The Cloud, and Single Points of Failure


The Cloud, and Single Points of Failure

The harrowing story of Mat Honan is a warning to us all (SMH report here). Mr Honan’s iCloud account was “hacked” – reportedly by social engineering at the Apple help desk.  Once access had been achieved,  the hacker went nuclear on all of Mr Honan’s stuff, using the remote wiping facility of the products to destroy his iphone, ipad and macbook air.  Tragically his iphone had been backed up the previous day to his macbook – which had also been wiped.     The hacker also compromised his Google account and Twitter and, apparently, through them a Gizmodo account.

The hacker was clearly being malicious.  The hacker also (apparently) contacted Mr Honan to tell them how it happened.  It is unclear what was motivating them, but they were clearly motivated by something.

The key thing to take away from this is that single points of failure (and by implication any IT monoculture) are bad.  People talk about how wonderful it is that Apple has a closed environment that they control so that they can keep out malware etc.  These types of arrangement are just bad in principle because they place too much trust in a single point of failure – in this case, according to Mr Honan, Apple Tech support. Unfortunately, single points of management are attractive because they are easier.  Any single point of management though is itself a single point of failure.

Preferably to remote wiping is using an encrypted device to store sensitive stuff. I can’t do this on my Android devices because they don’t offer file based encryption (only disk based) and it is too much of a pain to enter a password every time you want to use the device.  I do that on my laptop though, anything I would mind someone else seeing goes on a truecrypt/realcrypt encrypted usb key.

About these ads

1 Response to “The Cloud, and Single Points of Failure”


  1. 1 Знакомства Херсон 14 August 2013 at 5:57 am

    Howdy this is kind of of off topic but I was wondering if blogs use WYSIWYG editors or
    if you have to manually code with HTML. I’m starting a blog soon but have no coding know-how so I wanted to get guidance from someone with experience. Any help would be enormously appreciated!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




Blog Stats

  • 152,796 hits

OSWALD Newsletter

If you would like to receive OSWALD, a weekly open source news digest please send an email to oswald (with the subject "subscribe") at opensourcelaw.biz

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: