
Where the Apple accounts that hackers are threatening to wipe came from - MandieD
https://www.troyhunt.com/heres-where-the-apple-accounts-hackers-are-threatening-to-wipe-came-from/
======
nodesocket
Password reuse is still a huge problem. Even my friends who are somewhat savvy
(not professionally in tech) don't know what a password manager is or use one.

~~~
rhcom2
The response I get from even savvy tech people is like I just told them they
really should be flossing more.

~~~
astrodust
It's like when a dentist tells you that it's ideal to brush three times a day
after meals, plus once more in the evening.

~~~
mirimir
Sure, but then an honest dentist told me that what's most important is
flossing and brushing before bed.

So what's the analogous tl;dr for account management? Don't use passwords like
"mysecretpassword", and don't reuse them?

~~~
tonyedgecombe
Then we find out flossing isn't much benefit: [https://www.theguardian.com/us-
news/2016/aug/02/dental-floss...](https://www.theguardian.com/us-
news/2016/aug/02/dental-floss-proof-works-guidelines-dropped)

~~~
mirimir
Well, when you're older, with iffy teeth, flossing removes trapped food that
will cause inflammation and pain, the next day. That's personal experience.

~~~
jdeibele
Sadly I have to upvote this based on personal experience.

Was reading this thread right after the thread on John Goodenough. There are
different things that happen as one gets older that one wishes didn't. Still,
it beats the alternative.

------
smaili
According to the article, _Football95_ is the top password.

Anyone happen to know why the reference to 95? I can't quite remember anything
particularly special about that year to make it a common password for people.

~~~
bigtimeidiot
I thought the same thing. In fact, many of the top 10 passwords look odd to
me: dthomas? disneyI (capital " _I_ ")? conrad76?

I have a hard time believing these are legitimately the most common passwords.
Compare that to a list like this:

[http://www.iflscience.com/technology/the-most-commonly-
hacke...](http://www.iflscience.com/technology/the-most-commonly-hacked-
passwords-in-2016-were-painfully-obvious/).

~~~
r00fus
From that link - can someone explain this one to me?

20\. 3rjs1la7qe

Seems like a word but not sure which language. Only interesting password in
the list.

~~~
hackjosh
It's not a word, it's a keyboard walk. Fairly clever one too.

~~~
Buge
How is that a keyboard walk?

------
djrogers
Great analysis Troy! It's good to see real data to back up the most likely
(and least worrisome) scenario.

------
peterwwillis
The standard hacker stereotype is of kids in basements, which the author seems
to propose here, but most hackers who commit crimes are in their 20s-30s. (I
have no direct evidence of this except the majority of public
arrest/sentencing of cyber criminals, and generally people in the blackhat and
organized crime scenes are not teens) The bravado thing is less a factor of
being young, and more that a ton of cyber criminals have comically inflated
egos.

~~~
eridius
Most hackers would also recognize that demanding ransom from Apple in exchange
for not wiping accounts isn't likely to be very effective and may have some
negative consequences (e.g. being caught and getting beaten half to death by
their victims). I have no trouble believing that the culprits here are likely
to be pretty young.

~~~
ProblemFactory
The threat of wiping accounts was silly in the first place. The hackers have
user passwords, not access to Apple infrastructure. So they log in as the
users, delete files from iCloud... and Apple restores files from yesterday's
backup. They could cause a lot of hassle for the users and Apple customer
support, but not wipe accounts.

~~~
0x0
Or they issue a "lost device - remote wipe" via find my iphone / find my mac.
No restoring from that for mat: [https://www.wired.com/2012/08/apple-amazon-
mat-honan-hacking...](https://www.wired.com/2012/08/apple-amazon-mat-honan-
hacking/)

It's a shame you can't have Find My Mac active without also allowing remote
wipe. So I disabled Find My Mac for myself.

~~~
valuearb
Did you just link to a 5 year old story?

~~~
yjftsjthsd-h
Has the situation changed?

------
janwillemb
It took me some time to parse the title. Isn't the original - clickbaity -
title better?

~~~
glandium
The only difference between the titles is "Here's", which doesn't make much
difference to make it more parseable.

Took a while, but finally got it: "where the Apple accounts (hackers are
threatening to wipe) came from"

Interestingly, now that I parsed it, I can't see why it took so long.

That said, "where the Apple accounts that hackers are threatening to wipe came
from" would likely have been more obvious.

~~~
simonbarker87
Yeah, it definitely needs the "that" added in, took me a couple of minutes to
work out what the title meant

------
jacquesm
How come the twitter account of these assholes is still operational?

Twitter should not allow their platform to be used by self professed
criminals.

~~~
CamperBob2
Ask any cop how much easier his job is since YouTube came along.

