The Political Freakshow

Mat Honan, the Wired reporter who suffered from a hacking incident over the weekend, says that the lax security policies of two companies — Amazon and Apple — led to his accounts getting hacked. He still takes the blame, though.

Those security lapses are my fault, and I deeply, deeply regret them.

But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

This isn’t just my problem. Since Friday, Aug. 3, when hackers broke into my accounts, I’ve heard from other users who were compromised in the same way, at least one of whom was targeted by the same group.

While Amazon’s system has flaws, it’s Apple’s — with the remote wipe function exposed by merely having a billing address and the last four digits of a credit card — that leads to real questions. Also, Apple’s support was less than helpful for Honan, as they misunderstood him and thought his last name was Herman, not Honan. This story is enough to make you want reconsider using credit cards on Apple accounts. Read the whole thing. It’s scary.

(via waterman12053)

Source: shortformblog