The comment in question was in poor taste by mocking victims of hacks for being stupid, and the premise of it was wrong anyway (not understanding that it's the telco customer service at fault more than the people who got hacked).
That's about as unsubstantive/low quality as comments go, and really doesn't qualify as "polite rational debate and discussion". It makes sense for a mod to step in and say something.
I must disagree with this. Monsieur Lerie clearly and specifically objects to the use of the term "social engineering". This does in fact deal with situations where naïve persons can be fooled by con artists. This is a problem in the field. A problem we are all aware of.
Denying that it is a problem is counterproductive. Denial does not address the core issues, of exploits that utilize and depend upon the naïvity of the mark.
I do not agree with him that a solution is to prevent the technologically naïve from having access to phones. Nonetheless, this is still an issue that must be addressed. Security schemes intended to protect the general market of customers must not rely upon the customer's sophistication in defense against social engineering scams. Many customers, quite reasonably, are technically naïve in some aspect or another. In is completely improper as a security protocol for mass market products to rely upon customers having enlightened opsec.
The part you are missing is that the mark is not the one being socially engineered. The attacker is getting a completely random telco to hijack the mark's phone number by socially engineering the telco. There is nothing 'the mark' can do to prevent this.
That's about as unsubstantive/low quality as comments go, and really doesn't qualify as "polite rational debate and discussion". It makes sense for a mod to step in and say something.