back to article Scribe's mobe, MacBook pwned after hacker 'fast-talked Apple support'

Tech journo Mat Honan has told how he helplessly watched a hacker remotely erase and lock his iPhone, iPad and MacBook after his iCloud account was hijacked. It's a cautionary tale against relying too heavily on one cloud platform. But the kicker? It's alleged that the miscreant sweet-talked an Apple support staffer and …

COMMENTS

This topic is closed for new posts.
  1. Oliver Mayes

    "having a 3-letter Twitter [handle]"

    Sorry, what? What difference does it make what his username is? That's not privileged information, does he mean the password?

    1. Anonymous Coward
      Anonymous Coward

      Probably they mean that it would make him a higher profile target.

    2. Anonymous Coward
      Anonymous Coward

      Oops

      He must really have piss*d someone off with one of his stories.

  2. Bob Vistakin
    FAIL

    Account hacked?

    You're using it wrong.

    1. Anonymous Coward
      Anonymous Coward

      Re: Account hacked?

      Looks like the HSBC error message is more accurate than first thought.

  3. Silverburn

    It's a cautionary tale against relying too heavily on one cloud platform.

    It's a cautionary tale against relying too heavily on any cloud platform as your sole datastore .

    Fixed it for ya.

    1. FartingHippo
      Boffin

      Fixing the fix

      It's a cautionary tale against having a sole datastore, or having none which are offline.

    2. Lord Voldemortgage

      It's a cautionary tale against relying too heavily on any cloud platform as your sole datastore .

      iCloud wasn't the sole datastore here, just backup. The problem is that access to this backup also grants access to delete the primary store.

      -

      Tricky one now for Apple - can they help him get anything back from his MacBook or not? And if they can what does that say for the security of their remote wipe procedure?

      1. This post has been deleted by its author

      2. Aramando

        Tricky one now for Apple - can they help him get anything back from his MacBook or not? And if they can what does that say for the security of their remote wipe procedure?

        He said in his Tumblr post that he removed power from the Macbook before it had the chance to begin the data overwrite phase of the secure wipe process, and that that is why Apple think they might be able to restore the data for him.

        1. Ian Johnston Silver badge
          WTF?

          Don't Apple do backups?

          Surely they must have a copy of the stuff he had in their cloud, somewhere?

          1. Ammaross Danan
            FAIL

            Re: Don't Apple do backups?

            My thoughts exactly. His docs, pics, etc should be mirrored out there in the iCloud. If the remote wipe feature purges all data from the computer, whether the iCloud has a copy or not, and the question remains of why not, that's a fairly scarey situation to be in. Someone hacks Apple and now you run the risk of losing everything on all your iDevices before you get notification from Apple.

            If I lose my laptop, remote wipe isn't my savior, it's the full-disk encryption and long password that saves me.

            1. JOKM
              Facepalm

              Re: Don't Apple do backups?

              A bit more difficult to turn it off these days being you can't remove the batteries and they wake up on lan and silently update whilst asleep.

              Remote wipe on the iphone doesn't actually wipe the data, it merely throws away the keys used by the hardware encryption.

      3. Law
        Black Helicopters

        "iCloud wasn't the sole datastore here, just backup. The problem is that access to this backup also grants access to delete the primary store."

        I have a primary store (my mac), an offsite backup (livedrive) and an offline backup (removable hdd backup timemachine). Once a month I'll back up locally using my ext hdd, the rest of the month livedrive syncs.

        My main worry is my gmail account which I do attempt to export occasionally. That basically has all my live drive details in it, any software serials, contacts, calendars, and god knows how many years of my emails with random info on there.... if I lost that, I'd be pretty screwed.

  4. Daniel Hall
    Trollface

    "Apple had not returned a request for comment at the time of publication. ®"

    Surely, you can drop this line at the end of your reports now ;-)

    1. Tim #3

      iGnore?

    2. Shady
      Windows

      RE: @"Apple had not returned a request for comment at the time of publication. ®"

      It's part of El Reg's page template

    3. Anonymous Coward
      Headmaster

      Re: Apple had not returned a request for comment

      They do seem to have gone off you again.

      Anyway, about this turn of phrase: please see the last BFOH story and learn the lesson of speaking plain English, as, for example, Apple had not responded....

      A returned request would be like a returned letter.

      I do admit, though, that this is not nearly as bad as inviting someone to revert to you --- when they were not you in the first place!

      And to the victim of this tale, I say ... keep backups, for god's sake. Backups you can take from a drawer and connect to your computer, not just backups that rely on someone else's service.

  5. The New Turtle
    Meh

    While it's no excuse to be smug, how can anyone who is familiar with computers possibly rely on the 'cloud' for backup.

    1. Naughtyhorse
      Trollface

      While it's no excuse to be smug, how can anyone who is familiar with computers possibly use apple.

      there fixed it for you!

      1. Danny 14

        rely? I would rely on my cloud backup if my local HDD overnight backup failed, and the overnight NAS backup to separate building failed and the rolling tape backup failed. Then the cloud backup would be relied upon.

        In this case it wasnt so much the cloud backup failed, it was that the cloud backup along with primaries were wiped by a third party.

  6. dharmaseal
    Big Brother

    Due Diligence

    I'm sympathetic to Mr. Honan's loss. I've been burned myself and in retrospect I could have avoided it by more carefully considering what exactly it was I should be doing.

    The Apple iCloud and the like have been rammed down the publics' neck in a marketing blitzkrieg to gain and further control of users data, apps, hardware, communications, location, and travel, spending and social behaviors. What gives?

    It's ok to 'just say no'.

  7. Mike Judge
    FAIL

    You play with the devil

    that's what happens...

    Really, a tech journalist should know better. Apple can wipe everything you own, hardware or software at the press of a button.

    It's a weekly occurrence here, that someone is crying because their computers HDD failed, and when they put a new one in, their iPod was wiped of all it's music. I just laugh as them and ask them what they expected when dealing with Apple.

    1. Anonymous Coward
      Anonymous Coward

      Re: You play with the devil

      Goodness, are you really so technically ignorant that you can not explain to them about syncronisation? Or are you just a nasty, conceited piece of work?

  8. Lee Dowling Silver badge

    The Gizmodo thing is Gizmodo's fault. They say themselves he was an ex-staffer who still had access. Why?

    Most of the rest is Apple's "fault" for allowing the bypass of their security procedures.

    But not having other backups of the data, or other ways to access it? That would be the victim's fault.

    Don't rely on the cloud. It's just not worth it. Don't rely on any one company, entity, connection, location, storage, it's a simple rule.

    The only other difference, I think, is really how much control you voluntarily give to the people behind the OS running on your phone / laptop. Personally, my phone being wiped or blocked wouldn't be that much of a chore. I'd hunt down a replacement and copy back over my contacts list. My laptop, on the other hand, I would not be pleased to find had been wiped remotely. Yes, I have backups but the SETUP of that machine and the ACCESS to a facility that can remote-wipe the drive is not something I'd trust anyone else with. Hell, I'm not sure I'd trust ME with a button that did that (hence, I don't use remote-wipe software for laptops).

    I would not trust Apple with that facility. I would not trust Google with that facility. I would not trust any brand-name with that facility. There's just too much inconvenience if they get it wrong or do it by accident. If you want that, encrypt the drive and make MASSIVE amounts of backups of the keyfiles. If it's stolen, it's already "remote-wiped" with undecipherable random data that's useless without the key. But the difference is, if it's returned you can restore access and know it was untouched and you can also do so without reliance on ANY brand-name company whatsoever to do it for you (or, in this case, not do it for you).

    Remote-wipe is for people that haven't found TrueCrypt yet, or are too thick to not keep their keyfile/passphrase scribbled on a post-it stuck to the machine that would get stolen along with it, and those who implicitly trust a multi-billion dollar company to work in their interest, perfectly, all the time.

    1. Mark 65

      I would guess the Apple staffer is a soon to be if not already ex-staffer. Anyone who allows all security questions to be bypassed is clearly not fit to carry out the role they have been given.

    2. JOKM
      Stop

      I think the fault lies with the person who hacked the accounts and wiped it.

      Its a bit like saying someones house was burgled was their fault because they used a 3 lever lock and not a 5 lever lock. You might as well blame him for using the internet without a degree in cyber security.

  9. Anonymous Coward
    Anonymous Coward

    Pwnage?

    There's an app for that.

  10. Shane8
    Trollface

    He eventually managed to get back into his iCloud profile and change his password, but Apple couldn't do anything about the fact that all his iDevices had been wiped - losing photos, documents and emails - other than getting him an appointment at one of their Genius bars for the MacBook.

    Genius' ? really ? This line alone made me ROFL - started LOL when MacBook appeared....still LOL now.

  11. Fred Flintstone Gold badge

    I have just a single question for this techno journalist

    WHY DID YOU NOT MAKE YOUR OWN BACKUP, YOU MORON?

    Honestly, someone with just the smallest smidgeon of a clue would have backed up at least his laptop (it's harder with iDevices because iTunes only keeps 1 backup, thus erasing the very thing you need when you connect the device for recovery - duh). It's not like it's hard on a Mac, even if you don't use stuff like Carbon Copy for a bare-metal backup you can even just boot from in case of emergency there is still Time Machine.

    Personally, I will not go near iCloud, but Apple is trying to brute-force people down that route by making it the only resource through which you can keep notes and reminders in sync (you an use groupware for calendar and contact sharing). As a matter of fact, the very first thing it does when you enable iCloud is make an immediate copy of your contacts - it doesn't even ask. Only after it has gone live can you kill that off - you then have to log into iCloud to zap what it has copied. AFAIK that breaks Data Protection rules in Europe, but IANAL.

    Anyway, nice single point of failure. True Cloud services - the data went up in smoke..

    1. KroSha
      FAIL

      Re: I have just a single question for this techno journalist

      +1. The Cloud is not a suitable backup strategy. All it does is keep your devices in sync. Anyone who thinks that Apple / Google / MS / Dropbox is keeping all their stuff safe deserves to lose it all.

      Back your stuff up yourself. It doesn't matter what you use; Time Machine, CCC, rsync, as long as you have at least one (bootable) copy in the event that your main HDD goes south. It's YOUR data and YOUR responsibility to ensure its safety.

    2. Anonymous Coward
      Anonymous Coward

      Re: I have just a single question for this techno journalist

      Nonsense. Cloud storage is convenient and saved a friend of mine's iPhone data twice when she managed to lose the lot, being a normal user in a normal job, whose obsessions, work and spare time do not involve understanding computing or any technology,. But there are other, easy, if less handy and hands-free ways to synchronise your devices.

      I do not use iCloud because it entails storing data on USA hosted machines and I do not trust USA legal access rights. But I still sync data perfectly well.

      These cloud servces are not meant to be ultimate back-up services. They are a convenient way for the normal user, from school child to pensioner, to get some modest data security and universality (I know Google would have it otherwise; but that does not make them right).

      1. Danny 14

        Re: I have just a single question for this techno journalist

        I am not totally up to date on apple stuff. However I imagine there is an app similar to windows backup? On my personal machine at home I use windows 7 inbuilt backup to an external drive. This is my nightly incremental backup. I also backup to my personal web server hosted "somewhere" via webdav mapped drive and a simple robocopy script (pretty much "cloud"). I can bare metal from the hdd or get my essential stuff back from the web server if need be. Im sure apple can do the same with a HDD that wouldnt have been wiped.

  12. Anonymous Coward
    Anonymous Coward

    As much as people will make out this is a technology problem, the weak point is as ever a human being on the phone.

    This is a confidence trick as old as the hills. It can affect any company and any platform if the human at the other end of the phone is fooled.

    1. BristolBachelor Gold badge

      Yes; the weak point was a human being, but not because of confidence tricks.

      Seriously think about it. It is a system that contains a mechanism to permanantly erase all the primary data and the back-up at the same time! How many other backup systems do you know with this feature?

      1. Anonymous Coward
        Anonymous Coward

        Pardon

        It's not a back-up system.

  13. nsld
    FAIL

    If this guy worked for me he would already be at the jobcentre

    "But Paul Ducklin at security firm Sophos said that these kinds of social engineering attacks were "really hard to defend against".

    "You can have - and enforce - utterly inflexible procedures for password reset, but in my opinion, the main reason companies endorse this sort of inflexibility in technical support isn't to improve security, it's to save money by taking humans out of the loop," he said. "The inflexibility means that legitimate users will, from time to time, be incontrovertibly incommoded.

    "Or you can keep humans in the loop, and run the risk that their occasional helpfulness will occasionally be off the mark. That's what happened with Honan."

    ===================

    What a load of bollocks!

    All of our account management is handled by people and we have rigid and inflexible processes for a reason, so that social engineering attacks using sweet talk will fail. Of course if someone can answer the security questions then they will get past security but if they fail they should stay failedregardless of how sweet they are on the phone.

    If any of my team did what the Apple droid did they would be fired, no ifs or buts, its even in the job description.

    Yes we piss off customers who cannot answer the security questions and yes I get the escalations and an earful of abuse from those who cannot get a password change or account details as they cant pass security and as I explain to them, would they be happy if I called up there bank, failed security but still got given all the money in it?

    At the end of the day proper team training and an adherence to process will maintain security, but you would hope a security advisor would know that.

    1. Danny 14

      Re: If this guy worked for me he would already be at the jobcentre

      not sure why you got downvoted. Seems pointless having security questions if they can be bypassed.

  14. Fred Flintstone Gold badge

    Apple fail

    In a way it is good that Apple has demonstrated that having good quality passwords counts for nothing if you have helpdesk staff capable of overriding it (I guess the same goes for Google's two-factor login - insiders beat front end any time). What I want to know is why it wasn't possible to start such a reset process with a code send via iMessage to all his devices? They had his Apple ID, so they had an address, and by sending a reset code which needed entering together with some private details such as last iTunes purchase or something it would have stopped the hack attempt dead and would have alerted him to the attempt in progress..

    1. Vector

      Re: Apple fail

      Sorry, but you're missing the point of remote wipe completely!. The idea (and it's useful in many circumstances) is that if your device is stolen, the thief can be prevented from accessing any sensitive data. Kinda hard to do, if the thief has to give permission for the wipe to happen.

      "Mr. thief, would you mind terribly if we eliminated all the data you've tried to obtain (Y/N)?"

      1. Fred Flintstone Gold badge

        Re: Apple fail

        Umm, no, the helpdesk was asked for a password reset, not a remote wipe. The remote wipe was initiated by the hacker after he gained access - if helpdesk had given the actual owner a heads up that such was in progress it would have never gotten to the remote wipe stage. In addition, call me paranoid but especially the ability to reset my password by a 3rd party would have me worried - I have an obligation to protect client data, and some untrusted 3rd party resetting my password would not go down well in an audit. QED..

        On the topic of remote wipe on iPhones, all the lucky finder has to do is to kill location services on the iPhone so one hopes you have at least a timed password/PIN set.. I have the "try 10 times and I nuke the device" option enabled - the cost of the device pales in significance to the potential costs of data disclosure, and my nervousness about any organisation having remote control access to my machine has been proven correct.

        Personally, I would prefer Prey (preyproject) for my laptop if it wasn't for exactly that 3rd party control risk.. It works, and does a lot more if there is a problem, but I can't use that either. Sigh.

        1. Danny 14

          Re: Apple fail

          remote wipes are also part and parcel of an exchange account too. This isnt the domain of apple entirely. Get your android tablet or phone to sync with exchange and see the warnings pop up.

          1. Anonymous Coward
            Thumb Down

            Re: Apple fail

            Yup.

            My work just switched email systems from FirstClass [AKA "FirstCrap" ] to Outlook and, after I linked to the Outlook account with my iPhone, I noticed a new option to remotely wipe the device appeared in Outlook's preferences. Needless to say, I promptly unlinked my phone from the account again and, if I need to access my work email on my phone, I use the Outlook web app.

  15. Callam McMillan
    Meh

    Backups and Passwords

    I really don't get this obsession for backing up to the cloud. Yes I use Dropbox for some of my data, but most of it resides on my mirrored drives in my machine. Every night an incremental backup gets made which is copied to a backup drive, then once per week this backup is copied to an external hard disk which is then locked in a fire safe. Yes it's overkill, but it means that should my machine be corrupted, damaged or stolen, my data will be safe.

    As for his gmail being deleted, it sounds like he used the same password in multiple places, since gmail requires that you enter your password to make certain account changes, plus any really important mail should be backed up!

    If this was some ordinary user I would have to feel a little sorry for them, and would perhaps offer them some helpful advice to avoid it happening again. As a tech journalist however, they should have known better than to rely on 3rd party services!

    1. gorra

      Re: Backups and Passwords

      "As for his gmail being deleted, it sounds like he used the same password in multiple places, since gmail requires that you enter your password to make certain account changes, plus any really important mail should be backed up!"

      The attackers never had the password, mate. Apple let them in without knowing password or security questions. How could the journalist protect himself once they owned his phone?

  16. roobear
    Facepalm

    It's not clear from the article that any data that had been backed up to the icloud was deleted, only that the remote wipe cleared data from the various idevices.

    A physical backup would have helped, but most people are unlikely to have a backup schedule to prevent precious documents/photos/contacts etc. from being deleted.

    1. KroSha
      FAIL

      "A physical backup would have helped, but most people are unlikely to have a backup schedule to prevent precious documents/photos/contacts etc. from being deleted."

      This is precisely why Apple introduced Time Machine; something like 7% of user regularly backed up their data at the time. It's not exactly difficult; you plug in a USB / Firewire HDD (or connect to a network share) and it does a backup of your HDD, a full one first and then incrementals. Anyone who has a Mac has NO EXCUSE for not having a recent backup. I rather suspect that the first question the Genius asks will be along those lines. At which point he'll look embarrassed and mutter "no".

  17. ItsNotMe
    Pint

    Can this from Woz be any MORE appropriate?

    http://www.zdnet.com/wozniak-i-really-worry-about-everything-going-to-the-cloud-7000002193/

    I'll pass on "The Cloud" thanks.

    1. Fred Flintstone Gold badge

      Re: Can this from Woz be any MORE appropriate?

      Never gone near the whole idea. From my perspective, all this "sharing" just makes life easier for unlawful intercept and identity thieves to get what they need to make people's life miserable. No thanks.

  18. Anonymous Coward
    Anonymous Coward

    The problem with a walled garden

    is once the tiger is inside the walls you've got nowhere to run and nowhere to hide.

    1. katx5h

      Re: The problem with a walled garden

      Are you sure you mean Tiger not Mountain Lion!

  19. Dave Perry
    FAIL

    This is why

    I advise nobody I deal with to trust iCloud. They've said themselves it's not fit for enterprise, it surely has no chance of credibility in that field now.

    My macbook pro gets backed up weekly to an external USB drive, and regular iPhone syncs mean at worst I lose a day or two's pictures.

    And I keep account linking down to a minimum, at best my gmail pulls in other POP3 accounts.

    1. Dan 55 Silver badge
      Alert

      Re: This is why

      You need to program a forward from your other POP3 accounts, you do.

  20. toadwarrior

    The problem isn't backing up to the cloud. It's the low paid phone monkey that gave access to his account. That combined with the security feature to remotely wipe your stuff is what caused him problems.

    The remote wipe feature is really nice if you lose your hardware but that means you need to be very certain you're giving access to the right person to do that.

  21. Dan 55 Silver badge
    Stop

    iStickMyHeadInTheSand

    Anyone who entrusts their data to iCloud and allows their devices to be remote wiped after seeing story after story about MobileMeh in action and Apple IDs getting compromised is just asking for it.

    Not Apple bashing, all consumer-orientated cloudy services are in their infancy and I don't know of one which authenticates with e.g. certificates instead of simple passwords (that'll get some replies proving me wrong).

  22. Anonymous Coward
    Anonymous Coward

    Now there's a phrase you don't hear every day...

    ... incontrovertibly incommoded"

  23. Anonymous Coward
    Anonymous Coward

    "......helplessly watched a hacker remotely erase and lock his iPhone, iPad and MacBook after his iCloud account was hijacked. It's a cautionary tale against relying too heavily on one cloud platform."

    Automatic, Everywhere, not so clever after all!

  24. Rufo
    WTF?

    The more important question here

    who the hell is Paul Ducklin and what has he done with Graham Cluley?????

    1. Gordon Fecyk
      Black Helicopters

      [iPolice]Graham Cluely? Never heard of him.[/iPolice]

      Maybe they finally caught up with him after he wrote about an actual Mac OS X virus. Some time later, Apple pulled a 2007 virus advice web page that contained no new virus advice.

  25. ukgnome
    FAIL

    oh dear

    if data doesn't exist in at least 3 places then it doesn't exist at all.

    Even my mum knows that

    1. Anonymous Coward
      Anonymous Coward

      Re: oh dear

      .. but that's just you explaining away the height of the pr0n magazine stack ..

    2. Naughtyhorse
      Joke

      Re: oh dear

      unless its a pic of you doinking the bosses homely daughter in which case it will be resurrected constantly - usually at around annual review time :-)

  26. Gordon Pryra
    WTF?

    A lot of "Moral High Ground" crap here

    How many people here talking about "their strict internal policys" and "should have taken a backup" are talking out of their arse?

    I mean ffs, strict internal policies are only good untill they meet reality, and reality is a human being on the phone ignoreing policys to get their job done. The oldest trick in the book for getting an admins password changed is to phone up the internal it and ask them to reset it. Ive done it myself to proove how a companies "strict internal policys" are utter crap.

    And backups? I personally own 5 removable hard drives for backing up my wifes web site, every time I think about doing the backup I buy another one. But I know I have only ever taken 3 out of the wrapping.

    Its a chore we know we are supposed to do, and like many organistations I get employed by to perform backup audits and process checks, the one thing many of the people on this page would be up s***t creak if they ever needed to restore something.

    I really hope the people laughing here are 100% certain that their own deck of cards is nice and secure.

    1. Fred Flintstone Gold badge

      Re: A lot of "Moral High Ground" crap here

      I really hope the people laughing here are 100% certain that their own deck of cards is nice and secure.

      I wasn't laughing, I was annoyed with someone who (as a tech hack) should know better being stupid. Apple screwed up, badly, but the author cannot blame a lack of backup on Apple - especially since he had a Mac in that collection. Getting a decent backup going on a Mac is incredibly easy with time machine, and it's even easier if you se t it up on a network mount because Time Machine will automatically resume as soon as it recognises the home network.

      As for you, if you use Windows get yourself a copy of Acronis True Image Home (download from acronis.com). That's all you need, and once you made the emergency boot CD (of which I always keep a spare ISO dump on the backup disk itself) you just let it do its thing to have a full, up to date backup (also saves deciding on what to back up - just do the lot). If you do this at least weekly you should be fine - better than buying yet another external drive you'll never use.. The benefit of a full backup is that you don't spend a week digging out serial number and installing and configuring everything again - you just rebuild from scratch and get on with it.

  27. Wild Bill

    Here's my answer to any 'secret answer' / 'password reminder' questions on these sorts of things...

    0gu9034n= 7b =30yperh erhg werhgp wehrgklwehrguipehrghekgdfbn.db ndb ddfjkdjdddfafg34349394tb

    I then proceed to remember my actual password.

    1. Gav
      Boffin

      Re: Here's my answer to any 'secret answer' / 'password reminder' questions

      I'm right with you there. Unfortunately some places *additionally* ask you these questions, even after you have already logged in, if you wish to do anything particularly relating to your account or security. Like changing your existing password.

      So at that point your smart answer would effectively lock you out of managing your account.. Unless you really have remembered 0gu9034n= 7b =30yperh erhg werhgp wehrgklwehrguipehrghekgdfbn.db ndb ddfjkdjdddfafg34349394tb.

      The best thing to do is answer something totally unrelated to the question, and 'remember' it in a suitably encrypted password vault. But of course, that's not going to help you if the support staff can be "sweet talked" into ignoring the requirement to answer it.

  28. Dr. Ellen
    Facepalm

    Backup

    I do my own backup, on an external HDD. I have enough problems with my *own* mistakes -- why should I let the rest of the world help make mistakes for me? No cloud, not for me.

    1. toadwarrior

      Re: Backup

      That external drive won't be of much use when your house burns down or if someone steals it.

      I find it makes more sense to make up locally and then also dump data on a service like rsync.net. With three copies of something and one in a remote localtion, I'll have to be pretty unlucky to lose all of it at the same time.

      1. Anonymous Coward
        Holmes

        Re: when your house burns down

        Therefore we have off-site storage.

        Where personal, rather than commercial, situations are concerned, this can be one hdd at home, one at a friend's house. This is what I do.

        (although I must confess, they are both on site at the moment, but I've got a surprise security audit lined up for myself next week...)

        1. Anonymous Coward
          Trollface

          Who down-votes a simple, reliable backup method?

          Probably a cloud salesman, I suppose.

          Well, getting a hint of a coming security audit, I sent my disk offsite today.

          I'm not a professional any longer. What I do is ample for a personal system --- and it doesn't rely on the stinking cloud!

          (Or the internet connection to it, which has been damned unreliable here, for the past six weeks, and not available at all for days on end)

  29. Kevin McMurtrie Silver badge

    It makes rain so it must be a...

    Apple, Microsoft, and Amazon are data centers. They are not a cloud. The cloud is when your computer has full access to the systems of your choice. The cloud would be you, your family, and a few friends having online storage in their homes that you share with each other. There's nothing technically new or difficult about software to aggregate multiple systems into one robust virtual device. The problem is that ISPs have money making monopolies/duopolies that must be protected with tight customer usage controls. You don't get a static IP address, you aren't allowed to run servers, and anything that doesn't make the ISP money gets throttled. As long as ISPs don't allow it, nobody is going to create the software for it either.

    1. xyz Silver badge

      Re: It makes rain so it must be a...

      ..ah, a BT customer writes

    2. Anonymous Coward
      Anonymous Coward

      Re: It makes rain so it must be a...

      You mean...

      The "cloud" providers just borrowed a word that has been on every network diagram that includes the internet, and turned it into a proprietory product? Or should I say "stole?"

  30. Eddy Ito
    Coat

    Has to be said

    One bad Apple spoils the bunch.

  31. chris 17 Silver badge
    WTF?

    is there any proof to this?

    so some journo who is probably is looking to spice up an article (career) has been targeted for hacking, with the entry method being social engineering access to his iCloud account through apple support.

    All sounds plausible, but it aint true until its been verified / validated that that is what (could of) happened. Come on el reg, dig deep and prove to us this is a legitimate story. What bad apple policies make this plausible. What could apple do to mitigate these issues.

    actually whilst at it, could you do an article as to why some people are whipped into a frenzy at any opportunity to bash apple? i don't get it.

  32. tempemeaty

    Devices with that level of built in remote access...

    Any equipment that has a built in method for the company who made to go into it and wipe your data remotely is not equipment I want to own. That kind of access existing in the device holding your data is wrong.

  33. Stuart Dole
    Thumb Down

    backups...

    There is always risk. Fire is a big one - even if you have a week-old HD in a fire-proof, is it really fire-proof? Will it really read after a couple of hours of cooking, then marinating in the water used to try to put the fire out? Offsite mirroring of some sort - Mozy, Memopal, Carbonite, iCloud - helps with this, but yes, you can't rely on it either. Even without fire, I once came to work (small consulting company) and the building was surrounded with yellow tape - crime scene, no access for a week. All the computers were stolen, from all the businesses in the building. Fortunately we had some old 386 and 486 machines as file servers and the thieves knew they weren't valuable and left them. So we had the current source trees and archives for most of our projects - but we did lose a lot.

This topic is closed for new posts.

Other stories you might like