I chatted with Rockdoc on FB yesterday after he put up a post talking about FB asking for his phone # which he wasn't willing to give. I said that it was useful as an additional layer of security against hackers who try to get into your accounts by requesting new passwords, or finding holes, such as those described in the article below, that let them sneak in and change them on you - if you have 2-step verification set up, you also have to enter a unique Pin # sent via text to your phone so unless the hacker has stolen your phone as well (and it's not password protected or doesn't have a kill switch), then it stymies them.
I thought I had posted this story a long while back, but I couldn't find it anywhere. Some of the security issues discussed in here have (hopefully) been addressed, but it's always good to have a reminder to be careful with your online presence and accounts.
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz.
But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.
"Now, more than ever, the illusions of division threaten our very existence. We all know the truth: more connects us than separates us. But in times of crisis the wise build bridges, while the foolish build barriers. We must find a way to look after one another as if we were one single tribe.” -King T'Challa, Black Panther
The truth is incontrovertible. Malice may attack it. ignorance may deride it, but in the end, there it is. ~Winston Churchill
My company just had our files shut down in a blackmail scheme, pay the money and you can access your files again. I am starting to wonder if all the worry about hacking will limit economies worldwide.
Thomas Sowell: There are no solutions, just trade-offs.
You can't "worry" about hacking, you have to actively do something about it every day. If you are backing up your files in a separate location, then you don't have to fall prey to losing them completely (as Mat Honan did in the OP) or someone blackmailing you for access to them. This website, though an infant in relative terms, has over 100 hacker attacks a day.
Hackers will get in and cause damage - just look what happened when the AP Twitter account got taken over and false reports of a bombing at the White House from that account sent the Dow falling. But if you follow best practices for guarding your security, both personal, and business, then you lessen that risk a lot.
"Now, more than ever, the illusions of division threaten our very existence. We all know the truth: more connects us than separates us. But in times of crisis the wise build bridges, while the foolish build barriers. We must find a way to look after one another as if we were one single tribe.” -King T'Challa, Black Panther
The truth is incontrovertible. Malice may attack it. ignorance may deride it, but in the end, there it is. ~Winston Churchill
