This is from [Link: wired.com], which in turn I saw in an email from Newbay Media. I don't know if it's a shill for selling something, but if it's just true, it's horrifying and even more horrifying that people have claimed Apple products are not subject to hacking... or was it just not subject to viruses... or was it just that the amount of people with Apple products is low enough that hackers don't want to bother, though it's possible and maybe easy, to hack Apple products?

I don't yet feel neutral about the cloud: I don't trust it yet.

edit: added "subject to" in title. It sounded like an insult before!

Yes. If it's connected to the internet it is compromise-able. What you quoted, however may have nothing to do with hardware or OS specifics. If you can't protect your usernames/passwords you're going to be in for a world of hate reigned down on you by just about any pimply faced junior high school hacker wanna be.

I've scared a few clients and proctors in my day...gaining access to their non-broadcasting and protected network and then printing them off an invoice from my laptop to their wifi printer. Gained access to proctors network and messed around with his/her computer presentations. I don't care what you have, it's breach-able by someone.

In that story it wasn't the device that was hacked, it was the account. That is what gave access to do all that damage. The 'remote wipe' option just seems nutty to me, but I don't keep anything that sensitive on my phone/laptop.

Also, I have a hard time using the term "hacked" when someone just logs in with the proper credentials...

Right.  The point I think they were trying to make is that you could have the account password reset with the most basic information.  Things that would take a short amount of time using Google to find.

Oddly, the problem in the system was the human factor, not the computer.

I agree with JimStolz, definitely not a "hack".

Apple hacking or virus attacks have always been about marketshare or return on investment (virus author's time investment). We saw the same trend in corporate and carrier networks. Exploits focused on Cisco attacks because of their market share. Virus authors would much prefer to impact 5 million users than 50000.

As Apple's marketshare increases they will also show up more on attacker's radars.

Not at all odd. When you consider the quantity of unique passwords that a person must remember, write down where someone can read it, or store it in the computer where someone can find it, the human element suddenly looms large.


You're being technical, just as I am when I say an adaptor from RG59 to a pair of a CAT5 is not a balun. But most people call them baluns anyway, and LOTS of people use the term "hack" to refer to getting into a computer when you're not supposed to, no matter how simple or difficult the procedure.

Right, what I'm saying is that you've expressed your concerns with 'the cloud" several times previously.  In all reality, they got the guys information by making a phone call to Apple and pretending to be him.  More of a prank call than high tech high jinx.  

there are less viruses for Apple because it is has a snaller market. But yeah, Apple fanboys will tell you that they don't exist/can't be hacked. Honestly in that way they are worst because those guys don't take the right precautions.

As for this, who really knows if it is a hacked account or a virus on his computer, it could be like when people post on here about Daniel adding popup or other such ads on the site when in reality their device was infected and the virus is bringing in the ads

This isn't about viruses or keyloggers. If you read the article, the victim (who is a tech reporter for the website Gizmodo) is contacted on Twitter by one of the hackers, receives a rather detailed explanation of how his account information was obtained, reset, and accessed, and then proceeds to use the same techniques to access and reset another account to verify that said method does indeed work:

"After coming across my account, the hackers did some background research. My Twitter account linked to my personal website, where they found my Gmail address. Guessing that this was also the e-mail address I used for Twitter, Phobia went to Google’s account recovery page. He didn’t even have to actually attempt a recovery. This was just a recon mission.

"Because I didn’t have Google’s two-factor authentication turned on, when Phobia entered my Gmail address, he could view the alternate e-mail I had set up for account recovery. Google partially obscures that information, starring out many characters, but there were enough characters available, m••••[email protected]. Jackpot.

"This was how the hack progressed. If I had some other account aside from an Apple e-mail address, or had used two-factor authentication for Gmail, everything would have stopped here. But using the .Me e-mail account as a backup meant told the hacker I had an AppleID account, which meant I was vulnerable to being hacked.

"Since he already had the e-mail, all he needed was my billing address and the last four digits of my credit card number to have Apple’s tech support issue him the keys to my account.

So how did he get this vital information? He began with the easy one. He got the billing address by doing a whois search on my personal web domain. If someone doesn’t have a domain, you can also look up his or her information on Spokeo, WhitePages, and PeopleSmart."

I notice the gizmodo writer calls it a hack. That's what I meant.