[PCWorld]

Post your comments for How Did Apple Allow Hackers to Access iCloud Account? here

[GwenEams]

You are a tech writer? Thanks, PCWorld!

[bullywug]

I have experienced this sort of difficulty with several companies not the least of which is PC world who refuses to send me the email verfiication they said they were going to send. So this comment almost certainly won't get posted and the webmaster at your company is ignoring my complaints.
As far as Apple support goes, I am an Apple Certified Support Specialist and I have an indepth working knoweldge of their support practicies through talking to other Support Specialists and through information Apple chose to share in meetings. Apple's support is criminally inept. They tell customers support will do certain things for them that support cannot do and the support agent will not stand by their statement. Besides giving false information to users they also work the system to get that amazingly high customer satisfaction rating by badgering customers until they agree that they received excellent support and they're totally happy. There are a lot of other issues to do with hardware replacement and lies and manipulation by the Apple Stores. In a nut shell, do not trust Apple. I'm not saying don't buy them, that's your choice. I'm saying that they are, in my experience, not trustworthy and that's a bad place from which to start a business relationship.

[MichaelRousseau]

So I don't have to worry about Tony hacking me? LOL OK I will strike your name off my hackers list.

[CeLtiKo]

Hi Tony,
I would like to start by saying that I enjoy your articles very much, regarding this one, unfortunately, I can also relate with it. A decade ago I had a girlfriend that without any special computer skills, when I broke up with her she was able to get access to my ISP email account password, and with that she changed all my personal info and deleted all my emails. She didn't need to be a genius at computer security, only to have a good story and social engineer into my account. But that was a long time ago, a couple of years ago I thought things had changed, and that ISPs and service providers had learned the lessons of the past when, in the middle of an encryption class at college, a colleague of mine spoken out loud my ISP email password and those of some other colleagues of mine, I was stupefied, it was so easy to him to get my password, all he needed was my email address and because he worked on that ISP he was able to get it, the users and passwords database was encrypted off course, all securities were in place so that the ISP couldn’t get attacked from outside the organization, but from within, well it was piece of cake for him to read my emails and get an hold into my contacts and phone bill list.
And that is the reason why I don’t think it is a surprise that someone social engineered into Mat Honan iCloud account, IT security has come a long way, it is very mature now, and with all the military level encryption we now use on a daily base, plus all the networking security measures we now dispose, hackers are left with possible software exploits and possible DDOS to make a stand, but who even does it anymore? It is so time consuming and, by the end when you can get a hold on the info you wanted it doesn’t have any value anymore. So what are the fastest ways to breach into someone account? You can start with social engineering, if it doesn’t work, how much does a call support guy earn in a month? 1000$? Give him 500$ And you’ll get the info. You don’t have 500$ but you have a very concrete objective and you’ve completed your high school, apply for a job and get access to every account in a shorter time than if you were decrypting a piece of encrypted hijacked information, and you even get paid for it.
And that is the reality we’re at, we have top of the line security tools at everyone’s disposal but corporate procedures haven’t followed up their evolution, and with cloud computer I just see it as a top priority, as it could bring a lot more of damage than a simple email or icloud account. For example imagine that someone social engineers into salesforce.com and gives a huge competitive advantage to some corporation by having that corporation knowing all the customers from their competitors and ongoing business propositions… Yes, it would be a big disaster, in that situation it wouldn’t be some emails lost, or some contacts stolen, we would have possible businesses closing and people sent to unemployment.
It makes us think doesn’t it? Could it be already happening? The world is demanding top of the line Data Centers for cloud computer services, top of the line security for networking, top of the line encryption software and security measures, but almost no one, when contracting a cloud service, is even thinking or concerned with the cloud computer service provider internal processes and staff, so I can only guess that social engineering will be in the top news to come, but off course, I hope I’m wrong.

[Shaunw]

PCWorld, on 05 August 2012 - 05:35 AM, said:

Post your comments for How Did Apple Allow Hackers to Access iCloud Account? here

Had the same thing happen to me. Took about 2 months to sort it out. Many emails because there is no phone support unless you kick and scream.I ended up become very rude in my responses because it was clear thy did not understand the issue and no one was actually reading what I wrote. I Even went into upper west side apple store and met with a manager and genius who agreed things were screwed up but could provide no help. When my account was eventually sorted out they gave me 5 iTunes singles as an apology... Can't believe it took you a year.

[jafu3457]

I won't put my personal or financial information in the control of someone else. This is what happens in the cloud. I have all my passwords and account information on a flash drive and a clone of the flash drive in case of failure. In case both flash drives fail I have a printed copy locked away in a safe place. Even with all that I know I have certain vulnerabilities, but they are reduced by keeping sensitive information off my computer and the cloud.

[ScottTheTechguy]

OR....it's an Apple employee / inside job that hacked his account.

[HughFuve]

its not too hard actually, some trojans nowadays key log and listen to you through your microphone, and then well.. they have all the info they need. Once they have the goods, they wipe your device clean and take control

[BobAho]

Nice story but there's a common adage among those in the sciences that the plural of anecdote is not data. That is, you are assuming that your experience, as awful as it may be, is common to the point of standard. Furthermore you are overlooking the "black swan" effect - it never happens until it happens. In the end you make a tremendous number of assumptions and apply that n=1 sample size to reach a conclusion you already predetermined to be the one you want.

[wildcatherder]

What I got from this article: if you are trying to hack Apple, don't try to do it through technical support. Hmm...

[WillLipscombe]

I am not allowed to say that I work for Mapple (lol) or that I am currently on the "eye-oh-$" (wink,wink) support team; but I can say that I am an A+ certified, MCSE......
This is absolutely correct ........ a large portion of the calls we get are people trying to access their Mapple accounts and are having difficulties.
We NEVER have access to passwords (of course) and the ONLY way we get email addresses (whether ______@me.com or others) is if customers give them to us...... absolutely, positively.
What I CAN say is that the process is EXTREMELY logical and it WORKS EVERY SINGLE TIME.
I have spent hours on the phone with customers frustrated because they are POSITIVE they know there password, username or security question response only to miraculously remember the real answer.
What we do is guide customers through the process of updating and/or retrieving there information for themselves......... and I can guarantee it works every single time.
Ask any I.T. person and they will tell you one of the biggest issues we face is end users forgetting there usernames and or passwords. That and the fact no one bothers to backup data files. <smile>

[jazzy007]

Tony, Apple Tech support and hackers are two different things. One does not know what to do but follow the script given to him. The other is a thinker and can figure a way to break in. Every software is hackerable. There is always a way to get things.

[ReadandShare]

This may be more work than most are willing to endure, but it has its benefits: I maintain a spreadsheet of all my accounts, along with their corresponding passwords, and any info I store at those accounts or websites -- such as bank account info, credit card info or email address info.

Whenever I change or update my address or credit card, etc. -- it's an easy thing to look up my spreadsheet and see all the places where I need to update.

[TheTess]

Keep living in the cloud people. Why you think its safe, I will never understand.

[TheTess]

bullywug, on 05 August 2012 - 07:05 AM, said:

I have experienced this sort of difficulty with several companies not the least of which is PC world who refuses to send me the email verfiication they said they were going to send. So this comment almost certainly won't get posted and the webmaster at your company is ignoring my complaints.
As far as Apple support goes, I am an Apple Certified Support Specialist and I have an indepth working knoweldge of their support practicies through talking to other Support Specialists and through information Apple chose to share in meetings. Apple's support is criminally inept. They tell customers support will do certain things for them that support cannot do and the support agent will not stand by their statement. Besides giving false information to users they also work the system to get that amazingly high customer satisfaction rating by badgering customers until they agree that they received excellent support and they're totally happy. There are a lot of other issues to do with hardware replacement and lies and manipulation by the Apple Stores. In a nut shell, do not trust Apple. I'm not saying don't buy them, that's your choice. I'm saying that they are, in my experience, not trustworthy and that's a bad place from which to start a business relationship.

AS much as I hate crapple, you could be an axe murderer for all we know.
Anybody can say they work for apple.
Backup your comments with undeniable proof. Until then, troll elsewhere.

btw, I now work for the FBI

[Anonymous777]

bullywug, on 05 August 2012 - 07:05 AM, said:

I have experienced this sort of difficulty with several companies not the least of which is PC world who refuses to send me the email verfiication they said they were going to send. So this comment almost certainly won't get posted and the webmaster at your company is ignoring my complaints.
As far as Apple support goes, I am an Apple Certified Support Specialist and I have an indepth working knoweldge of their support practicies through talking to other Support Specialists and through information Apple chose to share in meetings. Apple's support is criminally inept. They tell customers support will do certain things for them that support cannot do and the support agent will not stand by their statement. Besides giving false information to users they also work the system to get that amazingly high customer satisfaction rating by badgering customers until they agree that they received excellent support and they're totally happy. There are a lot of other issues to do with hardware replacement and lies and manipulation by the Apple Stores. In a nut shell, do not trust Apple. I'm not saying don't buy them, that's your choice. I'm saying that they are, in my experience, not trustworthy and that's a bad place from which to start a business relationship.

Apple are great designers and innovators, but I totally agree that they lie to and badger customers, all for the main purpose of profit - A company in this position should be careful of being too greedy.

I have had so much trouble with a macbook pro in the past and the support by Apple was shocking beyond belief. There was actually a recall for my model globally, but when I took it into an iStore, they said to me that although there was a recall, the problem did not apply to me. So in other words I ended up with a very large brick. Companies like that don't position themselves well in people's minds - they can never be trusted. And I will never buy another Apple product based on my experience with unreliability of hardware, software and support by Apple.

[QUADICON]

Doesn't thi mean Apple is liable for the lot in all the gusy data? I mean it was them who gave the provate informaion away. Hmmmm!

I smell a lawsuit, unless Apple has already offered some hush money.

[JamesVelasquez]

CeLtiKo, on 05 August 2012 - 07:24 AM, said:

able to get access to my ISP email account password

Dont even use your ISPs email account, because you dont own it once your account is closed, use google or buy a domain name that you can forward your email to another address

[ronin7752]

ScottTheTechguy, on 05 August 2012 - 07:55 AM, said:

OR....it's an Apple employee / inside job that hacked his account.

I keep telling people this is what is happening, at Apple, Yahoo -- all of them. I've seen too many relatively difficult passwords "cracked" for it to be social engineering or brute force... But no one believes it....