Sunshine Recorder


How Apple’s Lax Security Allowed One Man’s Digital Life To Be Erased
Mat Honan writes for Wired about the pitfalls of having interconnected online accounts, and the ease with which 19-year-old hackers were able to erase his digital life (and takeover Gizmodo’s Twitter) via security oversights in Amazon and Apple’s systems.

In the space of one hour, my entire digital life was destroyed. At 5:02 PM, they reset my Twitter password. At 5:00 they used iCloud’s “Find My” tool to remotely wipe my iPhone. At 5:01 they remotely wiped my iPad. At 5:05 they remotely wiped my MacBook. Around this same time, they deleted my Google account. At 5:10, I placed the call to AppleCare. At 5:12 the attackers posted a message to my account on Twitter taking credit for the hack.
By wiping my MacBook and deleting my Google account, they now not only had the ability to control my account, but were able to prevent me from regaining access. And crazily, in ways that I don’t and never will understand, those deletions were just collateral damage. My MacBook data — including those irreplaceable pictures of my family, of my child’s first year and relatives who have now passed from this life — weren’t the target. Nor were the eight years of messages in my Gmail account. The target was always Twitter. My MacBook data was torched simply to prevent me from getting back in.
I bought into the Apple account system originally to buy songs at 99 cents a pop, and over the years that same ID has evolved into a single point of entry that controls my phones, tablets, computers and data-driven life. With this AppleID, someone can make thousands of dollars of purchases in an instant, or do damage at a cost that you can’t put a price on. 

How Apple’s Lax Security Allowed One Man’s Digital Life To Be Erased

Mat Honan writes for Wired about the pitfalls of having interconnected online accounts, and the ease with which 19-year-old hackers were able to erase his digital life (and takeover Gizmodo’s Twitter) via security oversights in Amazon and Apple’s systems.

In the space of one hour, my entire digital life was destroyed. At 5:02 PM, they reset my Twitter password. At 5:00 they used iCloud’s “Find My” tool to remotely wipe my iPhone. At 5:01 they remotely wiped my iPad. At 5:05 they remotely wiped my MacBook. Around this same time, they deleted my Google account. At 5:10, I placed the call to AppleCare. At 5:12 the attackers posted a message to my account on Twitter taking credit for the hack.

By wiping my MacBook and deleting my Google account, they now not only had the ability to control my account, but were able to prevent me from regaining access. And crazily, in ways that I don’t and never will understand, those deletions were just collateral damage. My MacBook data — including those irreplaceable pictures of my family, of my child’s first year and relatives who have now passed from this life — weren’t the target. Nor were the eight years of messages in my Gmail account. The target was always Twitter. My MacBook data was torched simply to prevent me from getting back in.

I bought into the Apple account system originally to buy songs at 99 cents a pop, and over the years that same ID has evolved into a single point of entry that controls my phones, tablets, computers and data-driven life. With this AppleID, someone can make thousands of dollars of purchases in an instant, or do damage at a cost that you can’t put a price on. 

(Source: rtnt)

  1. soulofayoungman reblogged this from rtnt
  2. sunrec reblogged this from rtnt
  3. zangen reblogged this from bapeonion and added:
    i lvoe securty
  4. benjaminldaniel reblogged this from rtnt
  5. passingontheright reblogged this from rtnt
  6. bapeonion reblogged this from rtnt
  7. pixiree reblogged this from rtnt
  8. rtnt posted this