

How Apple and Amazon Security Flaws Led to My Epic Hacking (2012) - Hydrus
http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/

======
teh_klev
From last time around:

[https://news.ycombinator.com/item?id=4347985](https://news.ycombinator.com/item?id=4347985)

~~~
omnibrain
OT: how do you resubmit stuff? I occasionally stumble upon stuff that had been
submitted previously but for some reason failed to gain traction. If I try to
submit it again the submission page only takes me to the previously submitted
entry.

~~~
Alphasite_
In this case they're different URLs. But I believe generally the easiest way
is to append some nonsense parameters to the url.

[http://www.wired.com/2012/08/apple-amazon-mat-honan-
hacking/...](http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/)
[http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-
hona...](http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-
hacking/all/)

~~~
kefs
> _the easiest way is to append some nonsense parameters to the url_

I would advise against that...

[https://i.imgur.com/XwzNt0Q.png](https://i.imgur.com/XwzNt0Q.png)

------
mct
(From 2012)

~~~
opless
I was just about to comment on that.

~~~
kissickas
Didn't you?

~~~
ndr
Then he/she did.

~~~
hell-banned1
Cao I join the downvote train?

------
fafner
Enable 2FA everywhere is good advice.

The big issue for me though is Twitter. It does not support 2FA with FreeOTP
(or the proprietary Google Authenticator). I don't want to install the Twitter
App or hand over my phone number for privacy reasons.

~~~
kosinus
Even with the Twitter app installed, I cannot enable 2FA.

I also do not get the option to enable 2FA with Apple when I log into the
Apple ID site and go to the menu they instructed me to in the FAQ. The whole
section they're talking about is just not there.

They're both failing if you ask me. And that also counts for the celebrity
leaks; I blame the hacker first, and providers second. Especially with Apple,
who push you to give them so much of your data, and then doesn't take the
security of its customers seriously.

Heck, it doesn't matter that Google Authenticator is proprietary. The protocol
it uses is open, and there are open-source apps implementing it. There really
is no excuse.

------
atmosx
"[...] And worst of all, my AppleID account was broken into, and my hackers
used it to remotely erase all of the data on my iPhone, iPad, and MacBook.
[...]"

Backup, backup and again back-up!

------
arcticf0x
Yep, this is so old but enjoyed reading it considering the recent nude
celebrity picture leaks.

------
thenduks
A good reminder to go and tell your friends/family "Run, don't walk, to backup
all of your important data right now." and hand them an external hard drive.
2FA + a password manager and whatnot would be a good idea, too :)

------
joeyspn
Timely refloat... I still remember this as if it was yesterday...

------
jonifico
-Backs up all of his computer, changes all passwords and enables 2FA everywhere- It's in times like this I feel good I'm a nobody in the internet.

------
jug5
Makes me laugh every time

