Tuesday, August 07, 2012

Your Digital Life - Destroyed?

Over at Wired, there's an article about a journalist, Mat Honan, whose digital accounts were hacked over the weekend.  Entitled How Apple and Amazon Security Flaws Led to My Epic Hacking, it tells the entire sordid story.

Long story short, there were two flaws in the two company's policies which allowed the hackers to hijack his accounts - all of them, and to erase the data on all of his devices, including his Mac at home.

One, at Amazon, allowed the hackers to use three pieces of easily accumulated data online to reset his password, and using the last four digits of the associated credit card, then call Apple tech support and socially engineer the online tech into letting them reset his iCloud password as well.

With all that, the destruction of his digital life was assured.  He lost over a year's worth of data, including family pictures that cannot be replaced.  He was lucky they didn't clean out his bank account, too, I'll warrant.

His account accuses Apple and Amazon of having security flaws in their systems which made this easy for the hackers.  I'll agree that Amazon's policies of what you can see online and their call center would allow you to use to reset an account password - were deeply flawed.  But Apple's flaws weren't in set, stated policies, but in how their policies were flagrantly ignored by the techs online.  They should have asked a series of security questions, the answer to which Mr. Honan should have been the only one to know.  But the tech was socially engineered to allow the reset anyway, which was actually a violation of set policies.  I am sure that tech is undergoing some serious re-education classes this week, if he still has a job.  So while Amazon's flaws were in written policies, Apple's were in execution.

Apple has promised to review those policies, and Amazon has quietly removed the flaws and issued new policies to their call center techs to close the flaws which were used in this hack.

All well and good.

But my take on this is a bit different, as those who know me well are nodding their heads and getting ready for the blast.

Yes, Mat admitted that the whole issue was his fault, for the manner in which he had things set up and for not backing up his stuff.

I don't blame him for the hack.  That was purely the fault of twisted individuals who do this stuff for kicks and street cred.

I blame him for not backing up.  He lost data as far back as a YEAR!!!  Obviously, it had been that long since he'd backed stuff up, if ever.  Precious stuff, pictures of family.  Things which cannot be replaced.  Yes, the hackers are sleezeballs.  It is their fault for doing this in the first place.

But come on, man, he had a Mac.  Macs come with Time Machine.  Time Machine is drop dead simple.  Attach a hard drive, fire up Time Machine, enter your password to unlock it, set the hard drive as the backup drive, and off Time Machine goes to back up your stuff.

It saves backups every hour for 24 hours, Daily backups for a month, and weekly backups for all previous months, for as long as your HD has room, then it starts deleting backups, starting with the oldest first.  You can potentially have data backed up for as much as two or three years, depending on how much data you are backing up and how big that backup drive is.

THREE YEARS!!!

Personally, I also use portable drives, which I backup to every couple of weeks or so, and trade them out at my safety deposit box at the bank (if you do this, take advantage of the OS X ability to encrypt that backup drive!).  Quick, easy, safe.  Even if some sleezebag steals one of my devices, resets one of my passwords and does to me what they did to Mat Honan, I don't lose a thing beyond the last offsite backup.  Potentially nothing at all, if they fail to erase my Time Capsule (which is separately protected by another password - 16+ digits long.).

I cannot emphasize enough:

BACKUP - BACKUP - BACKUP!!! And when you are finished - back it up again!  You can never have enough or a fresher backup.




No comments: