Intel has launched a couple of Xeon Gold CPUs (like a variant of the 6138P) with integrated FPGAs for specific markets. Nothing mass-market, though, and they don't seem to have caught on much.
Maybe you could use VOIP numbers for 2FA? Many VOIP providers (i.e. voip.ms) can forward SMS to e-mail, SIP client, callback URL or an other phone number. There's a cost, but I guess it's minimal, all considerations done.
Your second scenario is like a dead man's switch. It's interesting, as it could prompt you with a daily challenge that only you can answer. But I don't see how it could be implemented in a normal person's life?
I guess then the risk is whether or not the VOIP provider is more secure than my phone provider? I need to think that one through.
With the second scenario I was just thinking that, if I personally didn't receive the text on a given morning, I would know that my number has been ported and I would begin to freak out and try to race the attacker.
I think it's more of a "security by obscurity" thing than anything, but if the number is really unknown except for you and the 2fa provider, that would probably be "good enough".
The specification pattern can also be used to replace multiple IFs. If you look at Wikipedia, they propose a quite full-fledged and complex specification pattern, but it is possible to make a more lightweight one for your needs.
What hurts is when you decide to switch to another company, which has good rep, and finally find out: it's the same. Everywhere.
After the big bosses do stupid shit, they get promoted elsewhere, leaves you fix the broken plates, rince and repeat until a merger, bankruptcy, or major reorg.
Meanwhile middle management gets bigger and everything gets slower. Good employees leave, bad one get promoted to middle management, and you wonder why you're stupid enough to stay there.
I've got 5 people brought in for the latest contract, folks earning a living because together we provide a much-needed skill to a company in a tight spot. Its been a great few months, and we continue to execute on a 6-month work list and bring them back in control of their process.
Work from home but I'm having a lunch meeting with the major players today which is always a great time getting updates and planning the next week!
I'm considering the same, but I recall reading something someone said while I was in uni - "Why would anyone want to be a consultant when you are mainly brought in for the 'gone to shit' situations?"
Getting a situation from 90% optimal to 91% is very difficult and produces an improvement few care about.
Getting a situation from 20% optimal to 50% is usually relatively easy; getting to 75% is a giant pain, and either result will get you hailed as a hero.
You also deal with the politics with the disengagement of an outsider, and you're gone before it can suck you in too deep.
Once we had a problem with Microsoft' LDAP library not handling referrals correctly on a Big Corp AD forest with domains on each sites. Real headache as we were already late for meeting our deadline...
Backstory: we produced a custom software that used Windows Embedded' LDAP library to handle the LDAP part (Winldap32 library with the Winldap.h headers). The machine running our software didn't join the domain, so it only authenticated the users with the ldap_bind function.
If I recall correctly, we found the ldap32 library referral problem when we used AdInsight (by Mark Russinovich) and saw the library was poking all around the place (the other forest DCs) and never completed any of the requests. I think we confirmed with Wireshark.
The hack was in 2 parts:
1) We made a DLL that offered the same ldap_* functions as those we used in our software. The library then redirected the LDAP calls to a python script that used a native ASN1/LDAP implementation which relied on nothing but pure python code.
2) Then we made a injection software that injected the DLL in our software at startup and replaced the Winldap32 functions with our DLL functions.
We then were able to bypass the MSFT' LDAP library problem, and I think we pretty close to our initial deadline in the end. Apart from the (very small) added latency on LDAP code, everything was fine in the end.
The effects of fasting on the human body are... fastinating! (Sorry!)