August 5th, 2012 • 3:08 pm
Many people are linking to this post by Mat Honan about how he was hacked and got his iPhone, his iPad and his MacBook Air remotely wiped, and his Gmail account was compromised as well (because his iCloud e-mail address was his back-up e-mail address for his Gmail account).
This situation raises a number of important questions. It seems to show that building a computer ecosystem that is entirely reliant on cloud-based services such as iCloud and Gmail can be risky indeed — even when using several different ones simultaneously and not just a single one for everything. My own distrust of “free” services such as iCloud and Gmail goes back many years. When Apple first introduced @mac.com e-mail accounts, I quickly grabbed my own, and started using it for all kinds of things instead of the e-mail account provided by my Internet Service Provider. Then I discovered that Apple had started using junk mail filtering without any kind of user consent and that the junk mail filtering was producing false positives that effectively made important e-mail messages disappear into the ether, with no notice whatsoever either to the sender or to the recipient.
That was totally unacceptable to me and I soon decided to purchase my own domain name and my own e-mail and web hosting service with a third-party. There was no junk mail filtering that I could not control, and I no longer relied on a company that was not (and still is not) known for its transparency in its communications with its customers.
I still have that @email@example.com account, of course, but I don’t use it for anything really important. Ditto for my Gmail account.
I also did not activate the “Find My Mac” and “Back to My Mac” features on my desktop Mac Pro, even though it is also otherwise connected to my iCloud account. That might restrict what I am able to do remotely, but it seems to me that the convenience of such features must be weighed against the significant risks that they present. Of course, everyone’s situation is different and some people might really need the flexibility afforded by remote-controlling their home desktop. But when a “Remote Wipe” is just a click away (once you’re logged in), it really does make you think twice.
Now, one of the fundamental issues here is that the hacking that Mat Honan was a victim of was not password-related. The hacker got into his account thanks to“some clever social engineering that let them bypass security questions”. This will need to be clarified further before we can draw any conclusions regarding the relative vulnerability of our iCloud accounts. However, I cannot help but notice that some people took this case as another excuse to jump on the “bad passwords” bandwagon. Take Julie Ng:
As Mat’s case demonstrated, we’re often only as safe and secure as our passwords.
So yourself a favor and buy 1password and let it generate all your passwords for you. I use it and their browser plugins everyday to access all of my digital services.
I am a regular user of 1Password myself and have sold other people on it. But contrary to what Julie Ng seems to imply, such a tool is not the ultimate solution. Take the iCloud/iTunes situation, for example. There are many contexts other than web pages (the iTunes application itself, for instance) where Apple regularly asks you to re-enter your Apple ID password. In these other contexts, 1Password is of limited help. As noted in this forum thread, the only solution is to copy the password from 1Password using the Clipboard and then paste it in the appropriate location — assuming that it is actually possible to use the Clipboard in that location. And, lest we forget, on the iPhone/iPad, the 1Password app is nowhere near as convenient as it is in OS X, since it cannot autofill things for you in Safari. Here again, you have to copy/paste, and copying/pasting is even less convenient in iOS than it is in OS X.
Because of this situation and because Apple asks for your Apple ID password on a regular basis in various contexts, it takes a lot of dedication and patience if you really want to use a complex password generated by 1Password that no one will ever be able to crack. As an example, the password that is generated by 1Password in Julie Ng’s screen shot is “HW;ulbe35^N”. Does anyone seriously think that this is the kind of password that an Apple user might be willing to memorize and retype regularly from memory?
Of course not. And so, if you really want to be able to use Apple’s products, unless you are truly cautious and willing to do a lot of back-and-forth between 1Password and other applications, you end up choosing a simpler password that you can actually memorize. And that makes your iTunes/iCloud account significantly more vulnerable.
Again, Mat’s account was not hacked by a hacker who cracked his password. But that just confirms that password management software is not the solution to all security problems either. No matter how secure your password is, if hackers can bypass security questions and retrieve your “forgotten” password anyway, you are not safe. And over the years we have created for ourselves a complex web of services that are all connected to each other in some way, because we have used the same password for different services, because we have used the same e-mail address to register for those services, because they all have a certain amount of our personal information that could be used to identify us, etc.
I don’t think there are any easy solutions here. But I do worry about the fact that systems that regular require you to retype your password end up forcing you to choose easy-to-remember passwords that are easier to crack.