The Hack That Kept Me Awake at Night
Source: The Atlantic - Posted by Anthony Pell   
Server Security If I've seemed a little bleary-eyed and inattentive this week you can blame Jim Fallows. Late on Tuesday night I read his post about gmail, which linked to Mat Honan's piece for Wired about the destruction of his (Honan's) digital life. I was then up most of the night implementing Jim's advice about improving my computer security. This is by no means the first warning Jim has issued. (His wife's gmail was hacked a while back and he did a memorable article for the magazine about it.) For some reason this latest episode, unlike the others he's related, finally pierced my complacency and I resolved to do something about it.

I don't think I'm an easy person to shock but I was stunned by what happened to Honan--to be more precise, by how it happened. All his devices were remotely wiped and he lost his entire gmail archive. (In fact the hacker could have done much more damage than he evidently did. He seems not to have wanted Honan's money so much as his Twitter account, mainly for bragging purposes.) But the amazing thing was the hacking method. "Phobia" didn't have to steal or break a password. He didn't need to plant spyware. He started with a phone--as in an actual telephone, not a smartphone--and Honan's name, email address and billing address. Incredibly, that was enough to persuade Amazon to invite him into Honan's account. There the hacker found another piece of information (the last four digits of a credit-card number) which in turn was enough for Apple to extend its own welcome. What the hacker did was smart, all right--but it was grifting not code-work. And it was Amazon and Apple, for heaven's sake, that fell for it.

Read this full article at The Atlantic

Only registered users can write comments.
Please login or register.

Powered by AkoComment!