GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2025-12-27 14:54:05 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity
f00169f85f
quartz/content/notes/ass03-security-flaws-essay.md
Jet Hughes f00169f85f vault backup: 2022-10-12 12:14:46
2022-10-12 12:14:46 +13:00

69 lines
2.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "ass03-security-flaws-essay"
aliases:
tags:
- comp210
- assignment
---
Jet Hughes 9474308
# References
-
# What are the articles?
## 2012 Honan Wired
[link](https://blackboard.otago.ac.nz/bbcswebdav/pid-2956926-dt-content-rid-18904224_1/xid-18904224_1)
- guy got hacked
- amazon - apple - gmail - twitter
- could have been prevented with 2fa on google
- ultimate goal twitter
- should have used backups for devices
- was his fault
- but also security flaws in apple and amazon
- final four digits shared by amazon are required by apple
- disconnect exposes flaws in tech industry
- foreshadows issues in era of cloud and connected devices
- password based systems are no longer suffice
5pm
- phone powered down
- This was irritating, but I wasnt concerned
- assumed it was a software glitch
- phone automatically backs up
- I was irritated, but not alarmed.
- the screen went gray, and asked for a four-digit PIN
- I knew something was very, very wrong.
- unplugged my router and cable modem, turned off the Mac Mini
- called AppleCare
- a call had been placed just a little more than a half an hour before my own.
- Apple rep didn't bother to tell me about the first call concerning my account
- only shared this information after I asked about it
- someone called AppleCare claiming to be me.
- reported that he couldn't get into his Me.com e-mail
- issued a temporary password
- despite the callers inability to answer security questions I had set up
- it did this after the hacker supplied only two pieces of information that anyone with an internet connection and a phone can discover.
- a password reset confirmation arrived in my inbox
- I dont really use my me.com e-mail, and rarely check i
- hackers immediately sent it to the trash.
- reset my AppleID password
- Gmail password recovery e-mail
- Google account password had changed
- reset my Twitter password.
- used iClouds “Find My” tool to remotely wipe my iPhone, iPad, Macbook
- deleted my Google account
- the attackers posted a message to my account on Twitter taking credit for the hack.
- not only had the ability to control my account, but were able to prevent me from regaining access
- those deletions were just collateral damage
## 2015 Brandom Anatomy of a Hack
[link](https://blackboard.otago.ac.nz/bbcswebdav/pid-2956926-dt-content-rid-18904225_1/xid-18904225_1)
# What do they have in common?
# Which C.I.A Dimensions are affected?
# Case
Reference in New Issue View Git Blame Copy Permalink