Former Gizmodo writer Mat Honan had his Google, Twitter, and iCloud accounts compromised, as well as his Mac, iPhone, and iPad wiped, resulting in a pretty crummy Friday from which he has still not yet fully recovered.
It’s not fun to deal with something like this. In fact, it is an extreme case of the exact opposite of fun to deal with something like this, especially when the supposed hacker gets in touch to explain that it wasn’t just a password attack; it was an intricate exploitation of social engineering (read Mat’s third update, but please avoid the comments), combined with the fact that once your email account is compromised, the attacker can now reset your password at a frightening number of services without you ever knowing.
It’s even less fun when you don’t have backups with which to start over, which is precisely what Mat didn’t have. I’ve never been attacked like Mat, but in 2002, my Windows PC and external media drive both bit the dust. I lost all my photos, my entire music library, my software “archives,” and a boatload of school work—everything in the digital realm that mattered to me.
Opting out of backing up
If you use a Mac that runs at least OS X 10.5 Leopard (released in 2007, where Time Machine debuted), it’s pretty hard to explain why you don’t backup. Time Machine is practically an opt-out service. The first time you plug in an external drive, OS X bugs you to use it for a Time Machine backup.
In other words: if you use a Mac made within the last 6-8 years, you actively have to not want to backup to get into a situation where you can’t recover from an attack like this or a catastrophic hardware failure, which is much more likely. Computers break, even Apple’s. Be prepared.
Setting aside Time Machine
Let’s say, for the sake of conversation about accidental user input, that maybe some people turn on keyboard access to All Controls in System Preferences, then hit the Space key on the equivalent “no” option when OS X presents that first Time Machine dialog. Fine.
But anyone working anywhere near the tech industry in 2012 who doesn’t backup should have to turn in their badge for a week. I’m serious. A police captain should show up at their door, run them through the ringer, and demand they turn over something badge-worthy for a week to take some time to think about what they did wrong. There is absolutely no excuse.
But, let’s be honest
I’m surprised Mat hasn’t called Apple out on this point, because other writers and even commenters have, and they’re right. On the topic of plum running out of excuses, there is none for iCloud, and just about any service like it that hosts even mildly important data, to not offer two-factor authentication, or at least something besides a simple username and password check, as an option.
Apple has housed some of our most sensitive information (remember Keychain sync under .Mac and MobileMe?) for over a decade, yet the most secure improvement I remember seeing it make over single-password protection is getting an email from iTunes Store if you buy something on a new device. Come on.
That said, there may be some design challenges when it comes to two-factor authentication and services like iCloud. For example: If Annette sets up two-factor authentication with her phone on her iCloud account, but then her backpack containing her MacBook and iPhone gets stolen, how does she log into iCloud on a new machine to trigger a message on the devices or a remote wipe? Three-factor authentication?
Difficult though they may be, these are incredibly important challenges that need to be taken on—and now—if Apple wants to convince us to store an increasing amount of our lives in its cloud.