?

Log in

Insanely stupid Amazon and Apple standard practices mean Apple gives… - Almost certainly not Johnny Depp.

> Recent Entries
> Archive
> Friends
> Profile

August 7th, 2012


Previous Entry Share Next Entry
10:08 pm
Insanely stupid Amazon and Apple standard practices mean Apple gives away the password to any .me email account, to anyone who calls in.

Which gives the caller the ability to remotely wipe any of your Apple devices, and, in this case, because the author trusted Apple as the backup of his Google account and assumed that would be good enough, also compromised his Google account, his Twitter account, and everything else.

(10 comments | Leave a comment)

Comments:


[User Picture]
From:coffeehouse
Date:August 8th, 2012 04:22 am (UTC)
(Link)
and they hacked him just because they wanted his twitter handle.

This shit scares the shit out of me.
[User Picture]
From:ben_raccoon
Date:August 8th, 2012 04:42 am (UTC)
(Link)
Thus exemplifying every single argument against cloud computing.
[User Picture]
From:dantheserene
Date:August 8th, 2012 11:07 am (UTC)
(Link)
The scenario didn't include overzealous government seizure of an entire data center right down to the power strips because *a* tenant *may* have been involved in online gambling or somesuch. Can't forget that argument.
[User Picture]
From:theweaselking
Date:August 8th, 2012 12:01 pm (UTC)
(Link)
Or at least, the dangers of single-factor single-sign-on cloud computing managed by the desperately incompetent.

(Also: Dude seriously ran with no backups, of anything. That's not uncommon, but it IS sad.)
[User Picture]
From:glenn_3
Date:August 8th, 2012 01:19 pm (UTC)
(Link)
That really is incredible, isn't it? I'm next door to computer illiterate, and keep nothing of great importance on my infernal machine, and still back up frequently--and then back up the back-ups. If I know to do that...how can a guy who keeps his entire life on his computer just...not bother?
[User Picture]
From:theweaselking
Date:August 8th, 2012 01:57 pm (UTC)
(Link)
I got burned by losing my cellphone, once - it had gone from "a thing that I carry" to "a place where I store all the phone numbers" without me really noticing.

But that was once.
[User Picture]
From:skington
Date:August 8th, 2012 02:13 pm (UTC)
(Link)
The other thing to notice is that Apple consider the last four digits of your credit card as a shared secret, which is insane - the first 6 and the last 4 digits are explicitly the parts of the PAN (primary account number) that PCI regulations let you expose.
[User Picture]
From:theweaselking
Date:August 8th, 2012 02:17 pm (UTC)
(Link)
Of course, which is why their policy is so brilliant: those are the parts they can let their first-level outsourced underpaid halftrained tech support see!
[User Picture]
From:en_ki
Date:August 8th, 2012 11:50 pm (UTC)
(Link)
"I don't always daisy-chain my account-recovery email addresses, but when I do, I don't put a consumer-electronics company at the root."

> Go to Top
LiveJournal.com