How Apple and Amazon Security Flaws Led to My Epic Hacking

from Wired

IN THE SPACE of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook. 

In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz. 

Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location. 

Those security lapses are my fault, and I deeply, deeply regret them.

More here.

, , , , , ,

32 Responses to How Apple and Amazon Security Flaws Led to My Epic Hacking

  1. William Stuck February 17, 2017 at 11:39 am #

    As our society hinges more and more on computers and other advanced technologies, the threat of hacking has become a serious and frightening threat. Because almost everything we use today is linked together is one way or another, once one device or account has been permeated, everything else becomes susceptible. Meaning that a hacker can easily dismantle your entire digital existence with relative ease. This is exactly what happened to Mat Honan, a senior staff member at Wired. He says that within the span of an hour, hackers were able to infiltrate and compromise his google, apple, and twitter accounts. Additionally, they completely wiped his MacBook, iPhone, and iPad. All of this meant he was completely helpless to stop the flurry of offensive messages that his twitter had begun to churn out. The first thing he did after realizing what was going on was contact apple customer service. What he learned from them was somewhat troubling. They told him that someone had called shortly before and had successfully impersonated him. Without answering any of the security questions they’re so adamant that you need to set up. All the hacker used to gain access to his account was two pieces of information that Honan claimed anyone with internet access could have gotten. This kind of scenario is actually pretty scary. Especially the fact that racist and homophobic tweets were being published under Honan’s name. It’s hard to revive your reputation after a majority of your following has seen you (or who they think is you) openly post such hateful things. Another frightening thing is that this can happen to literally anyone at random. The people who hacked Hogans account weren’t after anything in particular, they just wanted to “fuck shit up” (yes, that’s a term of art). One of the hackers even reached out to him on twitter and the two began a dialogue. The hacker, identified as “Phobia” told Honan almost exactly how he was able to get a hold on all of his accounts and turn his digital existence upside down. All he really had to do was get two things, Honans billing address and the last four digits of the credit card linked to his apple id. After manipulating amazon and apple customer service, all of this information was readily available to the hackers. Makes you wonder if more security is required to ensure that the person on the other end is who they say they are. The idea that anyone, no matter how obscure, can be targeted online and essentially ruined is a very frightening and very real phenomenon. It makes you think about what you would even do if something like that happened to you, I would have no idea where to start fixing things to be honest. Especially now when so much of our lives and social interactions take place through online services like twitter.

    • Danielle Gangemi September 18, 2017 at 9:20 pm #

      Technology is only getting more advanced and hackers are finding new ways to retrieve information quicker and easier than ever before. Honan, this specific hacker victim’s Google account was taken over, Apple ID was broken into, and all just to retrieve the information to access his twitter account and spread offensive messages. He had the data from his iphone, ipad, and Macbook completely destroyed and only blames himself for his loss of information. His accounts were all daisy-chained together which provided the hackers with more information than they were originally looking for. This article expressed that backing up information from your laptop is certainly important. Honan lost an entire year worth of photos of his family and the first year of his daughters life along with important documents and emails that were not saved in any other location. Some companies don’t keep their account information as protected as others. For example, “The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.” The future for laptops is more cloud-connected devices and Honan believes that password security mechanisms and other security measures must be taken to ensure the safety of information. The rest of his information would not have been in jeopardy if it were not so easily access. One of the two hackers, Phobia, contacted Honan and justified his reasoning for hacking into his account and explained the process of how easy his information was to retrieve. Phobia impersonated Honan when making a phone call to retrieve his information and change his account information. He also explained that he “liked to publicize security exploits” and went into saying that he truly is a nice guy. Amazon makes it extremely easy to access your account and financial information and Apple makes it easy to complete purchases at a click of a button.

      Hacking is a serious issue and I think will always remain a serious issue. As security mechanisms improve, so are hacking techniques and side-by-side they will mature together. Although this may be true, it is important for businesses to ensure the security of customer information and new measures need to be done in order to lower the numbers of hacking victims. In result of this article people may lose loyalty of Amazon and Apple or customers will be weary of what information they should trust these companies with. Businesses need to be aware of who they are speaking to and make it more difficult to change and access information even if it truthfully is their own. Precautions of your own should also be taken; users need to be aware of their accounts to ensure that they aren’t linked together in any form and to understand the importance of backing up information before it is too late.

  2. Robert Seijas February 17, 2017 at 11:59 am #

    The part of the article that interested me the most was when the author said, “Unsure of exactly what was happening, I unplugged my router and cable modem, turned off the Mac Mini we use as an entertainment center…” It may have been unknown to the author at the time, but this could not have helped him in the slightest. It may have hurt him, as he could no longer see what was going on with all of his devices in real time. He wrote that all of his information and accounts were daisy chained together in the cloud. This means that all of his information was in the cloud, and that there is absolutely no use of “cutting off” the hackers. This action that he took had absolutely no affect, unless cosmetic to make him feel better about the situation. We truly live in a dangerous age with our technologies and the power that it holds over us. In the end, if we are at any sort of risk of hacking, there is nothing we can do by this time because it is already much too late.
    By trusting in the cloud technology, we trust that another party can hold our data better than anybody else can, including ourselves. In a way, it is very similar to the way in which we use banks to store our money. The cloud does not just store our information and files, but every single customers as well. Not only this, but it is all saved together in an identical fashion. This gives our power to somebody else, because we no longer hold our important and possibly secretive information. The problem with this is obviously hacking, which can have more of an effect that we really believe it could. We do not know how secure cloud information really is, because it can vary service to service. It is not uniform like the banks in the United States. There is no regulatory authority responsible for our data, like there is one responsible for our money.
    The lack of anybody looking out specifically for this information is quite alarming. Especially since most of the companies responsible have many other lines of business and products, instead of just the cloud data security. All of this information should be known before putting documents onto the cloud and trusting that they will be safe. Another thing to look out for, very obviously, is linking accounts together and using similar or identical information between accounts. This will create weak links that have the ability to jeopardize personal information. Users need to understand the risks and lapses in safety, not just on their cloud providers’ end, but also on their own as well. There are many ways around this, and all that they require is time and research.
    In the end, hacking is a negative outcome of keeping information online, but it is a preventable outcome. Many people are not too strongly versed in technological knowledge, but should be knowledgeable if they plan to keep their information in a place where others can get to it. Hacking is preventable, but if not prevented, it is unstoppable. Once it begins, there is no way to stop it because it no longer relies on us pulling the plug, but the company holding our data and that will frankly never happen. The only thing to do is be more conscious of the information we send off, how we send it, and if we really need to.

  3. Owen Balseiro February 17, 2017 at 1:26 pm #

    With more and more business and daily life being done online, it is of the utmost importance that people have as much security on their accounts as they can. We have our photos online, our work and most importantly our information. Any breach in the mechanisms that protect this information can prove to be fatal for almost any financial situation a victim is in and it can be even harder to try and rebound from an identity theft. So when I read the article by Mat Honan, I remember how my father used to never use his credit card online while my mother fully embraced online shopping. Two very different reactions to the online world. But Mat’s quote “The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.?” Really did speak to me. It shows how two companies regard the same information in two different ways, similar to how my parents regarded online shopping. To me it was very alarming how Amazon and Apple, two kings of online interactions could regard the last four digits of a credit card so differently and it also shows that while one company’s set of rules for combating hackers could be easily undone by information gathered from another company. So what seems to be needed in the ever growing world of online interactions is a somewhat uniform code for how to prove that you are you? But the question of what that code will look like is still going to be unanswered. So what I believe is going to happen is something that I saw with my own two eyes over the years and that is the online service Steam and how it has grown and adapted to combating potential hackers. For the uninitiated, Steam is an online video game distribution platform that sells video games. It is run by Valve, a legend in the industry and its selling point is that all of the games are downloads, no discs needed. I first came into contact with steam when I bought a game and when I was installing it, it required me to have a steam account so that I could put in a code preventing the game from being installed again for someone else. Now steam at this stage was still quite new when compared to the giant it is today but because of that hackers were not as interested as they would become. As more and more people became aware of Steam and used it, their accounts would swell with hundreds of dollars worth of games, but even then there was no reason to hack into an account because the games were locked to that account forever. But when Valve launched an update for their game Counter Strike Global Offensive (CSGO), allowing skins for the weapons into the game, Steam exploded in popularity. Now what really attracted hackers like flies to sugar was the fact that these skins quickly gained real monetary value. I’m not talking a tens of cents. I’m talking anywhere to under a dollar to thousands of dollars depending on the skin. And with trading between accounts already in place for a long time, hackers were quick to steal accounts, trade all items of value to their account and sell them for a profit. To combat this Valve began banning bot accounts that were often used to give out fake links. And this worked for while until the hackers found a way around it and so on. But Valve added another thing to Steam this time that really kicked the beehive. Valve added a marketplace on steam, here people could sell their ingame items for money that would be added to their steam account and could be used to buy games or other items. This could then be saved up on an account to buy a expensive item and then sell it on a third party site for money on paypal. This really got a lot of accounts hacked and items stolen, so what Valve did is something i think everyone company needs to do. They added an app. Not just any app, the made it so any item trying to be sold via the marketplace needed confirmation from a phone. Meaning that items can’t be sold via the computer without the phone. Taking it further Valve made it so that every time you want to login to you Steam account via your phone, you have to put in a code that Steam emails you. And the code changes every 15 seconds. Needless to say the measures have proven very effective as any account not linked to their phone cannot use the marketplace and if an item is not confirmed it will take two weeks until it will be put up on the marketplace.

    Now the point on all of this is to show how one company that makes A LOT of money online, created measures to protect its client base from people who are trying to hack their accounts. And I think every company needs to look at itself and do something similar.

  4. George Tannous February 17, 2017 at 1:32 pm #

    This new world that is centered on technology and more importantly and more specifically the internet. This new age has shown us that the internet is one of the biggest assets for us as we move forward. Since the rise of the internet and efficient computing, the internet and cloud servers hold all of our data and important files, documents, pictures and relatively essential parts of our lives. While it is the easiest and most efficient way for us to store our data, it can also result in problems. Data corruptions (when your data is not backed up) and even more importantly hackers can access these files when you are not on a secure network.
    One of the first things I noticed about the article was that it was published in 2012. And when I think about it, in the last 5 years the way we think about cyber security on a broad level is still the same. Most computer and internet users do not equip themselves with the necessary security preventions and backups to protect themselves from these attacks. The subject of this article Mat Honan was a victim to a violent cyberattack which led to him having his email, amazon, apple and twitter accounts being hacked. He also had all of his data erased on his Ipad, Iphone and Mac. Essentially all of his accounts were linked in some way. When a hacker gets into one account, usually the rest of them fall right into place. All of this was done to hack his entire internet based livelihood. It really goes to show how true and important it is to have different passwords and double security log-ins just as Professor Shannon stresses on a daily basis.
    I think until we experience a cyberattack first hand, we will never realize that what we read is real. We tend to think that none of this stuff would ever happen to us and then when it does we are not prepared. I experienced a minor cyberattack in September of 2016 when my main email account was locked out because of someone who got in and changed the password. It took me weeks to gain access back into that e-mail account as Verizon had to send over a temporary password via mail. It was a major scale attack that affected millions of users. But after this happened I made preventions to try and change up my passwords and add an extra layer of security to my email accounts.
    It is crazy to think all a person needs is the billing address of an individual and the last 4 digits of a credit card to hack into someone’s ICloud account. Then based off of the ICloud account and all of the information based on that, a person could literally have all of a person’s information that easily. Cyber security is something that not many people like to talk about. People still seem to want to believe that the internet age is linear and that we are still in 2004. The truth about it is the internet is gaining complexity and technology is too. With greater technology and more sophisticated programs being created, there is more chance for cyberattacks on those who are still left on the same level of protection from a decade ago. I definitely expect cyberattacks to become more common unless people start to take action on a larger scale.

  5. Julian Manzano February 17, 2017 at 2:11 pm #

    Everyone on this planet has a digital footprint. We all have accounts on the internet, some important, and some not as important. We also have priceless photos and documents on a cloud service that we depend on to keep these things safe. Now although these services may seem safe to us, they could be very easy targets to hackers. Our accounts that we depend on may be vulnerable to hacking. This could be the faults of the companies not having better security measures and it could also be the fault of the user by not taking higher security measures themselves. It is important that both parties try their hardest to keep the accounts as secure as possible because an account can contain seriously sensitive information that could ruin someone’s life if it falls into the wrong hands.
    Companies hold the bigger end of having to keep people’s accounts secure. In the story in the article, Apple only required pieces of information that anyone could retrieve to reset an account. There has to be a better sense of security on these services. Companies must put their customers first and make sure they are safe; it is the moral thing to do and the best thing for your company. Having a reputation of unsafe accounts and constant hacking will lead people to leave your service in fear of having their information stolen. Companies have to start bulking up their security measures because this is a serious issue, people’s lives and information is at stake. It should not be something taken lightly by a company.
    The users of these services also have to be held accountable for instances of hacking. Most of the time, hackers are really good and attacks could not have been prevented by the user, but there are times when being more careful would prevent an attack. For example, in the story in the article, the man who was attacked says he was mad at himself for the hack because he more than likely could have prevented it. He said that he could have added two-step authentication to his google account and he could have backed up his MacBook to prevent his photos of his daughter from being permanently deleted. Although companies have the bigger end of the bargain to keep our information safe, sometimes we have to take matters into our own hands and make sure we keep it as safe as possible. There are steps and measures we can take to make sure we make our accounts and information safe, just like we briefly discussed in class.
    Security is extremely important, and it can lead to serious damages to someone if they suffer a breach of security. That is why companies and the person themselves have to keep their accounts safe from hacking. There is no 100% sure way to prevent hacking, but there are ways to keep yourself from being vulnerable and to limit the chances of you being hacked. In this digital age it is just as important to keep your online self safe just as you would keep yourself safe doing anything else.

  6. Garrett Palmeri February 17, 2017 at 3:59 pm #

    In this article, Matt Honan is writing about a personal cyber attack and his encounters with his hacker. Reading this I was shocked more and more with every sentence. Honan blames mainly himself for failing to take on the highest security precautions, but Apple and Amazon security measures are also to blame. My knowledge of technology security has been growing exponentially since doing these comments and it makes them much easier to write.
    Matt Honan’s attack did not impact him financially, but instead more on a personal level. He discovered while with his wife and child that his AppleID had been compromised when his iPhone and Macbook both went through a factory reset. His twitter account was also hacked and turned out to be the main target of the entire hack. The process of the hack is long, but not too complicated. The hacker whom named himself “Phobia” explained the process to Honan in communications after the hack. Basically, Phobia used Honan’s linked email accounts to reset his password giving himself access to incoming mail. Then Phobia used Amazon’s lack of security to add a fake credit card to Honan’s account and then used that to reset the password with the hacked email. This gave Phobia access to the last four digits of Honan’s credit card on file for Amazon. This information is crucial because to get passed AppleCare, you only need to provide the email address, billing address, and last four digits of an associated credit card to gain access to the accounts information. With access to Honan’s AppleID, Phobia used the “Find my iPhone/Mac” function to erase all data. Phobia also reset Honan’s twitter password and tweeted controversial messages to troll his followers. Honan did not press charges so he could learn of the process and take action against Apple, Amazon, and other companies to up their security measures.
    This is wild to me. So much terror can be caused in someone’s “digital life” with just one phone call to Amazon. The possibilities are endless. Financial destruction is one of my main concerns. If you can gain access to accounts such as Amazon and Apple, you can make nearly unlimited purchases and destroy their credit and drive that person into debt.
    I have been commenting on technology articles at least once a week. Even more so on the security of such technology. It is interesting Apple would have such a weak internal security system in relations to account access when their security on the actual device is relatively stronger than most devices. Because of the encryption methods found in Apple products, it would be assumed AppleCare would hold the same standards for security. This is something that must be addressed by companies of all kinds. This system of hacking can be done by most with a small background in technology and is a danger to society. The rapid growth in relying on technology must be backed up by a rapid growth of security.

  7. Zion McMillan February 17, 2017 at 4:11 pm #

    Day in and day out people around the world find new ways to incorporate technology into the daily lives of humans. Whether it’s the IoT or Amazon using drones to deliver packages, the technology that is beginning to define the 21st century is there. With all of this new technology comes new security risks, one of them being hacking.
    In just one hour, senior staff writer for The Wired Mat Honan, had his entire life hacked. His Twitter, Google, and Apple accounts were all hacked using information he claims anyone could have gotten off of the internet. The hackers also wiped clean Honan’s iPad, iPhone, and Macbook. Shortly after his Twitter began spewing offensive content that he had no ability to stop, Mat Honan called Apple Support, to which he found that someone had just called shortly before him impersonating him. Apple did not prompt the hacker for any of the security questions they stress their users fill out.
    The staff writer also claimed that while this situation was horrible, he could have easily have prevented it. The hackers first breached his Amazon account, which in turn gave them access to his Gmail, Twitter, and Apple information. Had he used a two-factor authentication code the hackers would not have been successful in obtaining all of his personal information. In addition to failing to keep secure passwords, Honan also never backed up his laptop and phone. When the hackers gained access to his systems and wiped everything clean, he was not able to recover the priceless photos of his daughter’s first year of life he had saved on his devices.
    Aside from all of this, Mat Honan’s reputation became tarnished. His twitter shelled out several racist and homophobic comments. He was hacked, but there are no shortage of people who did not follow up with the story or truly don’t believe it, and now see him in a negative light. The hacker who was identified as “Phobia” explained to Honan that all he needed was his billing address and the last four digits of his credit card number. After acquiring this information the rest was easy.
    A hack like this is alarming. It already feels like when creating accounts the verification and security process is very strict, but clearly this is not the case. These sites need even more security, or at least better trained customer service professionals. I am interested to see how these large corporations will combat these attacks.

  8. Matthew Talarico February 17, 2017 at 4:14 pm #

    This article struck me as odd, because it gives a step-by-step process on how to hack someone’s digital life. While reading the whole piece, multiple ideas ran through my head. Why would the writer, who is victim to this digital hacking, reveal the methods in which he was hacked? It seemed contradictory to me. Then it struck me, that by revealing the secrets and the ways in which he could of prevented nearly each step, it lets other people know how to stop attacks like these. By revealing how these hackers get ones information, the author hoped that other people would take his advice and apply his learnings to their own lives. Why else would he write this article? I do not think he wanted everyone to know that his accounts are vulnerable. This article is not just for the people, but for companies that hold private information, and how they could improve. For example, it constantly said how if he had a two-step authentication process to his Google account, this could have been prevented, or if the Apple Tech Support worker did not easily let the hacker change his information. Simple flaws led to simple problems, which paved the way for this hacker to get into this person’s digital life.

    The simple flaws that this person encountered not only occur in the digital world, but could happen. Many major mishaps happen because of a simple error that could have been easily avoided. It is human nature to become complacent when someone is in a routine of some sort. This is why occurrences like this will continue to happen unless new regulatory actions, which do not take breaks, are put in place to prevent these type of mishaps. While customer support can help work out problems that are not as easily solved by computers, the fact that they are human is a major flaw. Security systems that are computer monitored are usually more secure, but are also prone to hacking and possible malfunction. While there are many programs that are highly developed and require teams of hackers a long time to possibly get into, those types of programs are usually used by rich corporations and the government.

    The reasons for hacking into someone else’s life vary from each occurrence. Many people hack into other people’s digital lives because they want to, and then there are the thieves. These thieves tend to use brute force, by hacking into a company’s private servers that hold confidential information. Whatever the reason for hacking, knowing that someone can access your private information can make someone very paranoid. While companies have taken many security precautions by implementing more security methods and hiring outside companies to help with their security, hackers are always finding new ways to get people’s information.

  9. Matthew Radman February 17, 2017 at 4:34 pm #

    It is incredible how quickly technology has become ingrained into our identity. As we transition into a more cloud-based world, it is important to recognize and understand security and hacking. Although the writer of this article admits that he left his security vulnerable when hackers took ahold of his account and “my Google account was taken over, then deleted. Next, my Twitter account was compromised and used as a platform to broadcast racist and homophobic messages. Moreover, worst of all, my Apple ID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook,” the blame cannot be placed entirely on him. In a society in which most people have over 20 website logins, differing security policies can compromise the integrity of those accounts.

    In the writer’s case, the issue came from the internal differences of the companies involved. For example, the last four digits of a credit card number are easily obtained by Amazon and can be used by Apple to unlock an account. As technology becomes more prevalent and valuable, the large corporation who control the information needs to be more diligent in the security and access to accounts. Perhaps a coalition to cooperate safety standards would be beneficial to customers of all modern platforms.

    Until that day when all the major tech companies work together to increase safety, certain precautions should be taken by consumers to increase their private security. What the writer admits he did incorrectly was daisy-chaining two accounts together. When it comes to online safety, putting all of one’s eggs in one basket for the sake of convenience is not the smart move. The same emails and especially not the same passwords should be used for sites with valuable information. A step that can be taken for security and convenience purposes is using a password keeper such as LastPass. While these keeps are sometimes criticized for putting all of their eggs in one basket, the shell of its egg is surrounded by AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes as well as supported by multi-factor authentication. That hits right at the merits of multi-factor authentication. Most large websites including Apple and Amazon offer it as a way of ensuring a person’s identity. Along with products one could use, it is important to use long, randomly selected passwords. Often people pick passwords that are easy to remember, however, easy to forget is easier to hack. On the same point, it is important to change passwords on a regular basis.

    Online security is becoming one of the most important forms of safety and must be taken seriously by all parties. The writer of this article tells a forewarning story to abut the dangers of hacking and how prevalent it is. Mot people imagine that it could never happen to them. However, this writer is just that, a writer, not the typical high-profile individual that most people associate with cyber attacks.It is important for companies to work together on this as well as people to pursue their own online security.

  10. Frankie Lisa February 17, 2017 at 4:36 pm #

    Cyber security is an important issue which affects every American who owns a cell phone or computer. Many people including myself do not realize how prone we are to having our information stolen by hackers. The author of the article Mat Honan had all of his digital life destroyed by hackers. This includes his cell phone, computer, amazon account, and his twitter account. Mat’s story proves how not all of us take the proper precautionary security measures to ensure our cyber security.
    Movies and TV shows portray actors as computer wizards who are able to penetrate firewalls to penetrate firewalls and networks of governments and large corporations. In reality, almost anyone can hack into your online accounts. The hackers who hacked into Mat’s accounts did not use any secret tricks. They simply exploited security weaknesses in Mat’s accounts and manipulated customer service and tech support of multiple companies. What Mat and many others including myself fail to realize is that all of our accounts are chained together. The hacker’s goal was to access Mat’s twitter account. They simply followed a path that led them right to Mat’s twitter account. First, they discovered Mat’s Gmail address through his personal website. Then they found his backup apple email. This informed the hackers that Mat has an apple ID. To gain access to Mat’s apple ID, all they needed was an email, billing address, and last four digits of his credit card number. They found the billing address by doing a whois search on Mat’s personal web domain. To find the last four digits of Mat’s credit card number, they manipulated Amazon’s customer service and security policies. Once they were able to view Mat’s amazon account, they could not see the whole credit number, but only the last for digits, which was all they needed. With Mat’s email, billing address, and credit card number, they were able to reset the password for Mat’s apple ID. Once they had the Apple ID, they were able to access Mat’s twitter account. Once they had access to Mat’s twitter account, they completely wiped out the hard drive on his iPhone and MacBook. Once Mat’s iPhone and MacBook were wiped out, there was no way for him to regain access to his twitter account. Almost anyone can follow these steps and get someones information
    Mat’s hacking story shows how important data security is. Mat claimed he was more mad at himself because he could have prevented the hacking from ever occurring if he had taken a few extra precautionary measures. For example, if he had used two factor authentication on his Gmail account, the hacker’s journey would have ended right there. When his MacBook and iPhone data were deleted, Mt lost all of his daughter’s pictures. He was also mad at himself because he had not backed up his data in too long. Since he did not back up the photos, there was no way to get them back.
    Mat was very fortunate that the hackers were only targeting his twitter account. With his apple ID, Amazon account, and the last four digits of his credit card, The hackers could have tried to gain information from Mat’s bank and financial records. Also, with his Apple ID, they could’ve used Mat’s Apple Pay account.

  11. Christian Cox February 17, 2017 at 4:47 pm #

    It is a scary thought to imagine your entire digital life being compromised for even an hour. The internet has connected everyone across the globe and their entire impression of you is what they know from your digital profile and activity. Mat Honan lived this reality and saw his Twitter account used as a tool to make racist and homophobic comments. This story makes me think about the advice of Professor Shannon to be more cautious. I am still yet to cut a pair of headphones because I only have two. This is a lesson to expose our security flaws. We have solutions to the security flaws; however, we often wait until it is too late before we correct our oversights. Professor Shannon brought up two factor authentication in one of our earlier classes. If Honan had used two factor authentication all of this could have been avoided. We are all susceptible to internet attacks like Mat Honan. We are in a constant state of vulnerability that we need to be aware of the consequences. Most people think that there is no one that would want to attack them. Some fear the risks of social media like myself, but a global presence is necessary in our changing world. It is clear how effective a social media presence is in business for targeting not only younger generations but also expand your brand’s global presence. The reputation of your brand and social status can be destroyed in less than a course of an hour. We should all be wary of the consequences of our actions on the web. You never know when you anger a group of hackers and they can take actions to turn your life upside down. We should all strengthen our passwords regularly and abstain from using free Wi-Fi. Everyone should be installing anti virus protection software; the problem lies in its rarity. Luckily most people will never have to deal with a cyber attack, but because of this most people feel no need to change their habits. Each day leaves users with more liability that users need to be cautious of. This lesson is taught over and over again to change our online habits. Apple tech support gave the hackers Honan’s iCloud credentials. This is a scary thought but ultimately seems like something anyone could do. A distressed voice over the phone can be very convincing. Combining this with every employee being recorded on how fast they can resolve issues leads to the release of sensitive information. We’d like to think that apple performs some special technique to recognize your phone number to keep your private information secure, unfortunately this is not the case. All of your personal information, every picture, every video, and every memory captured by your phone or computer is vulnerable to hackers. I believe that without a doubt all people would prefer to secure all their data, but I also think that people do not value their information and security to actually take action to protect it. Proper security techniques need to be the norm for all sites to ensure security. Sites could make it harder to access an account from its normal interface, like your phone, and require security questions along with access credentials.

  12. Guy Barbano February 17, 2017 at 5:08 pm #

    After reading this article it is amazing what some people will do in order to hack and steal information or put out false information you do not believe. As with what had happened to Matt Honan. Who had basically everything hacked from his Apple products to his Amazon to finally his twitter. Which was what the hacker was original looking for from Mr. Honan. It is amazing the lengths people will go in order to hack your twitter account just to put out false information or messages. The hacker started by hacking Mr. Honan’s IPhone and MacBook when the hacker put them both through a factory reset and through that the hacker was able to get Mr. Honan’s email and through all the resets getting his passwords which he used to get into his email inbox. Which he then somehow used to get into Mr. Honan’s amazon and through amazon got all of Mr. Honan’s credit card information. Luckily though the hacker who identifies himself as “Phobia” wasn’t going after his credit cards or money. Which could have made Mr. Honan’s life and credit score terrible. After hacking into his amazon account though the hacker then got into Mr. Honan’s Twitter through AppleCare and started to put out false information and messages over twitter. Even though Mr. Honan was attacked and hacked virtually it can be scary to some. To me though Mr. Honan is truly lucky since all the hacker “Phobia” wanted was his twitter and nothing more. “Phobia” could have done some really bad stuff to Mr. Honan. For instance he could have bought a bunch of things with his credit card information. He also could have ran up Mr. Honan’s credit score and ultimately end his chance of ever getting a loan again. It could have been even worse and he could have stolen the credit card information on file and sold it to someone. With today’s day and all the hacking that goes on I do not know what to think anymore and if technology is actually getting better for us as a whole sometimes with all the bad that goes on with it. I know that if I was Mr. Honan I do not know what I would do or if I could ever use technology again. For someone to hack all of my information it would just destroy me. A lot of my information is on my computer and devices like Mr. Honan. I am very lucky to have never been attacked or hacked. With the pentagon saying they get about 10 million hack attempts a day that is very staggering number. With technology always increasing and getting better by the day. If will be amazing if we are able to keep up with the amount of hacks and security that may be on the way. Internet security will be a huge thing of the future because of problems like this and if we cannot figure out ways to keep all of our information online or on devices safe. The future of the cyber world may be in danger.

  13. Ryan Appello February 17, 2017 at 5:48 pm #

    As the internet grows and becomes more complex, more and more doors are opened to potentially malicious acts from hackers or exploiters. As more and more services go to the cloud to do business, a customers security is being put at even greater risk. Access to sensitive account information is stored online and in many cases, is connected to all sorts of different accounts. So if you find one piece of information, a domino effect occurs and you can find all of the information, no matter how private or important. The terrible incident that occurred to the man in the article is saddening and also terrifying. As described, it didn’t take much for this man to lose so many of his important accounts and data. The person that got into his accounts used the customer support for Apple to do this. That’s essentially it. No complicated virus or complicated methods. They did something that anyone could do. They took advantage of flaws within the policies of Google, Amazon, and Apple. These companies failed to keep their user safe and the ramifications of this will be and have been felt. It is these companies jobs to fix the flaws in their systems to insure no private information can ever be given out over something as simple as a phone call. It is ridiculous to think that any ordinary person can get sensitive information like credit card numbers from another person with little effort.

    As I said, the more we depend on the internet for services, the more we open ourselves up to potential exploits of our security. That is why it is so important to take the necessary steps in order to prevent such a thing from ever happening. Even though it was in part the companies fault, the user also takes part of the blame. There are plenty of systems in place that are meant to stop a hack like this from ever happening. In fact, preventing it is just as simple as using a different email address for different accounts. Let this terrible incident serve as an example and warning to anyone who uses any online accounts, because you can see just how devastating the effects can be.

    The article talks a good amount about two factor authentication. This may seem unknown to most people, however it is a simple and easy process that everyone should do because of how effective it is in keeping your accounts safe. If two factor authentication had been used in the incident talked about, it would have never happened. However, it did and it should be used as a lesson to everyone. Not only is it incredibly easy to use, it also stops the majority of hacking attempts before they even start. When people think of techniques and processes to protect their security online, they usually think it’s too complicated and not worth their time, when in reality, it’s the entire opposite. Enabling two factor authentication takes a few extra seconds and anyone can get the hang out it, especially when you know your security is a risk.

  14. Andrew Imbesi February 17, 2017 at 6:10 pm #

    Cybersecurity and safety have been major topics of concern with the rise in technology. Already thousands of technology users like this man, who’s digital platform was ruined in less than a day, are having to deal with the struggles of hacking. This person made his mistake by connecting many of his accounts together and providing each with similar passwords and information. He was an easy target in the eyes of a hacker.
    What many people do not realize is that they are subject to being hacked at any moment. Most people who use technology are clueless as to the abundant capabilities and features a modern day device has. There are the people that buy products and use them for their intended purpose, and then there are people that hack these products. The people who hack have a significant advantage in technology intelligence and often leave their victims confused once they are hacked.
    Hacking is nothing like physical bullying either. Anyone with a brain can hack, you do not need to be physically strong or have the ability to smack talk. Hackers hack to discover and utilize the information collected from other sources. However, not all hacking is considered bullying. Although there are hackers out there looking to find ways to steal your money, there are hackers that hack to publicize issues they feel strongly about. For example, Julian Assange and Edward Snowden are great examples of people who hack to publicize hidden truths.
    Nevertheless, back to the issue of hacking with intent to harm others, the victims of these hackers have little knowledge in knowing how to protect themselves from a cyberattack. Already, I have started to take the first steps in securing my safety on the web by covering my webcam with a Band-Aid, and changing a few of my passwords, but there is much more I can do to protect myself from an attack. I am fortunate to own an iPhone, much of my information and data is encrypted, locked inside my 6-digit passcode.
    As I mentioned in a previous post on an article about iPhone and Android encryption, not everyone can afford the security of an iPhone. Given that not everyone is granted the same security; what can everyone do to protect himself or herself and the answer is simple: maintain well awareness. People should know better and remember not to click on an untrustworthy link. Just because one person is a winner does not mean many other people are not. Just the other day I was inside an Applebee’s and someone asked me to use my phone, I told the person that I left my phone in my car. People do not realize that simply allowing someone else to put in information onto your phone makes the phone a lot more vulnerable to being hacked.
    The recent spike in technology has forced people to realize that locks on our doors do not keep us safe enough anymore. People can be stealing money through online banking right under our noses. It is important to remember checking up on online accounts and device security every now and then. Anyone can be next, but the people who protect themselves now will be better off in the future.

  15. Thomas Dellisanti February 17, 2017 at 7:10 pm #

    In today’s technologically advanced society, this might be one of the worst things to happen to someone. Having your digital accounts hacked, your information stolen, and your personal image tarnished over your own social media accounts seems catastrophic. Some people might think that hackers are just too good and there is nothing they can do about a potential hack. However, as Honan realizes in this article, being hacked is fully preventable, but this is not apparent until it is too late. Professor Shannon mentioned in class that everyone should have two-factor authentication on their phones, and this article proves exactly why. Honan even admits that if he had two-factor authentication on his Google account, he could have prevented all his accounts from being hacked. This also proves that if one account can be hacked, it could give the hackers access to every account.
    While reading this article, I could not help but sympathize with Honan as he gave a step-by-step account of how he realized he was being hacked and how he made the efforts to salvage his information and accounts. I have many digital accounts, so I would imagine that I would feel exactly like Honan if I were to be hacked. However, he also points out that it was not completely his own fault, but instead partially Apple’s and Amazon’s tech support. The hackers targeted Honan’s iCloud account, which Apple provided them, and Amazon gave them a part of his credit card number. These digital accounts are such an easy target for hackers because of this reason. Companies like Apple and Amazon do not have the necessary and extensive security measures to prove that the person who is trying to access their account is actually them. Customers and employees might not want to go through the trouble of going through an extensive process for verification, but this article proves that such a process is actually necessary for personal safety and security.
    As someone who owns an iPhone, I try to be careful protecting my accounts. However, articles like these make me think that I should be doing more to protect my device and digital accounts. After reading this article, I immediately went on Google and looked up ways to be more prepared in my own safety. Everyone who owns a device such as the iPhone should read something like this article to become aware of what would happen if they were to be hacked. Then, they should realize that this could just as easily happen to them, and as a result, they would take more measures to strengthen their security. Hackers exist because they know that people are not fully prepared for a potential hack, which makes getting access to their information much easier. Honan also mentions that he was not specifically targeted and that he was just one victim among many others that were targeted by hackers. Some do not need any reason to hack, and they do so because they simply want to humiliate someone. As long as technology is developing, hackers will always be looking to take advantage of people’s carelessness. To prevent hacks and possibly discourage any future hackers, we need to become aware of how vulnerable we are and make a genuine effort to build our digital security as much as possible. By doing so, we can become a much safer and secure society.

  16. Nicolas F Carchio February 17, 2017 at 7:18 pm #

    In an ever-changing technological world, the possibilities for advances and access are endless. Through technology, people have been able to trade with countries that they never even knew existed, they were able to connect with people across the globe and unite with family members abroad. With the invention of the World Wide Web and the Internet, people can now create their own sites to support their businesses, book plane trips, order take-out, pay a phone bill, apply for a job or even take an online class. The internet has given humanity tremendous ability to expand beyond belief. Now, in 2017, cyber security is at an all time high. Cyber security refers to the desire to protect ones accounts on all types of online media from outside, unauthorized users or entities. As technology is changing, so have the people who are using it. People are becoming smarter with technology and more adept in using it. Due to the invention of the online clouds and many systems that focus on online media, the security of one’s account is paramount in order to protect one’s information. Protecting one’s own information is essential to surviving in a constantly evolving, technologically demanding society.

    Security is essential in the modern day society, and if one does not ensure that their devices are secure. If people do not ensure that these are secure then there are terrible risks and ultimately harsh consequences as a result. Many people do not understand the danger of cyber-attacks from hackers who desire only one thing: to steal from others. Whether it is to take something such as bank account passwords or even a simple twitter handle, these people will stop at nothing until they have taken what they have been looking for. A perfect example of relaxed, unwise cyber security would be people who have a 4-digit passcode on their cell phone. Those who use the iPhone are notorious for keeping in their old ways of using a four-digit passcode. A common argument would be that it is just simply easier to have a 4-digit passcode. However, this argument is quite frankly mute as the half a second it takes to type in 2 other numbers is an abysmal amount of time to lose in return for an almost impenetrable passcode. People need to realize the dangers of cyber-attacks, and prepare themselves to keep their information secure.

    Other than using a 6-digit rather than a 4-digit passcode, there are many other ways to secure one’s cyber life. One main way is to use two-factor authentication. Two-factor authentication is a way to identify that the correct user is accessing his or her information by asking for two pieces of information that only the author would know. An example would be a passcode and a security question. Also, there are other ways to protect one’s self such as by never using the same password twice for your different media platforms, accounts and emails. These different passwords should be stored in a safe place, such as a password safe, which can be easily downloaded on the App store or on other platforms. The idea of using these different things is to make small changes to one’s current security, which will impact their own protection against these attacks tremendously. With these small actions, one can ensure that they feel more protected from hackers and are confident that their data is secure.

  17. Nick Shervanian February 17, 2017 at 7:25 pm #

    Hacking has become a serious and more frightening threat since more and more of our technological advances are becoming more depended on. Almost everything we use today is linked somehow and that makes everything more vulnerable. Hackers love this new feature. It makes it so easy to wreak havoc on anything with any digital existence. That is what happened in this story to a senior staff member at Wired. Just in the span of an hour, hackers got a hold of his google, apple, and twitter accounts. They completely wiped his MacBook, iPhone, and iPad. There was nothing this staff member, Mat Honan, could do about it. The hacker sent out many offensive messages on his twitter account. This is where Mat first realized he was being hacked. The first thing he did was contact apple customer service and they told him someone called shortly before and impersonated him without even answering the security questions. The hacker used two pieces of information that anybody who did not even know Mat could easily figure out. This kind of scenario happens far too often, especially with all the pre-cautions that apple claims to take. Even after telling everyone you were hacked, it is hard to revive your reputation after something of this nature happens. This can happen to anybody at any time, which makes it even scarier. The hackers of Honan’s account had no relationship with him whatsoever. They reached out to Honan via his own direct messages and began a conversation. Identifying himself as “Phobia”, they told Honan how they hacked his account and turn his life upside down. He just got his billing address and the last 4 digits of his credit card that was linked to his Apple ID. He then manipulated the amazon and apple customer service. This makes you think about your own personal security.

  18. Derek Luckman February 17, 2017 at 7:36 pm #

    As we continue to discuss cyber security more and more throughout this course, the threat becomes more and more of a realization. As we move forward and technology advances, the threat becomes more and more of a realization. In my case, the thing that made this threat into a complete reality was the hacking of my very own network at home. I remember my computer slowing down and so we placed a call to the cable company to see what had been happening. Upon speaking with the Optimum associate we were told that our network had been hacked and the reason the internet had been slowed down is becasuse it was being flooded with request after request. They said there would be a $400 charge in order to restore the network and add the proper security to prevent such an even from happening again. Now thankfully for me, most of our information was not used in any ill manner at least up to date, however I have received a few new cards in the mail stating that my old credit cards had been compromised, so maybe I can chalk that up to good bank security. The point that I’m trying to make here is that it is getting more and more frequent to see people being hacked and networks being hacked which is why cyber security has become such a must. I was actually speaking to a friend of mine who is a coder and he advised that I always keep some sort of security software on my computer and that it would honestly be the safest bet to invest in a Macbook for added security. The thought of this hack going any further is actually haunting and from reading this article I can actually see how lucky I got. The harder part is thinking about people who run a business from their computer or even business networks being hacked, which is actually a pretty common occurrence. This is actually something that happens on a very large scale as I can remember workplaces being hacked just last year. I work at bank and to my surprise I can recall coming into work only to discover major stores such as Home Depot had been hacked and that we needed to issue out all new cards to our customers. Virtual crime is pretty much unstoppable and even identity theft corporations such as LifeLock will tell you no one or nothing can completely stop identity theft, only help in preventing and fixing it. I guess the moral of the story here is that we are the guarders of our information and that we have to take the ultimate precautions to safeguard our information. It is like the story of spilled milk, where it easier not to spill the milk, then to have to wipe up the mess. In taking this course I’ve learned how important it is to guard my information even if it’s going to cost me a couple bucks, because in the long run not guarding my information could prove to be much more costly. Even if we are going to entrust our information with companies such as Apple and Amazon, our security is still our responsibility.

  19. Erin Carunchio February 17, 2017 at 7:58 pm #

    Hacking is a scary word. Emails, computers, phones, credit cards, social media accounts can all be hacked and we could not even know it. In the beginning of the article, the author was taking about getting hacked. He mentioned that it was easy for the hacker to hack because everything was so connected. That makes sense because everything on the internet is connected in some way. For example, on one page I may be looking at shoes from a store online. Then I log into Facebook and an advertisement for those same shoes that I was looking at were on my Facebook. Everything you look up on the internet is connected in some way. So it was easy for the hacker to hack all 4 internet accounts after he figured out one because they were all connected with each other. Even though our security system may be top line, it still can be better. It can be better because there are still people hacking other people things. This means that technology always needs improvement. It is never at its best.
    Our Cyber Security needs improvement. Being hacked in probably one of the scariest things. Especially if it’s with a credit card or an account. The authors story was quite informing. The way he figured out how the hacker hacked his accounted showed me he is very intelligent. His story and ideas also made us realize how important cyber security is. In one hour, Mat’s life was hacked. His Apple, twitter and Google accounts were all hacked. What shocked me was the phone call with Apple that Mat made. I was shocked how Amazon let him put a new credit card in with little identification. Then I was even more shocked when he called right back and saying he lost access to his account. I was shocked that they do not keep more records of the phone calls and request made by customers. Then again, Amazon is a huge company so they cannot keep track of everyone who calls. Another thing that shocked me was the hacker finding his address online. That was scary to me. It was scary to me because it made me think if my address was online. It made me realize that literally everything can be on the internet.
    After hearing Mat’s story, it really made me realize that our Cyber security needs to be improved and that it is never good enough. What also needs improvement is the security with big Companies like Amazon and Apple. Security always need improvements. I hope that big companies come up with better security on the internet before it is too late. I’m interested to see what they do come up with regarding security because obviously it is still not good enough.

  20. Lauren Burbank February 17, 2017 at 8:20 pm #

    I appreciate that Mat said he placed too much trust in an ecosystem that failed him but also that he took some responsibility for this happening to him. The blame on the corporations involved is rightfully placed because I do believe they are responsible for protecting their customers’ information. If we give someone our business and it requires us to trust our confidential information with them, they need to take it seriously and treat it as valuable as if it was their own information. Apple claimed that their employees did not adhere to company policies used to prevent situations like this from happening but it goes past those customer-facing employees. Yes, those direct employees need to adhere to security measures but if this is bigger than those handful of representatives, it means Apple doesn’t do a sufficient enough job of training, and/or quality assurance in monitoring those interactions.

    This also trickles down to how crude people can be regarding their own security. I can’t tell you how many times a day I experience a customer who has forgotten their call in password (which is assigned by them and is not allowed to be the last 4 of their SSN for their own protection) and when I tell them that I cannot access the account without it, or some other more formal measure of verification, they go up in arms. People become intensely disgruntled when this situation arises and blame the front line employees for not helping this. Of course, at times, this is exactly meant to break an employee down and give information out to a “fraudster,” because fraudsters know how realistic it is for a customer to get irrational when we say we can’t assist without a password they’ve forgotten. There needs to be more awareness and respect for these measures, from both consumers and companies alike. No one wants to have to deal with verification processes, I get that, but it’s to keep people’s sensitive information safe. I believe a lot of people are ignorant to how vulnerable they are when they don’t take these things seriously, and unlike Mat, they’re quick to blame everyone but themselves.

    In an ideal world, noone would ever attempt to hack your information or mess with your personal life but there is an abundance of reasons why people do and more than enough people willing to do just that. I talk to family about stuff like this constantly because I have quite a few relatives who don’t grasp internet security, not even the “basics,” and they’re very reluctant to meeting the requirements necessary to protect themselves. They want everything to be simpler, who doesn’t? I’ve read too many stories of people having their lives ruined from their information getting leaked and while I do get upset over it, I allow it to be an informed, productive upset. I use it as reminders of why all the tedious passwords are necessary. As a voiceover whenever I’m getting yelled at by a customer who thinks our verification process is ridiculous and threatens to stop doing business with us if we don’t make an exception. Sometimes there are no short cuts, and with anything as important as your identity, you shouldn’t seek a short cut.

  21. Sirina Natarajan February 17, 2017 at 8:20 pm #

    Being able to stay current with technology is no small feat, but it seems that the technology companies we trust are not even able to keep up with their new gadgets safe. As consumers, we trust companies like Apple and Amazon to have full proof security, but what Mat Honan went through makes it clear that cyber security should not be left in the hands of these corporations. These large businesses have so many customers that it is hard for them to keep track of every person’s data successfully. The author of this article kindly tells the reader what happens to him in a few step process that shows how easily it could happen to them. He even advises what not to do so that anyone can avoid this kind of thing from happening to them. And he gives a step-by-step process so any reader is capable of doing such a thing.
    I never realized how weak the security of Apple truly was and how easy it is to access information for another person’s account. This article lays out how to protect oneself from being the victim of a severe hacking. The author was very lucky that only his Twitter profile was being targeted and not something more serious like his bank account. I think it is very strange that they did not go for any of his other accounts or why they deleted his email instead of resetting the password. Deleting his email is a very permanent action compared to the other things they have done. AppleCare also seems like a very poorly managed customer service operation. In the end, they did not know who they were talking to for almost an hour, they gave out a person’s private information without the answers to the security questions in place, and they could not help recover any of the data lost. Their help was useless and virtually nonexistent.
    Ultimately, it is up to the consumer to protect their information and just not be stupid with the amount of stuff they allow other corporations to store. I know that I am seriously reconsidering the security of my technology. Looking for a third party security firm to protect one’s information is probably the smartest thing a person can do. Honan kept his passwords in Dropbox and that ultimately saved him because he was able to gain access back into his accounts. Trying to keep one’s personal information off the web would be the easiest way to avoid a cyber security breach, but in this day and age, it is impossible to be completely off the grid. Companies should also make it more difficult for random people to gain access to another’s account by having security questions or, in the case of Amazon, require the customer calling to recite all of the numbers for the credit card on file or maybe even just the date of expiration on the card. These companies need to take into consideration the fact that it is not just a couple lines of information at stake, but a person’s cyber security.

  22. Antoneta Sevo February 17, 2017 at 8:38 pm #

    In today’s society, many people put too much trust into their devices. They believe that the basic type of security will protect them from hackers. However, this is not the case. Amazon and Apple made it easy for certain hackers to access Mat Honan’s information. They managed to obtain the last four digits of a credit card number on file for Apple, which allowed them to gain access to his accounts and devices. In his article “How Apple and Amazon Security Flaws Led to My Epic Hacking”, he tells the story of why and how the entire hijacking happened. There were multiple hackers and their goal was to obtain his Twitter account just for his handle. However, this goal resulted in other drastic consequences. One of the hackers proceeded to wipe Honan’s MacBook and iPhone. Honan lost important photos of his daughter and there was no way to get them back. This is when he began to blame himself. He said he should have used two-step verification and used different email names so they were not so easily guessed. These little steps could potentially protect vital and personal information.
    I believe that a technology company’s first concern should be the safety of their user’s information and their user’s devices. With that being said, Amazon and Apple, along with other companies, should converse and come up with a cohesive way to protect people across all cloud platforms. Additionally, users should go to great lengths to secure the important information. By backing up his MacBook, Honan could have easily saved the photos of his child. It should not be this easy for hackers to get a hold of all types of data, but that is the reality. Many people are not even aware at how risky it is to have these cloud accounts. If certain actions are not taken to protect personal data then that person should not be surprised when they are hacked.
    Though it is the user’s responsibility to change settings to have protection, the policy for certain companies does not make sense either. The fact that all you need for Apple is to “access someone’s AppleID [for] the associated e-mail address, a credit card number, the billing address, and the last four digits of a credit card on file.” Since Hanon had everything connected in some way, it was easy for the Hacker’s to obtain that information through his email and Amazon accounts. He states, “In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification.” These companies have to update their security policies in order to help their customers. Overall, it is essential for users to have as much protection as possible. The reason why those hackers do what they do is to expose the flaws in a certain company’s policy and security. Though this reason makes sense and could eventually help, it hurt Mat Honan in a personal way. Company’s need to update their security and users must add two-step verification along with other settings in order to ensure their protection.

  23. Nicholas Thomas February 17, 2017 at 8:53 pm #

    The most interesting part of the article to me is the hacker, Phobia, explaining his reason for the hacking is to expose the holes in security. In a bizarrely, I believe that that Phobia is actually helping the security community. Not to approve of his actions, but he is demonstrating how easily an ordinary person with access to a phone and the internet can reap havoc on another person’s digital life. Phobia, is 19 years-old and with the help of a friend was able to ruin Mat Hanon’s digital existence. The issue is not hackers, but the lack of “tight” security. I feel as though I have been arguing the same thing for several weeks now, but people have a right to security. Security is not only protection from being hacked, but from the government and companies that are supposed to protect us. It is terrifying to think that with a billing address and the last four digit of a credit card, someone can obtain access to nearly all of some else’s digital accounts and devices. The article specifically refers to the information given by Google, Apple, and Amazon as to leave someone vulnerable to hacking. However, I think it is unfair to target these companies specifically because nearly all companies with any internet presence follow the similar security measures. Some companies, such as Sony, will not allow certain products to function without personal information from the consumer. Sony specifically will not allow one to use any online features of a PlayStation 4 without credit card information on the system. The terrifying part is that the PlayStation network has been hacked twice by the same group simply because the group thought it was funny and wanted to show how unsecure the network was. At what point do the groups like Phobia stop hacking because they think it is funny and start going after assets that are more personal? Mat Hanon claims he is lucky because Phobia could have easily accessed his financial information and Bank accounts. People have developed a dependency on technology that puts them utterly at risk of hacking. I believe people need to start taking personal measures to keep any sensitive information and accounts safe. As Mat Hanon suggests, to make an email that is exclusively for recovering other account issues and never link major accounts together. These security measures may help, but I think there does have to be improved security on part of companies. Companies and the government constitute “Big Brother” and are supposed to protect us, yet the hackers seem to be the ones pointing out the flaws in our security. With technology influencing more parts of our lives everyday, people need to feel that their information is secure. Yes, one can argue that people should not leave sensitive information on any account, but to ask such a thing is unreasonable today; that vital information is what allows people to interact with ease and compete certain work. Technology will never go away and neither will hackers. The services we buy and the companies that provide them must improve security regularly.

  24. Taylor Salomon February 23, 2017 at 4:23 pm #

    Hacking. The one word that scares people into caring about private information stored on their devices and the worldwide web. Certainly, there is no need to worry if you are a customer of Apple and Amazon, right? Wrong! Any company is capable of being hacked especially top companies on hackers’ radar such as Apple and Amazon. You may be thinking why would someone want to hack a company like Apple or Amazon, well look at their twisted version of beauty. The DefCon conference is the world’s largest hacking convention. According to hackers attending the conference, employees of big corporations lack security training which makes it “ridiculously easy” for hackers trick them into revealing key information like cyberattacks against them.
    This article explores how Apple and Amazon security flaws led to an individual’s epic hacking. Within an hour, this individual’s entire digital life vanished. Yes! No more accounts on Google and Twitter as well as losing access to data Apple’s iPhone, iPad, and MacBook. Student William Stuck went more into depth about Honan’s situation. He says, “The first thing he did after realizing what was going on was contact apple customer service. What he learned from them was somewhat troubling. They told him that someone had called shortly before and had successfully impersonated him. Without answering any of the security questions they’re so adamant that you need to set up. All the hacker used to gain access to his account was two pieces of information that Honan claimed anyone with internet access could have gotten. This kind of scenario is actually pretty scary. Especially the fact that racist and homophobic tweets were being published under Honan’s name.” The victim later disclosed that all accounts were “daisy- chained together” or several devices are connected (possibly with the same password). Ways to prevent this mayhem are: create different passwords for social platforms, every few months change your password, and back up your information on a flash drive.
    From this article, I learned about vital security flaws in Apple and Amazon’s customer service system. They gave the hackers access to Honan’s iCloud account and partial piece of his credit card number. As we enter an era of cloud computing and connected devices, severe security measures need to take place. Honan believes that cloud- based systems need fundamentally different security measures. Student Robert Seijas talks more about cloud trust- issues. He states “By trusting in the cloud technology, we trust that another party can hold our data better than anybody else can, including ourselves. In a way, it is very similar to the way in which we use banks to store our money. The cloud does not just store our information and files, but every single customers as well. Not only this, but it is all saved together in an identical fashion. This gives our power to somebody else, because we no longer hold our important and possibly secretive information. The problem with this is obviously hacking, which can have more of an effect that we really believe it could. We do not know how secure cloud information really is, because it can vary service to service. It is not uniform like the banks in the United States. There is no regulatory authority responsible for our data, like there is one responsible for our money.” Personally, I do not trust the cloud for these hacking incidents. I carry private information on my phone that does not need to be floating around in a cloud that is deemed safe and untouchable. On the other hand, I save all school documents on Outlook’s cloud. I rather have school documents on the cloud than personal files that could damage my reputation. What will the future hold for your cloud device?

  25. Michelle Pyatnychuk February 24, 2017 at 11:10 am #

    This article really brings into perspective just how weak the security measures that companies have now are in today’s decade of technology. What has been reiterated time and time again within all of these technology based articles is that it is not going away. If anything, technology and the devices and programs that come with it are going to completely dominate every aspect of our daily lives within the next decade. That being said, since technology is going to become such a dominant aspect of our daily lives, we have to take large steps to protect the private information that we spew into our systems. This information, as the author of the article expressed, is so easy to steal nowadays because of all of the transactions that are carried out through the internet. Something as insignificant as ordering a pizza on an online browser releases bits of information that enables hackers to quickly access and in the end, take over all of your devices.

    It is this accessibility that makes me question the actions of internet moguls Apple and Google. From the time that I have had an Apple device and Google account, I have been bombarded with notifications constantly telling me to link my devices together. Due to new technological innovations such as the iCloud and Microsoft’s OneDrive, users are being told to backup all of their personal information, important documents and even family photos all onto these drives but as seen within this article, having everything in one place, is never a smart thing to do. That being said, if having all of your information and crucial documents all within the same space is the easiest way to lose it to hackers, why does Apple, Microsoft and Google endorse it? When I was in elementary school we were taught to always back up our documents onto flash drives in case of losing the information. Now, we backup our documents within a database inside our computers as well. Although technically we are putting our information in two different places, our hard drive and the iCloud for example, both of these sources are able to be hacked into, stolen or even erased.

    I know that this is not the popular stance on protecting crucial documents but I am a big supporter of hard copies, especially with photos. Yes, it is easier to have everything stored online in one place, but especially after reading this article and seeing the author repeat how every single photo of his daughter’s first months is gone, makes me further believe in the significance of hard copies. The author did learn his lesson from not properly protecting his accounts, and taught me a lot throughout the article as well, but the lesson that I hope that he gained was that there are some things that we should keep in hard copies. Not everything but some documents, photos or anything else that can be kept safe for a longer time than keeping everything saved within a hard drive.

  26. Austin O'Reilly February 24, 2017 at 2:35 pm #

    As society advances even more with computers and other advanced technologies, the threat of hacking has become a serious problem. This is because everything we do and say is linked to a device that is linked to another device. When one of these devices is hacked or taken over, it is linked to all of the other devices causing all of the devices to be compromised. For example, a hacker can infiltrate your Gmail account, then call apple, and use the Gmail account to then reset and change your password to a new one that you don’t know. This can then completely spiral out of control and end up in all of your accounts being hacked. This is exactly what happened to Mat Honan, a senior staff member at Wired. He says that within the span of an hour, hackers were able to infiltrate and compromise his google, apple and twitter accounts. Furthermore, they did not stop there; they completely wiped out his Macbook, Iphone, and iPad. The hackers did this so that there was no way for Mat Honan to try and stop the various malicious comments being made on his own accounts. When he came to the actualization that he was being hacked, he unplugged his router and used his Wife’s phone to call apple support. This part of the article was very interesting, but more importantly scary. Apple customer support talked with Mat for 90 minutes and in the 90 minutes of Mat asking questions, they never once brought up the Fact that there was a call made earlier that day. In addition, when the hacker called apple customer support impersonating Mat, he only had two pieces of information that anyone with a computer and internet could find out. He called and said he could not get into his email account. In response to this, apple issued a temporary password despite the inability to answer the two security questions that they make you set up. Once the password change notification arrived in the inbox of the me.com email, the hackers then sent it to the trash so that Mat would not be aware that his password has been changed. From here, they had everything they needed to shut down the devices and take over all of his social media accounts. This article sheds light on a very scary topic, especially since the hackers had complete and total control when they only had information that could be found very easily. Mat Hogan’s reputation will be damaged forever, because people who saw the things that he said and posted may actually think that they came from him. The reactions and judgements people make, cannot be un-done. The even scarier part of this scenario, is that it can happen to anyone. It can happen to anyone because these hackers just wanted to hack this guy, and tell him how they did it. They did not do this for a specific reason, more so because they can. The idea that anyone can be targeted online and be virtually destroyed and locked out of their own accounts is shocking. I certainly will make sure that my passwords have the most security that it can from here on out so that this cannot happen to me.

  27. hannah deppen February 24, 2017 at 4:39 pm #

    In Honan’s article, he talks about how that because he had linked all of his accounts together, hackers were able to access his Amazon account, Apple account, Twitter and Gmail accounts. He discussed how entry ways were only capable by defaults in Amazon and Apple: “Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information.” None of us realize that the four digits of our credit card numbers that are displayed can reveal the entire card number. Hackers easily went through Honan’s Amazon account and found his saved credit card number. Just like that, he was exposed. By the hackers knowing the last four digits, the hacker was able to go to Apple and confirm their identity since all Apple requires is verification of the last four numbers.
    Honan figured out that the hackers called Apple Support and asked for a temporary password, despite not being able to answer any of the security questions. How scary is that? We are told that we must fill out so many security questions to ensure that we do not get hacked; however, Apple disregarded the questions and issued a new password anyway. What is the point of creating backup security questions if they won’t be used? By gaining access to his apple ID, he was permanently locked out Gmail, Twitter and everything under the sun that was stored on his computer. When Honan was contacted by one of the hackers, he was let in on how it even came to be. He was able to find Honan’s recovery email which was the Apple email that was linked to his ICloud. After that, everything just came crumbling down for Honan.
    The hacker told Honan that his reason for the hack was to expose the security gaps so the companies will fix the mistakes. I agree that companies should be made aware if there is a mistake and the door is open for hackers to enter; however, hacking innocent people is not the way to do it. An innocent man lost everything and went through a major headache trying to restore all his lost belongings. I think stories like this should be made aware to consumers, so that they can take preventative steps to ensure that they are never used to be made an example. After reading Honan’s story, it made me rethink how I have my personal information stored. It is better to be cautious than to be exposed.

  28. John Zarro February 24, 2017 at 4:42 pm #

    Instantly, just by the title, I was curious about the article. “How Apple and Amazon Security Flaws Led to My Epic Hacking” by Mat Honan was interesting. I always knew the lengths people would go to in order to steal information or ruin reputations. Honan could be hacked for everything he had from Apple to Amazon to Twitter, which in my eyes is very frightening. To think the hacker started out with a simple iPhone to his email resulting in resetting passwords is utterly overwhelming. Following the email hackings, the hacker then somehow used it all to get into Mr. Honan’s Amazon. Next, through Amazon, the hacker received all of Mr. Honan’s credit card information possibly holding the key to Honan’s life in his fingers.

    Against all odds, the hacker who identified himself as “Phobia” was not going after his credit cards or money, but evidently just wanted to post false tweets. When “Phobia” could have made Mr. Honan’s life a mess and ruin his credit, he disregarded both. Apple Care was the target strangely along with Twitter, which makes zero sense. Even though Mr. Honan was attacked and hacked virtually, it can be scary to some along with happen to all of us. In my opinion, though Mr. Honan is truly lucky since all the hacker “Phobia” wanted was his twitter and nothing more; “Phobia” could have done some detrimental stuff to Mr. Honan. For instance, he could have spent endless amounts of money on Honan’s credit card with his credit card information. He also could have ran up Mr. Honan’s credit score and ultimately end his chance of ever getting a loan again. It could have been even worse with the many options such as selling the information to others and someone else using it. ‘

    With today’s global internet connections and with all the hacking that goes on, I do not know what to think anymore. Technology can be freighting to some if not protected properly. With technology actually getting faster for us as a whole, we can be hacked even quicker. I know that if I was Mr. Honan I would be traumatized for like and not know what to would do or if I could ever use technology again. For someone to hack all of my information would just destroy me and everything I have worked for. A lot of my information is on my computer and devices like Mr. Honan. I am very lucky to have never been attacked or hacked. This article is a lesson to everyone who reads it rather than just another hacker story. Technology always increasing and getting better by the day. Technology surrounds us every second of our lives and we need to be extra careful. Overall, internet security needs to be stressed and emphasized in order to prevent incidents like this in the future. Our future safety relies on our ability to secure all technological platforms because as seen with Honan, hackers can jump from platform to platform in order to achieve their goal. Internet safety is becoming a necessity.

  29. Adara Gonzalez February 24, 2017 at 7:35 pm #

    It is stories like this article that reinforce my fear of technology, and just confirm what I have always believed, in the end it will come back to bite you. While reading my heart would not stop racing, I felt like all of this tragedy was just happening to me right in the moment. Thankfully, it was not. Thankfully, it happened to someone else, thankfully because now I know not to commit the same mistake. It has been an innumerable amount of times in which I pushed or clicked “no” to my email providers asking if I want to change my password, or every time they urge me to add in another email for security purposes. I will never do that again.
    I understand that his hacking was targeted to the author Mat Honan solely because of his apparently awesome twitter name. I understand that that I have no digital presences on the internet valuable enough for me to be hacked. But I also understand that this event of tragedies striking one after the other, can happen to almost everyone. The only ones that are free are the ones that take precaution on their own, because it is obvious that the big companies will not take precautions for us. In their eyes, it is not a big deal, but in the society we live in, technology has infused without world and we must do everything we can to protect the little we can claim as our own in this world.
    Apple and Amazon have made it all too easy for it all to happen. Notice how Honan states if he had only listened to Google’s constant advice to adding another email address to back up the original email address, the entire hacking event would have not happened. Google takes their precautions for their customers as far as they can, they cannot obligate us to add in an email, yet. Apple and Amazon on the other hand make it easy for anyone to access their accounts, and partly that is our fault. We don’t want to deal with the hassle that it is of remembering emails and passwords and these companies know that, they know we like to make our lives easier, but the group of people who truly appreciate this are hackers.
    It is scary to think and realize, how fragile our little technology world is and how heavy the consequences are once it breaks. Having all of our services under one name and weaving it all together for convenience could ultimately become our downfall, just like Honan’s. Nevertheless, since is the life we choose to live and participate in, we must find a way to combat these now common issues of today. It is obvious that the companies that consistently rely on our money are not going to provide a 180 change, but we must take actions into our own hands to let them realize that this is becoming a prevalent issue that needs to be stopped. As I mentioned, this article just confirmed my fear of the internet and technology, but after reading Honan’s mistakes I know now the steps I have to take in order to avoid seeing a similar hacking happen on my own devices. Not that I am able to stop these hackings entirely, but at least I have a little more knowledge in how exactly this damage can be done and how to avoid it.

  30. Cameron Collier March 1, 2017 at 5:57 pm #

    As our society hinges more and more on computers and other advanced technologies, the threat of hacking has become a serious and frightening threat. Because almost everything we use today is linked together is one way or another, once one device or account has been permeated, everything else becomes susceptible. Meaning that a hacker can easily dismantle your entire digital existence with relative ease. This is exactly what happened to Mat Honan, a senior staff member at Wired. The part of the article that interested me the most was when the author said, “Unsure of exactly what was happening, I unplugged my router and cable modem, turned off the Mac Mini we use as an entertainment center…” It may have been unknown to the author at the time, but this could not have helped him in the slightest. It may have hurt him, as he could no longer see what was going on with all of his devices in real time. He wrote that all of his information and accounts were daisy chained together in the cloud. With more and more business and daily life being done online, it is of the utmost importance that people have as much security on their accounts as they can. We have our photos online, our work and most importantly our information. Any breach in the mechanisms that protect this information can prove to be fatal for almost any financial situation a victim is in and it can be even harder to try and rebound from an identity theft. So when I read the article by Mat Honan, I remember how my father used to never use his credit card online while my mother fully embraced online shopping.
    This new world that is centered on technology and more importantly and more specifically the internet. This new age has shown us that the internet is one of the biggest assets for us as we move forward. Since the rise of the internet and efficient computing, the internet and cloud servers hold all of our data and important files, documents, pictures and relatively essential parts of our lives. While it is the easiest and most efficient way for us to store our data, it can also result in problems. Everyone on this planet has a digital footprint. We all have accounts on the internet, some important, and some not as important. We also have priceless photos and documents on a cloud service that we depend on to keep these things safe. Now although these services may seem safe to us, they could be very easy targets to hackers. Our accounts that we depend on may be vulnerable to hacking. This could be the faults of the companies not having better security measures and it could also be the fault of the user by not taking higher security measures themselves. I have been commenting on technology articles at least once a week. Even more so on the security of such technology. It is interesting Apple would have such a weak internal security system in relations to account access when their security on the actual device is relatively stronger than most devices. Because of the encryption methods found in Apple products, it would be assumed AppleCare would hold the same standards for security.

  31. Jiaqi Ma March 17, 2017 at 5:00 pm #

    When you awaked up in a delightful morning, it is annoyed that you have discovered that all of your social accounts were taken over by strangers and it was used for other commercial or illegal activities. The first thing that we should blame is ourselves due to the personal negligence about their online informative safety. You just did this: when you try to sign in a new account, you never read the words on the bottom, which says “conditions and items.” the idea in your mind is using the account as soon as possible. However, the second reason that we should pay more attention is the different Internet platforms required you connected your account with some another account. For example, when you logging in the Amazon, they asked you to register a new account or use a used related ones such as your Gmail account. It is useful for the people who do not want to sign a new account. However, most of us did not realize that this action would lead to a potential danger, which is once the hackers get your Gmail account and password, they handled your entire account passport and they can do whatever they want through your personal information even making some irreversible havoc. As for the financial aspect, people usually pay did notice that, if your Apple ID and credit card is chained together, once the Apple ID has been attacked illegally, the leakage of credit information may result you into a huge financial trouble.

    In this article, the author described that how the hackers could get access to users from various accounts and stolen the users”s information of credit card. The truth is whoever you are, they could use your name on the account, an associated e-mail their address and the billing of the address. Even the pizza guy could do the thing to your credit accounts, which are an essay thing. For iphone, Find my iPhone has been a brilliant apple service. If you lose your iPhone, or it was stolen, the service will locate your phone’s location and tell you where it is on a map. As for the case of Mat Honan, it bothers him a lot, is not only the related iCloud things like iPhone, mac, iPad, but also the regret of having daisy-chained two such vital accounts — his Google and his iCloud account — together. If all the photos from the first year and a half of his daughter’s life are ultimately lost, he will have only himself to be responsible. He should not have used the same e-mail prefix across multiple accounts — mhonan@gmail.com, mhonan@me.com, and mhonan@wired.com. He should have a recovery address, which is used for recovery without being tied to core services. This reminded us do not connect all your accounts all together. Many public, such as myself, did not realise this issue. I even do not have the conception of hacker. Quoting what Robert Seijas said, “Hacking is preventable, but if not prevented, it is unstoppable. Once it begins, there is no way to stop it because it no longer relies on us pulling the plug, but the company holding our data and that will frankly never happen. The only thing to do is be more conscious of the information we send off, how we send it, and if we really need to.” Firstly, we should realize that we have to prevent our privacy. At least read the conditions and items before you signing an account. Secondly, the government should make laws on a unilateral contract. Conditions and items of most company, it is unfair to the user when we have to use it; there are no other options.

Leave a Reply to Cameron Collier Click here to cancel reply.