Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hacking Mat Honan

917 views

Published on

  • Be the first to comment

  • Be the first to like this

Hacking Mat Honan

  1. 1. HACKING MAT HONAN Bill Condo // 12/12/2012Thursday, December 13, 12
  2. 2. WHO IS MAT HONAN? Senior Writer at Wired honan.net @matThursday, December 13, 12
  3. 3. WHAT HAPPENED? • Amazon.com Account Compromised • Apple / iTunes Account Compromised • Gmail Hacked • Mac Wiped • iPhone Wiped • Twitter Account StolenThursday, December 13, 12
  4. 4. TIMELINE • 4:33 p.m. Attacker calls Apple support, requests a reset without being able to answer the security questions. Reset email sent. Data Required: E-mail address (website, Gmail), credit card number (via Amazon), billing address (whois). • 4:50 p.m. Reset email arrives to me.com email, and sent to trash. Email then used to to set a new password. • 4:52 p.m. Gmail password reset sent to me.com email. Attacker resets Gmail password, then notice email is sent to me.com. • 5:00 p.m. iCloud’s Find My tool used to wipe Mat’s iPhone. • 5:01 p.m. iCloud’s Find My tool used to wipe Mat’s iPad. • 5:02 p.m. Twitter password reset email sent. Attacker sets a new Twitter password. • 5:05 p.m. iCloud’s Find My tool used to wipe Mat’s MacBook Pro. • 5:10 p.m. Mat calls Apple Care. • 5:12 p.m. Attacker posts to Twitter. with Mat’s account.Thursday, December 13, 12
  5. 5. FAILURES • Amazon accounts can be easily compromised. • Apple Care doesn’t enforce security questions.Thursday, December 13, 12
  6. 6. WHAT’S REALLY NEEDED? • Do you need remote wipe? • Do you need to store credit cards? • Do you need public whois info?Thursday, December 13, 12
  7. 7. DO: BACKUP • Consider both local snapshots and off-site backup options • Time Machine (Mac) or Windows Backup (PC) • Carbonite, BackBlaze, Mozy are some of the off-site options • Test / Verify BackupsThursday, December 13, 12
  8. 8. DO: SETUP 2ND EMAIL • Consider a second email, one with a different prefix. • Consider second factor authentication • Different (stronger) passwordThursday, December 13, 12
  9. 9. FOLLOWUP: AMAZON • Amazon updated their policy, removing the option for over- the-phone account settings changes (credit cards, emails, etc.)Thursday, December 13, 12
  10. 10. FOLLOWUP: APPLE • “We found that our own internal policies were not followed completely.” - Apple • Apple suspends password change requests via the phoneThursday, December 13, 12
  11. 11. MORE INFO • Wired: http://www.wired.com/gadgetlab/ 2012/08/apple-amazon-mat-honan-hacking/ • Security Now: http://twit.tv/show/security-now/364 • Wired: http://www.wired.com/gadgetlab/ 2012/11/ff-mat-honan-password-hacker/all/Thursday, December 13, 12
  12. 12. COMMENTS? @mavrck bill@billcondo.comThursday, December 13, 12

×