Hacking Mat Honan

865 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
865
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Hacking Mat Honan

  1. 1. HACKING MAT HONAN Bill Condo // 12/12/2012Thursday, December 13, 12
  2. 2. WHO IS MAT HONAN? Senior Writer at Wired honan.net @matThursday, December 13, 12
  3. 3. WHAT HAPPENED? • Amazon.com Account Compromised • Apple / iTunes Account Compromised • Gmail Hacked • Mac Wiped • iPhone Wiped • Twitter Account StolenThursday, December 13, 12
  4. 4. TIMELINE • 4:33 p.m. Attacker calls Apple support, requests a reset without being able to answer the security questions. Reset email sent. Data Required: E-mail address (website, Gmail), credit card number (via Amazon), billing address (whois). • 4:50 p.m. Reset email arrives to me.com email, and sent to trash. Email then used to to set a new password. • 4:52 p.m. Gmail password reset sent to me.com email. Attacker resets Gmail password, then notice email is sent to me.com. • 5:00 p.m. iCloud’s Find My tool used to wipe Mat’s iPhone. • 5:01 p.m. iCloud’s Find My tool used to wipe Mat’s iPad. • 5:02 p.m. Twitter password reset email sent. Attacker sets a new Twitter password. • 5:05 p.m. iCloud’s Find My tool used to wipe Mat’s MacBook Pro. • 5:10 p.m. Mat calls Apple Care. • 5:12 p.m. Attacker posts to Twitter. with Mat’s account.Thursday, December 13, 12
  5. 5. FAILURES • Amazon accounts can be easily compromised. • Apple Care doesn’t enforce security questions.Thursday, December 13, 12
  6. 6. WHAT’S REALLY NEEDED? • Do you need remote wipe? • Do you need to store credit cards? • Do you need public whois info?Thursday, December 13, 12
  7. 7. DO: BACKUP • Consider both local snapshots and off-site backup options • Time Machine (Mac) or Windows Backup (PC) • Carbonite, BackBlaze, Mozy are some of the off-site options • Test / Verify BackupsThursday, December 13, 12
  8. 8. DO: SETUP 2ND EMAIL • Consider a second email, one with a different prefix. • Consider second factor authentication • Different (stronger) passwordThursday, December 13, 12
  9. 9. FOLLOWUP: AMAZON • Amazon updated their policy, removing the option for over- the-phone account settings changes (credit cards, emails, etc.)Thursday, December 13, 12
  10. 10. FOLLOWUP: APPLE • “We found that our own internal policies were not followed completely.” - Apple • Apple suspends password change requests via the phoneThursday, December 13, 12
  11. 11. MORE INFO • Wired: http://www.wired.com/gadgetlab/ 2012/08/apple-amazon-mat-honan-hacking/ • Security Now: http://twit.tv/show/security-now/364 • Wired: http://www.wired.com/gadgetlab/ 2012/11/ff-mat-honan-password-hacker/all/Thursday, December 13, 12
  12. 12. COMMENTS? @mavrck bill@billcondo.comThursday, December 13, 12

×