Feeds:
Posts
Comments

Posts Tagged ‘iCloud’

Make enough mistakes, and you will pay the price, no matter how much you think you know.  Here’s a good story about such a major hack, which was carried out on Mat Honen of Wired.  It’s worth reading, and reading carefully.

Part of the problem is rather egregiously poor security practices by AppleCare, Amazon, and to a certain extent, Google.  But a big part of the problem was self-inflicted, since Mat wasn’t properly backed up, he linked his cloud-service providers (iCloud and Google) together, he used the same prefix on many different email accounts (yourname@gmail.com, yourname@me.com, etc., you get the picture), and a few other things that made the attack much more successful and more painful.

He does have one key point, which is that cloud services should have higher security requirements than they do now, and that apparently the providers don’t understand that. Just a password is not enough. And as this points out, even the strongest password is useless if the provider’s customer service personnel will hand out your credentials in exchange for very weak authenticators, in this case billing address and last-four of your credit card.

It’s also not a good idea to link cloud accounts to each other, either using the linkages they provide for your use, or by using the same password on all of them.  This is not their fault, it’s yours.

Here’s the story, read it and weep: http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/

Advertisements

Read Full Post »