--- title: "ass03-security-flaws-essay" aliases: tags: - comp210 - assignment --- Jet Hughes 9474308 # References - # What are the articles? ## 2012 Honan Wired [link](https://blackboard.otago.ac.nz/bbcswebdav/pid-2956926-dt-content-rid-18904224_1/xid-18904224_1) - guy got hacked - amazon - apple - gmail - twitter - could have been prevented with 2fa on google - ultimate goal twitter - should have used backups for devices - was his fault - but also security flaws in apple and amazon - final four digits shared by amazon are required by apple - disconnect exposes flaws in tech industry - foreshadows issues in era of cloud and connected devices - password based systems are no longer suffice 5pm - phone powered down - This was irritating, but I wasn’t concerned - assumed it was a software glitch - phone automatically backs up - I was irritated, but not alarmed. - the screen went gray, and asked for a four-digit PIN - I knew something was very, very wrong. - unplugged my router and cable modem, turned off the Mac Mini - called AppleCare - a call had been placed just a little more than a half an hour before my own. - Apple rep didn't bother to tell me about the first call concerning my account - only shared this information after I asked about it - someone called AppleCare claiming to be me. - reported that he couldn't get into his Me.com e-mail - issued a temporary password - despite the caller’s inability to answer security questions I had set up - it did this after the hacker supplied only two pieces of information that anyone with an internet connection and a phone can discover. - a password reset confirmation arrived in my inbox - I don’t really use my me.com e-mail, and rarely check i - hackers immediately sent it to the trash. - reset my AppleID password - Gmail password recovery e-mail - Google account password had changed - reset my Twitter password. - used iCloud’s “Find My” tool to remotely wipe my iPhone, iPad, Macbook - deleted my Google account - the attackers posted a message to my account on Twitter taking credit for the hack. - not only had the ability to control my account, but were able to prevent me from regaining access - those deletions were just collateral damage ## 2015 Brandom Anatomy of a Hack [link](https://blackboard.otago.ac.nz/bbcswebdav/pid-2956926-dt-content-rid-18904225_1/xid-18904225_1) # What do they have in common? # Which C.I.A Dimensions are affected? # Case