Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Mat Honan hack pokes holes in Apple iCloud

Tony Bradley | Aug. 10, 2012
The hackers that hijacked Mat Honan’s online life, took over his Twitter account(s), and wiped out his iPhone, iPad, MacBook, and Google accounts in one fell swoop showed some perseverance in achieving that goal. Not all attackers are quite that determined, but the hack still demonstrates some serious flaws in Apple’s iCloud and the iCloud security model.

These issues arent entirely unique to Apple. There are device-locating, and remote wiping features for Android, Windows Phone, and other devices as well. You can also prevent some potential security issues by making sure your devices are locked and protected by a password or PIN--but that wouldnt have helped in Mat Honans case.

Apple should require an additional authentication for remote wiping a device. More importantly, the authentication should be required to be unique to each device to ensure that an attacker with access to the username and password for the iCloud account itself cant simply erase everything you own at one time.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.