The Cloud, and Single Points of Failure
The harrowing story of Mat Honan is a warning to us all (SMH report here). Mr Honan’s iCloud account was “hacked” – reportedly by social engineering at the Apple help desk. Once access had been achieved, the hacker went nuclear on all of Mr Honan’s stuff, using the remote wiping facility of the products to destroy his iphone, ipad and macbook air. Tragically his iphone had been backed up the previous day to his macbook – which had also been wiped. The hacker also compromised his Google account and Twitter and, apparently, through them a Gizmodo account.
The hacker was clearly being malicious. The hacker also (apparently) contacted Mr Honan to tell them how it happened. It is unclear what was motivating them, but they were clearly motivated by something.
The key thing to take away from this is that single points of failure (and by implication any IT monoculture) are bad. People talk about how wonderful it is that Apple has a closed environment that they control so that they can keep out malware etc. These types of arrangement are just bad in principle because they place too much trust in a single point of failure – in this case, according to Mr Honan, Apple Tech support. Unfortunately, single points of management are attractive because they are easier. Any single point of management though is itself a single point of failure.
Preferably to remote wiping is using an encrypted device to store sensitive stuff. I can’t do this on my Android devices because they don’t offer file based encryption (only disk based) and it is too much of a pain to enter a password every time you want to use the device. I do that on my laptop though, anything I would mind someone else seeing goes on a truecrypt/realcrypt encrypted usb key.
Brendan Scott's Weblog 