Metal Guitarist Forums banner

1 - 17 of 17 Posts

·
Mr. Negative Pants, ,
Joined
·
14,796 Posts
And people call me paranoid for shredding EVERYTHING that has my name, address and/or partial credit card number on it.
 

·
Banned
Joined
·
21,673 Posts
Sensationalistic headline, but yeah it sucks. There aren't security flaws in iCloud or Amazon (well there might be, but not outlined here), there are social engineering flaws in Apple support. There's a bit of a significant difference there.

Why he tied all of his stuff together like he did is beyond me. But I doubt he's alone.
 

·
Mr. Negative Pants, ,
Joined
·
14,796 Posts
The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.‪
ABSOLUTELY ridiculous.

Merchants and credit card companies need to seriously get together and establish clear standards for this kind of thing. And if they can't - or won't - then governments need to step in and standardize this sort of thing on a global basis going forward.
 

·
Banned
Joined
·
21,673 Posts
Reading it again, it is worse than he described it on TWiT. Basically Apple, Amazon, AND he were all social engineered. Apple and Amazon really fucked up. They need to fix that shit immediately.
 

·
Banned
Joined
·
21,673 Posts
Enabled two-factor authentication on both my Google accounts, as well as changed the passwords on EVERYTHING. :lol:

I hope Apple and Amazon get their shit together with this issue.
 

·
Read Only
Joined
·
1 Posts
This combined with always needing an internet connection is my biggest issue with cloud based file storage.

Darren i always shred all of my stuff also. One thing that really pisses me off is discover sends me checks i never use fairly regularly and i am always dreading someone swiping them out of my mailbox and going to town....


I have oodles of passwords :( since I have worked on so many websites i have multiple ones for hosting account info, registrars, email, Google analytics, adwords, gmail, youtube, facebook, paypal, wordpress/CMS, linked in, other web apps and sites. I actually have them printed on a file and locked in my desk. Its 29 printed pages....

Google is kind of a mixed bag now - its easier to use since they merge everything to one gmail account but if someone gets access to your gmail your are pretty much boned.
 

·
Jigsaw?
Joined
·
3,913 Posts
Wow, good to know. Was just shopping a new Ipad and AppleTV for the living room practice rig. First Apple gear in the house so very useful info.
 

·
Banned
Joined
·
21,673 Posts
I have oodles of passwords :( since I have worked on so many websites i have multiple ones for hosting account info, registrars, email, Google analytics, adwords, gmail, youtube, facebook, paypal, wordpress/CMS, linked in, other web apps and sites. I actually have them printed on a file and locked in my desk. Its 29 printed pages....
https://lastpass.com

That's the best way to go, IMO. It also works with either a Yubikey or Google Authenticator for 2-factor authentication.

Google is kind of a mixed bag now - its easier to use since they merge everything to one gmail account but if someone gets access to your gmail your are pretty much boned.
That's why two-factor authentication is nice. Something you know (password), something you have (cell phone).
 

·
Registered
Joined
·
1,484 Posts
enabled double authentication for all my google accounts today as well, will get the wife's set up this evening. can never be too careful, I'm glad i back up my mac religiously also
 

·
Banned
Joined
·
21,673 Posts
enabled double authentication for all my google accounts today as well, will get the wife's set up this evening. can never be too careful, I'm glad i back up my mac religiously also
Turn off Find My Mac too. Unless you travel a lot with it, there's no need. If you do need it, then use the Prey app that Chris linked yesterday.
 

·
It's not lupus.
Joined
·
1,689 Posts
I use Keepass (similar to lastpass) to manage my passwords and have it set up for multi-factor authentication to get to my password list; mainly something I have (one of my thumb drives with a key file stored on it) and something I know (very strong password). Another perk of programs like these is that you never have to actually type your account passwords so that key loggers are a moot point. Even if someone picks up the "reallylongpasswordthatwilltakeyearstobruteforcebecausetheydon'tknowwhatsortofcharactersiusedwhencreatingit" they still have a long way to go before compromising my accounts--time that would be much better spent attacking a single account.

Another thing you guys should do if you're interested in being more secure with your data: Encrypt your hard drives, especially if you have ever saved any sensitive information on it. That erases almost any hope of a thief being able to recover your sensitive information you may not even remember ever having on your computer if it ever were to be stolen.

Security is always a battle of convenience and actually being secure.
 

·
Read Only
Joined
·
7,880 Posts
I had turned off 2 step authentication on my google account when I had to keep getting my phone replaced because it was a pain to keep setting up. Thanks for reminding me to turn it back on :yesway:

Gotta look into one of these keypass/lastpass type deals too.
 

·
Banned
Joined
·
21,673 Posts
thank you for sharing these infos guys! but yeah i dont use my icloud ;/
This isn't really just about iCloud though. If you've got an online presence at all, this stuff is something to worry about. Do you buy stuff online? Do online banking/credit cards? All of this stuff could be fucked if you get hacked.
 
1 - 17 of 17 Posts
Top