| x404.co.uk http://www.x404.co.uk/forum/ |
|
| How Apple and Amazon Security Flaws Led to Epic Hacking http://www.x404.co.uk/forum/viewtopic.php?f=19&t=16984 |
Page 1 of 2 |
| Author: | koli [ Tue Aug 07, 2012 5:17 pm ] | |||||||||
| Post subject: | How Apple and Amazon Security Flaws Led to Epic Hacking | |||||||||
Meet Mat Honan. He just had his digital life dissolved by hackers:
http://www.wired.com/gadgetlab/2012/08/ ... cking/all/ |
||||||||||
| Author: | forquare1 [ Tue Aug 07, 2012 5:52 pm ] |
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking |
I'm glad that I dont use my Apple email for anything...Only Apple related stuff... I'll also agree that the guy is an utter plonker. He's bought into pretty much the entire Apple ecosystem, but left out Time Machine, which would have saved the things he cares about most... |
|
| Author: | timark_uk [ Tue Aug 07, 2012 5:57 pm ] |
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking |
You don't need Time Machine, you just need an offline backup. Any offline backup system will do, just make sure you have one. Mark |
|
| Author: | koli [ Tue Aug 07, 2012 6:35 pm ] |
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking |
The point of the article isn't really that he should have backed up his data. It's more about thinking what you can do to make it as difficult for attackers to get access to your improtant accounts like google. Using different passwords is a first step but there are also others like two step authentication. I posted it in the meeting place for a reason: so people would see how easy it is for their life to get destroyed and that it pays to be careful. |
|
| Author: | paulzolo [ Tue Aug 07, 2012 8:35 pm ] | |||||||||
| Post subject: | How Apple and Amazon Security Flaws Led to Epic Hacking | |||||||||
Not hacked by cracking passwords - it was done by phoning up Apple support and using social engineering techniques.
http://www.forbes.com/sites/timworstall ... ts-hacked/ So, I'm this case the weak point was the tech support operative - something that anyone in any tech support call centre could fall prey to. |
||||||||||
| Author: | forquare1 [ Tue Aug 07, 2012 10:04 pm ] | ||||||||||||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | ||||||||||||||||||
I know. Time Machine is the most obvious choice though, IMO. Touted as a major feature of Leopard, it has always been one of the big features Apple has pushed since. It's not hard to imagine that someone who is surrounded by the Apple ecosystem to use Time Machine. But as you say, anything would have been better.
Looking at this case, it's probably best to set up a new email account every time you sign up for a new service, at least until every service offers two step authentication. That way only one service is linked to an email account, minimising these sorts of attacks. |
|||||||||||||||||||
| Author: | timark_uk [ Tue Aug 07, 2012 10:13 pm ] | ||||||||||||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | ||||||||||||||||||
I have about 0% interest in using Time Machine/iCloud for backing up. \•/ Mark |
|||||||||||||||||||
| Author: | big_D [ Wed Aug 08, 2012 4:14 am ] | |||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | |||||||||
Using different passwords is irrelevant - and he did use different passwords. If Apple will reset your password for anybody who has the last 4 digits of your credit card number, it doesn't matter how strong your password is! Also having to link mail accounts from one service to another (E.g. the Google and Twitter password resets were sent to his compromised Apple account) doesn't make things any better. If they manage to break into the account at the head of the chain, they can get to every account. |
||||||||||
| Author: | koli [ Wed Aug 08, 2012 6:00 am ] | |||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | |||||||||
So what is the solution? Having a dedicated google account with 2 step auth. set up just for password recovery? Or maybe using your corporate email for that purpose? |
||||||||||
| Author: | jonbwfc [ Wed Aug 08, 2012 7:16 am ] |
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking |
Having a method of password recovery for an email service that doesn't depend on having another email service... |
|
| Author: | HeatherKay [ Wed Aug 08, 2012 7:34 am ] | |||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | |||||||||
Send it by snailmail. Or by telegram? |
||||||||||
| Author: | jonbwfc [ Wed Aug 08, 2012 7:45 am ] | ||||||||||||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | ||||||||||||||||||
What's the phrase... oh yes - 'You can have it cheap, you can have it convenient, you can have it secure. Pick any two'. Jon |
|||||||||||||||||||
| Author: | EddArmitage [ Wed Aug 08, 2012 8:07 am ] | ||||||||||||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | ||||||||||||||||||
And Amazon are just as bad allowing you to add a new credit card over the phone with minimal security, and then use that credit card as a means of answering security questions to reset passwords. |
|||||||||||||||||||
| Author: | jonbwfc [ Wed Aug 08, 2012 8:30 am ] | |||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | |||||||||
Not any more, apparently |
||||||||||
| Author: | timark_uk [ Wed Aug 08, 2012 9:08 am ] | ||||||||||||||||||
| Post subject: | Re: How Apple and Amazon Security Flaws Led to Epic Hacking | ||||||||||||||||||
Mark |
|||||||||||||||||||
| Page 1 of 2 | All times are UTC |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|
