Our full review of the iPhone 16 Plus, launched in 2024

• OpenAI is increasing its bug bounty payouts
• Spotting high-impact vulnerabilities could net researchers $100k
• The move comes as more AI agents and systems are developed

OpenAI is hoping to encourage security researchers to identify security vulnerabilities by increasing its rewards for spotting bugs.

The AI giant has revealed it is upping its Security Bug Bounty program from $20k to $100k, and is widening the scope of its Cybersecurity Grant program, as well as developing new tools to protect AI agents from malicious threats.

This follows recent warnings AI agents can be hijacked to write and send phishing attacks, and the company is keen to outline its “commitment to rewarding meaningful, high-impact security research that helps us protect users and maintain trust in our systems.”

Disrupting threats

Since the Cybersecurity Grant Program was launched in 2023, OpenAI has reviewed thousands of applications and even funded 28 research initiatives, helping the firm gain valuable insights into security subjects like autonomous cybersecurity defenses, prompt injections, and secure code generation.

OpenAI says it continually monitors malicious actors looking to exploit its systems, and identifies and disrupts targeted campaigns.

“We don’t just defend ourselves,” the company said, “we share tradecraft with other AI labs to strengthen our collective defenses. By sharing these emerging risks and collaborating across industry and government, we help ensure AI technologies are developed and deployed securely.”

OpenAI is not the only company to increase its rewards program, with Google announcing in 2024 a five factor rise in bug bounty rewards, arguing that more secure products make finding bugs more difficult, which is reflected in the higher compensations.

With more advanced models and agents, and more users and developments, there are inevitably more points of vulnerability that could be exploited, so the relationship between researchers and software developers is more important than ever.

“We are engaging researchers and practitioners throughout the cybersecurity community,” Open AI confirmed.

“This allows us to leverage the latest thinking and share our findings with those working toward a more secure digital world. To train our models, we partner with experts across academic, government, and commercial labs to benchmark skills gaps and obtain structured examples of advanced reasoning across cybersecurity domains.”

Via CyberNews

You might also like

• New tech skills projects aim to boost UK cyber defenses
• Check out our choice for the best antivirus software
• "I have nothing to hide" - our readers react to Apple getting secret hearing in appeal against UK government

• Nintendo didn't anticipate Mario Kart 8 Deluxe's massive success on the Switch, according to two former employees
• There was "not a clue" that Mario Kart 8 Deluxe "was going to be the juggernaut" that it is now
• The game has now sold over 75 million copies across the Switch and Wii U

According to two former Nintendo employees, Nintendo didn't expect Mario Kart 8 Deluxe to perform so well on the Switch.

This comes from the latest episode of the Kit & Krysta podcast, where former Nintendo of America director of social media marketing Kit Ellis and former senior manager of creator relations Krysta Yang discussed Mario Kart 8 Deluxe and how Nintendo didn't anticipate its overwhelming success (via GamesRadar).

Yang explained that, inside Nintendo, there was "not a clue" that the game "was going to be the juggernaut" that it became, with Ellis adding that it was "kind of an afterthought".

Yang continued by saying that the game "sold and sold and sold and sold and sold," and per Nintendo's most recent sales data, Mario Kart 8 Deluxe has now sold over 75 million copies across the Switch and Wii U.

In the same podcast episode, the pair also speculated on how Nintendo is going to get people to purchase the new Mario Kart game, considering Mario Kart 8 Deluxe's success.

"How is Nintendo going to convince me to get the new Mario Kart?" and spend $400 on the new Switch 2 when there's already a successful game out there, Yang asked.

Ellis also wonders how the new Mario Kart game will perform compared to its predecessor when it's, presumably, only playable on the new Switch 2.

The Nintendo Switch 2 Direct Showcase is scheduled for April 2 and will likely provide us with a release date for the console, as well as preorder and pricing details. Hopefully, we'll also get a brand new look at the next Mario Kart and other unannounced software.

You might also like...

• Nintendo Switch 2 Direct - five things I want to see
• Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does
• Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think

Patapon and Everybody's Golf are heading to Nintendo's console.

• Security researchers Zscaler found a new loader used in different infostealing campaigns
• CoffeeLoader uses multiple tricks to bypass security and drop additional payloads
• Interestingly enough, it executes the code on the system’s GPU

Security researchers have found a dangerous new malware loader that can evade traditional endpoint detection and response (EDR) solutions in a clever and concerning way.

Researchers from Zscaler ThreatLabz said they recently observed CoffeeLoader in the wild, describing it as a “sophisticated” malware loader.

For detection evasion, CoffeeLoader uses a number of features, including call stack spoofing, sleep obfuscation, and the use of Windows fibers, the researchers said. Call stacks can be described as a digital breadcrumb trail that records which functions a program has called. Security tools can use call stacks to track program behavior, and detect suspicious activity. CoffeeLoader, however, hides its tracks by forging a fake breadcrumb trail.

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)View Deal

Armoury

A malware loader’s task usually is to infiltrate a system and execute or download additional malware, such as ransomware or spyware. It acts as the initial infection stage, often evading detection by security tools before deploying the main payload.

Sleep obfuscation makes the malware’s code and data encrypted while the tool is in a sleep state - therefore, the malware’s unencrypted artifacts are present in memory only when the code is being executed.

Zscaler describes Windows fibers as an “obscure and lightweight mechanism for implementing user-mode multitasking.”

Fibers allow a single threat to have multiple execution contexts (fibers), which the application can switch between, manually. CoffeeLoader uses Windows fibers to implement sleep obfuscation.

But perhaps the most concerning aspect of the loader is Armoury, a packer that executes the code on the system’s GPU, hindering analysis in virtual environments.

“After the GPU executes the function, the decoded output buffer contains self-modifying shellcode, which is then passed back to the CPU to decrypt and execute the underlying malware,” the researchers explained.

“ThreatLabz has observed this packer used to protect both SmokeLoader and CoffeeLoader payloads.”

The researchers said they saw CoffeeLoader being used to deploy Rhadamanthys shellcode, meaning it is deployed in infostealing campaigns.

You might also like

• One of the most powerful ransomware hacks around has been cracked using some serious GPU power
• We've rounded up the best password managers
• Take a look at our guide to the best authenticator app

This 15-watt OtterBox wireless charging stand is a staggering $80 off at Woot for a limited time.

Barça could go 3 points clear at the top with a win in this rescheduled clash.

In the decade-plus since Amazon introduced its line of Echo smart speakers, we've been using "Alexa" to address them. It's the default wake word, and soon, as Alexa+, will be the name that marks its most significant AI glow up.

However, the hardware is still officially known as Echo Dot, Echo Show, and so on – but if a new report is any indication that might change, and we could end up calling an Echo Show an Alexa Show.

After a tip-off from a reader, The Verge was able to confirm that sometimes you might see an Echo Show listed as an Alexa Show on Amazon.com, as part of a test the online retail giant is running. I've tried without success to get Amazon.com to show me such a result, but I truly hope the name change becomes a real thing.

The reality is, no one thinks about their Amazon smart speakers as 'Echo' devices. We call them Alexas because that's the name they respond to. We've never said, "Echo, what's the weather tomorrow?" Perhaps if Amazon had gone that route back in 2015, we might be arguing that these are truly all Echo devices.

Do you call your Amazon EchoMarch 27, 2025

Echo has never been a great name. The Oxford Dictionary defines Echo as:

"A sound or series of sounds caused by the reflection of sound waves from a surface back to the listener."

If all the various Echo devices were simply speakers, this might make some sense. But Echo smart speakers are not simply reflecting our voices and requests; they're listening, thinking, and they're responding, and not simply bouncing back what we said.

Also, the combination of names isn't much better. "Echo Show" is not great. It ends up sounding like the "an echo you can see." Nothing in it says, "intelligence plus a display."

Now, let's try out "Alexa Show". We already know what Alexa means, and the combo instantly becomes "smarts you can see".

Just imagine

Even though Amazon is rolling out a much smarter and more generative AI-infused Alexa with Alexa+, I do not see the need to squeeze a '+' into the various product names. However, putting 'Alexa' front and center on products is probably a smart way to incentivize more Alexa+ adoption.

It tickles me to imagine the entire Amazon line of the best Alexa speakers, many of which are part of our best smart speakers list, refashioned around the 'Alexa' brand ideal:

• Alexa Dot
• Alexa Spot (for more simplification, combine with above)
• Alexa Studio
• Alexa Pop
• Alexa Frames
• Alexa Earbuds
• and so on

I'd even argue that the branding could extend to other Amazon native devices like the Fire Stick line (Alexa Fire Stick) and Fire tablets (Alexa Fire Tablet). Kindles would make sense only if Amazon decides to integrate some basic Alexa features (not likely, though, since most people read their kindles offline).

A dose of reality

As much as I want Amazon to fully adopt the Alexa branding across all these devices, it's not likely to happen. When I asked Amazon directly about the test they threw a giant bucket of cold water on the idea of a major product category rebranding.

An Amazon spokesperson told me: "I wouldn’t read too much into this. Customers love both Echo and Alexa, and search for our products in a number of different ways – we’re running an experiment to better understand product discovery, but that doesn’t mean anything is going to change."

As I read that, though, the message is not "it will never change." Instead, they said, "...that doesn’t mean anything is going to change."

It's like when I ask my wife if she thinks we'll win the lottery and she says, "Almost certainly not," and I always answer, 'So, you're saying there's a chance..."

Dropping Echo and adopting Alexa everywhere would be a smart move, and I still hope Amazon takes it from experiment to strategic update. What do you think? Let me know in the comments below.

You might also like

• The best Alexa speakers 2025: top smart ...
• Alexa Plus needs a flagship smart speaker – here are 5 ...
• Up close with Alexa+ – this may finally be the Echo upgrade I've been waiting for

Just days before the official Switch 2 Reveal, the company is giving fans a way to get all their Nintendo news.

• Influencers are being used to share 2FA messaging in the UK
• The NCSC is using social media to help protect against fraud and scams
• Social media accounts are sharing comedy sketches and informative videos

The UK’s National Cyber Security Centre has turned to influencers to spread the word on the importance of two-factor authentication through the power of social media.

The campaign forms part of former prime minister Rishi Sunak’s 2024 Stop! Think Fraud initiative that seeks to spread awareness for online fraud and scams.

Comedians and personal finance influencers have been putting together sketches and advice videos to share on social media with the aim of both entertaining and educating

2FA goes viral

One sketch by thesquidvids sees a group of criminals attempting to hack into an account, with all the classic hacking movie theatrics such as Matrix-esque code tumbling down the screen, and incorrectly used tech idioms including “dropping a logic bomb” and “copying the blockchain.”

The sketch even sees the group successfully guess a password that uses the NCSC’s Three Random Words guidance to craft a secure password (in this instance ‘BulldogSlapheadJalfrezi47?’) with two numbers, a mixture of upper and lowercase letters, and a special character.

However, the group is stopped in their tracks when they encounter a 2FA prompt, with one of the criminals saying “As long as he's got two-step verification we're not getting any further, I don't think.” and the other responds, “Fair enough. I guess that's the end of the film really.”

An NCSC spokesperson told The Register, “To boost public awareness about the crucial benefits of enabling two-step verification on their most important accounts, we've partnered with popular social media influencers to amplify this vital message and encourage a wider audience to adopt secure online habits.”

Two-factor authentication and multi-factor authentication are ways to make accounts more secure. It works by having a code sent to a separate device when logging in that must be entered before access is granted. Biometrics, such as a finger print or facial recognition scans are also used, as well as dedicated authenticator apps.

You might also like

• These are the best password managers
• Take a look at our guide to the best cloud storage
• Most businesses are now fully embracing AI - but aren't always protected against the risks

The World Food Programme says it has just five days left of flour and two weeks left of other food supplies in Gaza.

(Image credit: Jehad Alshrafi)