SalemNews.com, Salem, MA

Business

August 12, 2012

Slate: 4 steps to avoid getting hacked

(Continued)

Billing addresses are easy to find online, and credit card numbers are only slightly more difficult to come by. The hacker had both bits of data on Honan. He'd found the billing address by looking up the registration of Honan's personal website, and he'd gotten the credit card number by calling the support line of another tech behemoth, Amazon. The hacker had asked Amazon to place his — the hacker's — email address on Honan's account, which Amazon happily did. Then the hacker issued a forgotten password request on Amazon's website — this sent a link to the hacker's email, allowing him to change Honan's password and get full access to his Amazon account, including the ability to see the last four digits of his credit card.

Bingo! Now the hacker could get into Honan's Apple account, which allowed him to delete everything connected to Honan's iCloud profile (his iPad, iPhone and Mac). Because Honan had set his Apple account as his Google account's alternate address, the hacker only had to issue another forgotten-password request for Honan's Gmail to fall, too.

This is a sorry tale. There were lots of lapses here — relatively small ones by Honan (he hadn't backed up his data), and huge, glaring, scary ones by Apple and Amazon. But if you examine this epic hack, you'll find a few simple lessons.

Here are the four things users and companies could do immediately to reduce these kinds of attacks:

1) Everyone should turn on two-factor authentication now.

To get into most online accounts, you only need to dig up a single piece of data — a password. (The username on many services — including email accounts, Twitter, and Facebook — is your public handle, available to everyone.)

There was a time when passwords were enough (and you should follow my advice on how to create very strong, easy to remember passwords: http://slate.me/NPHd3h). But now we've all got so many online accounts protecting so much valuable information that we need something in addition to passwords.

Text Only | Photo Reprints
Business

AP Video
Looming Demand Could Undercut Flight Safety Six Indicted in StubHub Hacking Scheme Trump: DC Hotel Will Be Among World's Best AP Review: Amazon Fire Adds Spark to Smartphones All Aboard! LIRR Strike Averted Microsoft to Cut Up to 18,000 Jobs Time Warner Rejects Murdoch's Takeover Bid Yellen Says Economy Still Needs Fed Support Cleveland Expects Economic Boom From Lebron Justice Dept. Fines Citigroup $7 Billion Justice Dept. Fines Citigroup $7 Billion Downside of Low Mortgage Rates? Less Selling Cupcake Shop Crumbs Shuttering All Its Stores San Francisco Prepares for Soda Battle Dow Breaks Record 17,000
NDN Video
Heartwarming 'Batkid Begins' Documentary is Tear-Jerker Orlando Bloom 'Takes a Swing' at Justin Bieber In Ibiza Pitch Invading Morons Cause Chaos - @TheBuzzeronFOX Sadie Doesn't Want Her Brother to Grow Up "Maxim" Hotness! See Jessica Alba's Sizzling Spread Two women barely avoid being hit by train Broken Water Main Floods UCLA Orlando Bloom and Justin Bieber Reportedly Came To Blows In Ibiza Meet the Man Behind Dumb Starbucks Chris Pratt Adorably Surprises Kids at a 'Guardians of the Galaxy' Screening NOW TRENDING: Peyton Manning dancing at practice "The Bachelorette" Makes Her Decision Thieves pick the wrong gas station to rob Golden Sisters on '50 Shades' trailer: 'Look At That Chest!' Staten Island Man's Emotional Dunk Over NYPD Car - @TheBuzzeronFOX GMA: Dog passes out from excitment to see owner Baseball Hall of Famers Inducted 'Hunger Games: Mockingjay Part 1' Sneak Peek Florida Keys Webcam Captures Turtles Hatching Morgan Freeman Sucks Down Helium on 'Tonight Show'
Comments Trcker