Mat Honan got hacked, and lost all the data on his MacBook, iPad, and iPhone. How? Somebody broke into his iCloud account. Brute force attack? Simple password? No, not really – the hacker called Apple tech support, and convinced the person on the phone he was really Mat Honan. Apple then reset the iCloud password. The dangers of a monoculture, kids. Even Steve Wozniak has doubts about everything going into the cloud.
As a firm believer in security of personal data, I prefer to have my data handled by native applications with regular backup schemes.
No way I am giving personal/business information to third parties, regardless what their terms of service state.
Cloud storage is probably ok if you have multiple clouds and run something like RAID6 on them. That way, if one or two clouds are taken down, wiped, or whatever, you still have your data. And conversely, if someone steals your data from one of the clouds they will not be able to use it.
Call me paranoid, but I like to run EncFS over Dropbox, works rather well (in windows and linux!)
I have no problems with the cloud, but I have very clear lines about what I want to put in the cloud.
Public data, can be stored in the cloud just fine. It’s just like any webhosting service really.
Private data: like backups or syncing bookmarks and other browser settings get encrypted before they are stored in the cloud.
So for backup that means: duplicity/duplicati/deja-dup
For bookmarks, etc. it means: Firefox, which does encryption by default.
And I will also not use Facebook or similair to create an account on an other website for registering/logging in.
OpenID and BrowserID al ready solve that problem.
There is a reason why Apple doesn’t allow synchronising of Keychain into the cloud but you’d be surprised at the number of Mac users who demand something that would make them incredibly vulnerable. I think the greater question that needs to be asked is why don’t people have multiple passwords for different things? I have an entirely different password than for example the one I used for my banking when compared to one I have for for my Paypal – why do people insist on putting all their eggs into one basket?
I’d hazard the guess that it’s hard for people to find and remember several robust passwords.
That’s the main reason why I used no more than 3 distinct passwords on the web before I got around coding a password generator and manager that suits my taste with the help of Alfman.
Probably because today pretty much every damn site requires that you have an account and it’s a pain in the arse to keep track of all your account/passwords.
That said, keeping stuff like your bank password different from your facebook one is a good idea.
what monoculture? the guy had gmail, twitter, facebook, icloud and old .mac accounts, all entangled and chained up in some sort of mail accounts pyramidal chain, the same way pretty much everyone has…
what exactly is the “monoculture” danger here? *
there’s basically 2 lessons from here:
a) do the damn backups! i keep repeating this and people just keep going without doing them. and them wonder what happened to their data…
b) every webservice in the planet will ask you to link your account with some other service account. Just make sure that the final (or better yet, more than one final) account is something you really have control of, as in physical control of.
I use my old university alumni perpetual account. They have a actual client service you can walk in, they ask for my citizen id, they check the data. (and actually i can even use my national citizen card smartcard and encryption features as a login/two factor authentication with it).
if you can’t have some sort of this kind of physical way of controlling your final account, use two-factor authentication with something you physically control. something Yubikey-like would be perfect, but your mobilephone number is a reasonable option too.
——
* thom, can we stop with the blind anti-apple bias that’s going on around lately? yes, apple can be (and should be) criticized like every other company on earth, but you’ve really been completely engulfed by it lately. is everything wrong in the world apple’s fault?
this case was about social engineering. the same kind of social engineering that breaks every other security system in the world. Although i have no doubt that apple service did something really wrong here. But i don’t trust apple with my remote encryption keys and other stuff. And for the matter i don’t trust google with this kind of stuff any more than apple.
This time, and a very rare time, this wasn’t Thom doing his anti-Apple act.
He reported just the facts and added a general warning.
And it’s a very serious warning. We become increasingly depended on stuff that’s out of our control and quite literally out of our reach. Too many people can make mistakes that make you the victim. Resetting passwords, cutting wires, wiping hard disks, dropping a server.
then what does the “monoculture” stand for?
regarding the cloud, i agree with you. several physical and cloud backups, fragmented in “silos” if possible/desirable. but like i said below, this is a game we can’t win, only stall.
He called it “a monoculture”, one of several. And he’s right in this case, it’s easy to have all your Apple devices working together making it very unpleasant if a hacker can gain control of it.
But what a Google password? How many services does Google have? All accessible with one login/password.
More and more apps are using Dropbox for data storage. Lose Dropbox and lose a lot.
Office 365/Skydrive is another example.
Edited 2012-08-06 12:59 UTC
That is why the only things I use from Google are the minimum ones required to develop for Android.
I even deleted all my Picasa albums the minute G+ asked me for permission to access them. Right away I decided to delete them instead and forget about G+.
Your “B” assumption is flawed. You can’t have physical control of any online service unless you run it by yourself.
So, your proposal would imply a naive person running a mail server and a openid authentication service on his own machine. A potentially more dangerous situation.
i agree with you. that is why i didn’t suggest you running your own server as the ultimate security.
The fact is this game is flawed, you can’t win. The only strategy is to make sure that the other side winning is really difficult and making sure you can pick-up the pieces *after* the other guy wins.
That’s why i mentioned the “physical control” and the real physical customer service of my university. they won’t reset passwords longdistance and they won’t give you the passsword unless you literally come in and show yourself with your id.
it can still be fooled but if it is, i can take back my stuff afterwards. try doing that with a million client company overseas that doesn’t even have/show a simple of contacting themselves (google) or one that does but it is as weak /useless as the “what’s my pets name” questions (Apple).
iPhone, iPad, MacBook Air, iCloud. All his computing devices rendered useless because he relied on a monoculture.
I have Windows, Linux, Android phone/tablet, and a separate, independent cloud backup solution (which is encrypted and only I know the password – not even the provider itself knows my password; if I lose it, I can’t access my data anymore since its encrypted). No monoculture, hence, no danger is me being knocked out because my monoculture gets knocked out.
This is not rocket science.
Edited 2012-08-06 14:14 UTC
Aparrently it is… Correlation does not mean causality.
lets say you would use androidlost (http://androidlost.com) on your android phone, lojack (http://www.absolute.com/lojackforlaptops/features) for your windows laptop, and prey on your linux laptop (https://panel.preyproject.com/forgot).
In all of them you activate the remote wipe feature. In all of them you’ve got a nice “i forgot my password” webpage that allows you to resend a reset request for your email. But your email accounts, all of them, were hacked. so what now? how has your avoidance of “monoculture” stopped it?
the question here is not the reliance on apple’s system. the question is that we’ve chainlinked all of our email accounts and webservices in to either a something of a pyramid or, in some times, an endless loop of accounts. And if a sufficiently high weak link can be broken by social engineering, you’re royally screwed.
Specially if, like this guy, you activate remote wipe without even considering doing local backups. On that issue alone i find serious problems feeling sorry for him. that’s doubly dumb and whining shouldn’t be allowed here.
you can join apple or google or microsoft monoculture as much as you want. just either don’t give them the power to wipe everything (i would say phone wipe is ok, but laptop is better served with encryption) or do backups!
He lost all his data because all his machines were Apple and his cloud provider was Apple. He relied on a monoculture, and everything was lost. You seem to think I’m blaming Apple (your favourite company), which I’m not – I’m blaming the guy for being stupid enough to have only Apple devices and Apple software. Had he had a Windows laptop, an Android phone, and an iPad, this would have NEVER happened.
sigh….
Thom, he lost his data because he installed “remotely wipe” solutions on his devices that were linked to one of his mail accounts.
i’ve just shown you that you can install similar applications on other OSes and devices and they all behave the same and they all are linked to your webmail.
Apple’s fault here is the original reset of his password. That’s dumb. i’m not sure if they could have avoided it, considering the kind of safety features for this kind of systems (i can’t stop bitching about “what’ my pet name” questions). But apart from that Apple is as guilty as any other provider of the same services. which is none. they did what they were asked by what they believed was the user.
Remotely wipe solutions are solutions for protecting the data in your physical computer from getting in the hands of thieves. they are not designed to prevent you loosing access to your webmail accounts.
—–
and just for the record, Mac OS X is currently my favourite system. Apple is just the company that does it. I find less fault in their computer systems than with other vendors, but i sure hell don’t trust them or “like” them nor are they my “favourite company”. they provide me with what i want. for now. the way things are going not sure if that will last for a long time.
i’ve just realized that there might another misinformation that doesn’t help in our discussion.
You do realize that you can have mac devices without using icloud, and you can use some features of icloud but not use/allow the remote wipe right?
the use of the icloud data wipe, where’s my phone and storage of encryption keys by apple are all the user option, and you don’t have to use them to use the rest of the features/software.
it was this particular user decision to activate them. he didn’t have to. they didn’t came enabled by deafult, apple asks you if you want to do that. i didn’t. he apparently did.
No, factually incorrect. He lost all of his data because he linked his devices to the same Apple ID and then allowed remote Wipe. You can associate your iDevices with multiple iCloud accounts (i.e. one per device, and in fact this happens by default.) I did this on my iphone/ipad initially, but to be honest, I ended up buying extra space, so I linked them both to the same account. But my iCloud is linked to my Gmail account and that has 2 step authentication turned on. Your icloud also doesn’t have to have anything to do with your iTunes Apple ID, not your developer Apple ID. The problem is more that people like to use the same details and passwords everywhere.
Again, bull. This could easily have happened with every other device, if the person configuring services used the same primary email address. As already mentioned, not even Apple forces you to do that.
That’s funny coming from someone so excited about Windows Phone. According to your anti-monoculture ideology that should be a strict impossibility. I guess if you want a windows phone you can always switch to a Mac laptop.
Realistically the chance of this kind of thing is one in several hundred million. Compromising interoperability every single day just to avoid such a remote possibility is ridiculously paranoid. I use just as many google services as apple services, so it has nothing to do with any particular company.
No, he lost his data because he chose to simplify his life and forgot or ignored the items needed to ensure he could recover his data easily.
I don’t see why that is stupid in and of itself.
The sensible thing to do then is to automate the backups rather than keep banging your head against this wall.
A very clumsy, but safer, way to reset a password using a help-desk would be the company (Apple in that case) tying the offering of that service to a single telephone number.
Nevertheless, in cloud or not, you should always keep a backup of your more sensitive files.
This is the danger of being lazy. Do not blame the Cloud if your brain start to dump some basics, like the BACKUP.
The problem here is not about laziness, to a extent.
It is about to have several distinct services chained around a single authentication account provided by a company that don’t properly secure their customer’s password.
Mat Honan don’t loose only his files in iCloud, but also:
– got his twitter compromised.
– his Google Account deleted (together with his Google Voice phone number, effectively cutting him out from the world).
– all his Apple devices began also forbidding access even to their basic functionality due to their Apple’s account password and PIN cross-device sync.
– and the worse of all: all their personal devices from Apple was remotely wiped too using the Apple’s anti-theft service.
But “the cloud” is pretty much presented to people “like the BACKUP” – marketed to them specifically as the easy & proper way of doing it.
What the hell, you can remote wipe a MacBook? That seems like a serious design flaw. So basically Apple have the ability to take control of any Mac that they like? Yet another reason to never use OS X, or any other Apple product…
You’ll be really shocked to find out that you can install remote desktop on Windows. Oh my god people can take control of your desktop if you specifically opt in to installing the software to allow it!
It’s very different if it comes as standard and is enabled by default.
That’s Terminal Server, not remote desktop.
You probably shouldn’t say anything if you don’t know what you’re talking about.
iCloud is not enabled by default. You need to opt in and sign in.
Find my iPhone/Mac and remote wipe is also not enabled by default. It’s also opt-in separately from iCloud.
Way to focus on the semantics and ignore the point. You can very easily enable the remote desktop feature of Windows which comes with the OS. Enabling it opens you up to the possibility of someone with the password taking control and possibly wiping your computer. That’s not the fault of Windows, that’s the fault of the user.
Well, that’s good then.
Edited 2012-08-07 05:29 UTC