Not having 2FA at all is the least secure option. SMS-based MFA is better than no MFA, and, to be honest, I'm not sure I trust most people to keep track of MFA tokens and apps. Heck, I don't even fully trust myself to keep track of my yubikeys.
Hopefully if that's the case, more attention will be paid to the fact that using mobile phones for 2FA or identification on high value services is a bad idea :)
Until the authenticator app which holds the TOTP secrets in clear text is on the same phone as you are using to access the website/app in question to start with. Then you'd probably be better off instead storing a token in the secure enclave in the app itself instead.
I use Foursquare and really like it (compared to Yelp). As it's crowd-sourced, the data can be iffy (missing hours, phone numbers) in some lower density regions, but that hasn't been a huge drawback.
Loved Foursquare, but stopped using it when it seemed all the recommendations were a few years old. Even now I go into it and most reviews/recommendations are from 2014. Shame it fell off.
For food, I've enjoyed Foursquare for a better signal:noise ratio in reviews. I am generally quite satisfied eating at its top-reviewed places for any given search term. Coverage of locations is almost as good as Yelp although you'll miss a few restaurants here and there (I'm in NYC).
Just be sure to turn off the always-on location tracking and go through the other privacy settings.
I typically cross-reference Foursquare with Google Maps reviews to make sure the overall rating is similar, since I'm a stickler like that.
Braintree | Software Engineer, Security | Chicago, San Francisco, New York City, Austin | Onsite | Fulltime
At Braintree we provide the global commerce tools people need to build businesses, accept payments, and enable commerce for their users. It’s the simplest way to get paid for your great ideas -- across any device, and through almost any payment method.
Merchants in more than 40 countries worldwide can accept, split, and enable payments in more than 130 currencies using Braintree. And we’re here for you -- with stellar support, innovative concepts, and simple processes -- from your first dollar up past your billionth.
The Role:
The Security Engineer's role is to protect sensitive data and applications in high-scale systems that are growing rapidly. We need you to be heavily involved in keeping security top of mind as we look to power our customers' most important transactions.
Types of projects we work on:
Working with product teams on the security of their new features
Building custom tools to scale security responsibilities
Maintaining the authentication and encryption capabilities of a fast growing payments platform
What we look for in you:
Solid programming foundation; expect to spend a significant amount of time writing code
Working knowledge of one or several object-oriented or functional programming languages
Working knowledge of applied cryptography and how to effectively develop appropriate cryptographic solutions
Knowledge of PCI-DSS is a plus
Previous wide-ranging experience in application security and policy development
4+ years experience developing software with particular interest in keeping things safe and secure
Braintree | Software Engineer, Security | Chicago, San Francisco, New York City, Austin | Onsite | Fulltime
At Braintree we provide the global commerce tools people need to build businesses, accept payments, and enable commerce for their users. It’s the simplest way to get paid for your great ideas -- across any device, and through almost any payment method.
Merchants in more than 40 countries worldwide can accept, split, and enable payments in more than 130 currencies using Braintree. And we’re here for you -- with stellar support, innovative concepts, and simple processes -- from your first dollar up past your billionth.
The Role:
The Security Engineer's role is to protect sensitive data and applications in high-scale systems that are growing rapidly. We need you to be heavily involved in keeping security top of mind as we look to power our customers' most important transactions.
Types of projects we work on:
Working with product teams on the security of their new features
Building custom tools to scale security responsibilities
Maintaining the authentication and encryption capabilities of a fast growing payments platform
What we look for in you:
Solid programming foundation; expect to spend a significant amount of time writing code
Working knowledge of one or several object-oriented or functional programming languages
Working knowledge of applied cryptography and how to effectively develop appropriate cryptographic solutions
Knowledge of PCI-DSS is a plus
Previous wide-ranging experience in application security and policy development
4+ years experience developing software with particular interest in keeping things safe and secure
Braintree | Software Engineer, Security | Chicago, San Francisco, New York City, Austin | Onsite | Fulltime
At Braintree we provide the global commerce tools people need to build businesses, accept payments, and enable commerce for their users. It’s the simplest way to get paid for your great ideas -- across any device, and through almost any payment method.
Merchants in more than 40 countries worldwide can accept, split, and enable payments in more than 130 currencies using Braintree. And we’re here for you -- with stellar support, innovative concepts, and simple processes -- from your first dollar up past your billionth.
The Role:
The Security Engineer's role is to protect sensitive data and applications in high-scale systems that are growing rapidly. We need you to be heavily involved in keeping security top of mind as we look to power our customers' most important transactions.
Types of projects we work on:
Working with product teams on the security of their new features
Building custom tools to scale security responsibilities
Maintaining the authentication and encryption capabilities of a fast growing payments platform
What we look for in you:
Solid programming foundation; expect to spend a significant amount of time writing code
Working knowledge of one or several object-oriented or functional programming languages
Working knowledge of applied cryptography and how to effectively develop appropriate cryptographic solutions
Knowledge of PCI-DSS is a plus
Previous wide-ranging experience in application security and policy development
4+ years experience developing software with particular interest in keeping things safe and secure
Hulu is a premium streaming TV destination that seeks to captivate and connect viewers with the stories they love. We create amazing experiences that celebrate the best of entertainment and technology. We’re looking for great people who are passionate about redefining TV through innovation, unconventional thinking and embracing fun. It’s a mission that takes some serious smarts, intense curiosity and determination to be the best. Come be part of the team that’s powering play.
Hulu’s Information Security Team is seeking an Application Security Engineer as a new addition to the team. You can find the description for the role at the link below.
Don't waste your time. Live in LA, been doing the type of work they advertise for about twenty years, and have not even made it to a phone screen---tried several times. Resumes get shitcanned efficiently though. Perhaps they are selecting for advanced degrees?
Hulu is a premium streaming TV destination that seeks to captivate and connect viewers with the stories they love. We create amazing experiences that celebrate the best of entertainment and technology. We’re looking for great people who are passionate about redefining TV through innovation, unconventional thinking and embracing fun. It’s a mission that takes some serious smarts, intense curiosity and determination to be the best. Come be part of the team that’s powering play.
Hulu’s Information Security Team is seeking an Application Security Engineer and an Information Security Architect as new additions to the team. You can find the descriptions for the two roles at the links below.
A little late to the party but I just recently created a job board that aims for organizing the tech job market. https://www.zeroinjobs.com
I know it's a bit misaligned with the ask in the thread but thought it could be a good resources for job seekers. Personally got sick of creating pseudo regex's on job search sites.
