Mat Honan had his digital life dissolved by hackers

MatHonan v4edit

Don’t let this happen to you. Here’s Mat Honan writing for Wired on How Apple and Amazon Security Flaws Led to My Epic Hacking.

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

Mat Honan is a tech journalist. You would think Mat would have his cyber defenses well-secured. He did not. Study what happened to Mat so you can do whatever you must to protect yourself from a similar fate.

 

For a concise summary of how Honan was hacked read this: Apple Responds To Journalist Victim of “Epic” Apple ID Hack Apple responded today to Honan via a spokesperson, Natalie Kerris. In a statement to Wired, where Honan posted an account of his experiences, Apple promised to look into how users can protect their data and security better when they need to reset their account passwords.

“Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password,” said Apple, via Kerris. “In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected.”

This all happened because the hackers were able to get a hold of Honan’s email address, his billing address and the last four digits of a credit card he has on file. Once the hacker had this info, he or she called Apple, asked for a reset to the iCloud account in Honan’s name, and was given a temporary password.

“In many ways, this was all my fault,” Honan wrote. “My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz.”

The real problem here, he noted, is that the companies he relied on to keep his data safe have competing security practices. “In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification,” he wrote. “The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.”

If you have protected all your accounts and devices with 1Password – in particular with unique strong passwords, then you are well on your way securing your digital life. If you are not using 1Password or similar state of the art password management then you need to fix that right now.

Pro tip: do NOT use the same username for sensitive logins. If you use say ‘janedoe@gmail.com’ for both Amazon and Google you have made life much easier for the Russkie mafia. When they seduce customer support to help them get your Amazon password they are almost home. If your Google account uses a different email/username and a different strong password, then the mafia hackers have to start over to break into your Google. Gmail is happy to give you a unique email address for every one of your sensitive accounts. Use them.

Greg Koenig: How Apple Makes the Watch

Making the watch

Greg Koenig is investigating the secrets of Apple’s manufacturing superpowers. His latest walkthrough “How Apple Makes the Watch” is a detailed narration of what we see in the Apple Watch Craftsmanship videos. 

Apple is the world’s foremost manufacturer of goods. At one time, this statement had to be caged and qualified with modifiers such as “consumer goods” or “electronic goods,” but last quarter, Apple shipped a Boeing 787’s weight worth of iPhones every 24 hours. When we add the rest of the product line to the mix, it becomes clear that Apple’s supply chain is one of the largest scale production organizations in the world. 

While Boeing is happy to provide tours of their Everett, WA facility, Apple continues to operate with Willy Wonka levels of secrecy. In the manufacturing world, we hear rumors of entire German CNC mill factories being built to supply Apple exclusively, or even occasionally hear that one of our supplier’s process experts has been “disappeared” to move to Cupertino or Shenzhen. While we all are massively impressed with the scale of Apple’s operations, there is constant intrigue as to exactly how they pull it all off with the level of fit, finish and precision obvious to anyone who has examined their hardware.

This walkthrough is a detailed narration of what we see in Apple’s Watch Craftsmanship videos. Of course, we only get to see a mere fraction of the process; I’ve tried to provide plausible explanations for the likely steps taking place between the processes shown on film, but these are assumptions and are included only to provide a more satisfying and complete narration.

Check out the videos — I kept Greg’s walkthrough handy on my iPad for reference. Next I’m going to study “How Apple Makes the Mac Pro”. To keep up with Greg follow @gak_pdx.

Mobile Trends to Keep In Mind

Frederic Filloux

On mobile devices, the Average Revenue per User should be a critical component when shaping a mobile strategy. First, let’s settle the tablet market question. Even though the so-called “cheap Android” segment ($100-150 for a plastic device running an older version of Android) thrive in emerging markets, when it comes to extracting significant money from users, the iPad runs the show. It accounts for 80% of the tablet web traffic in the US, UK, Germany, France, Japan, and even China (source: Adobe.)

Horace Dediu: The Innovator’s Curse

Thanks to John Gruber for this brilliant allegory: Horace Dediu: The Innovator’s Curse

I somehow missed this Horace Dediu piece from back in August (even though I linked to and commented upon his follow-up piece):

But just like Disruption Theory is beautifully illustrated through the ageless David vs. Goliath parable, The Innovator’s Curse is but a retelling of this fable:

A cottager and his wife had a Goose that laid a golden egg every day. They supposed that the Goose must contain a great lump of gold in its inside, and in order to get the gold they killed it. Having done so, they found to their surprise that the Goose differed in no respect from their other geese.

Even if the cottagers were naive enough to have faith in the replicating miracle of golden egg laying geese, wise men would quickly advise them to kill it and get the gold more quickly. The Goose is doomed no matter what.

The regularity of the goose in the parable makes its owners seem more obviously foolish. Imagine instead a goose that lays golden eggs not every day, but only every once in a while, with an unpredictable and irregular periodicity. That’s Apple.

iOS 7 Locks Stolen iPhones to Prevent Resale

Glenn Fleishman at TidBits:

In the June 2013 announcement of iOS 7, Apple emphasized changes in the Find My iPhone app and service. With good reason: the new version makes any iOS device far less attractive to steal, erase, and resell, plus it provides more location-tracking data. These improvements should reduce thieves’ interest in iOS devices because they won’t be easy to sell or fence, and might help law enforcement track down less-wary criminals more often.

Apple added this feature because mobile carriers (at least in the United States and several other countries) have shown little interest in helping their customers recover stolen mobile phones or eliminate the value of those phones at resale. Both GSM and CDMA phones have unique, burned-in hardware identifiers — the IMEI and MEID, respectively — and carriers know which ID is associated with your account. If you report a phone as stolen, the carrier could prevent that ID from being reactivated, provide you with information about its location, notify law enforcement, seize it when brought into a store, and so forth. Carriers do essentially none of that.

As a result, expensive smartphones with high resale value, like the iPhone, have become desirable targets for thieves, and account for a significant percentage of serious crimes in many cities. For instance, cellphone-related thefts accounted for 41 percent of serious crimes for six months earlier this year in San Francisco, 40 percent of robberies in Washington, D.C., and over 50 percent of all street crime in New York City.

With iOS 7 and Find My iPhone, Apple now has the technology to stop iOS device theft in its tracks, although the company couches these capabilities in terms of “lost” iPhones, not stolen ones. No one wants to think about theft, but we all misplace things. 

Android fragmentation

NewImage

The latest Android, iOS data from OpenSignal makes my head hurt. There is much more analysis in the report – but these two figures capture some of the pain that Android developers suffer. The graphic below shows the variety of screen sizes/resolutions that full Android support requires.

NewImage

The bottom line is that Android devices are pushed by carriers – who have NO incentive to keep their customers up to date on the latest OS version. 

Apple – Making a difference. One app at a time.

Each iOS app offers remarkable — and often delightful — possibilities. But the most powerful iOS apps ever are ones that change people’s lives in ways they never imagined. 

This is pure Apple promo, but we really enjoyed the video – the iPad is a versatile, rugged tool for deploying innovations to places and people who need help: from rural Kenya healthcare to controlling prosthetic legs. Check it out…

Android Fragmentation

John Gruber:

Jonny Evans, reporting for Computerworld:

The BBC Trust today responded to a complaint the broadcaster favored iOS devices when it comes to adding features to its catch-up on demand iPlayer service for Android phones. This complaint was rejected because the Trust found “no evidence” to suggest iOS had been “unfairly favored.”

Instead of pro-Apple favouritism, the Trust found a series of quite logical reasons why Android lagged iOS when new features were added to iPlayer, mostly surrounding the “complexity and expense” of developing for Android.

The company also noted a couple of other logical reasons why developers dealing with limited time and budget would opt for Apple’s mobile OS:

Engagement is higher on Apple devices

Android is fragmented

Android development is complex and expensive

OK, but other than that, how did you enjoy developing for Android, Mrs. Lincoln?

 

Fraser Speirs: iPads and PCs, Beyond Consumption vs Creation

This is a seriously useful analysis by Fraser Beyond Consumption vs Creation – what do you think?

When the iPad first launched, many people reached for a quick analysis that it was a device “only for content consumption”. Despite time and experience having proven those people quite obviously wrong, the debate seems to persist as to what the iPad is, precisely, for.

My own opinion is that the iPad is for about 80% of all tasks you can conceivably do on a computer. I have never thought of the iPad as a distinct entity requiring a total first-principles relearning of what it means to use a computation device.

As I've written before, the question what you want to do with your computer has never had more impact on exactly the device you should buy. Therefore, it's still relevant and worthwhile to ask the question of the iPad: what are you capable of, and what are you best at? Further, as the iOS ecosystem has developed, another question: if I add these accessories to you, what can you do now?

Still, I feel that the consumption/creation split is far too simplistic a curve to grade these devices on. It recognises almost nothing about the user's task beyond whether it's an input task or an output task. There's far more subtlety that we can reach for.

I'd like to propose a more useful pair of axes on which we can place these devices – smartphones, tablets and traditional PCs – than simply consumption/creation. I've been thinking about this for some time and I think it has some usefulness.

Task Complexity vs Task Duration

I'd like to propose that we can look at the 'sweet spot' for each type of device along two axes: task complexity and task duration. Task duration is the more obvious of the two: how long of a continuous period will you be using your device for the task.

Task complexity requires a little more unpacking. When I talk of “complexity”, I'm looking at a combination of factors that make a task complex:

  • The number of steps to completion
  • The extent to which you're combining data from multiple sources
  • The amount of data that is being manipulated
  • The linearity or otherwise of those steps – the less linear, the more complex the task

There may be other types of complex task that I haven't thought about. The exact specifics don't matter too much but these give you the general idea.

Given that, here's a chart of how I think about the 'sweet spot' for each type of device.

So what does this chart really say?

I place smartphones near the origin. They're good for simple tasks done for a middling duration or tasks of moderate complexity for a short period. For example gaming, which is a fairly non-complex task, can be quite acceptable on a smartphone for a reasonable amount of time. On the other hand, editing a spreadsheet on an iPhone can be done but it's not something you'd want to do for a whole day of working. Many of the most effective phone apps that take you through a series of steps do so in a very linear and directed fashion.

The iPad section of the chart has a couple of notable features: the dog-leg area at the top-left and the area at the bottom-right of the chart. Let's dig into those.

Firstly, consider tasks of maximum complexity done over any duration: the iPad doesn't reach into that area of the graph at all. That's simply because there are some tasks of sufficient complexity that the iPad cannot currently be applied to them. The reasons are varied but fall into one of three areas:

  • The hardware is not powerful enough yet. Examples here would include managing an entire high-resolution photographic library in a hypothetical “Aperture for iOS”. The iPad simply doesn't have enough storage to make this possible, although the new 128GB iPad may well take a bite into some of these data-intensive tasks.
  • The software has not been written yet. An example might be doing some CAD/CAM design. Perhaps iOS doesn't offer all the APIs required for some apps yet. We can hope that iOS 7 will start to eat into some of these tasks.
  • App Store policy doesn't allow it. The classic example here is all the programming tools that we might wish to have on iOS which can't be brought wholly to iOS until policy changes.

Similarly, there are tasks of low-to-medium complexity that can be adequately performed on an iPad for long periods of time. Examples might include annotating PDF documents with some of the excellent PDF apps on iOS, or managing photos in iPhoto, composing music in GarageBand, reading iBooks and so on.

In the middle of the chart lies a broad area of tasks which are moderately complex, done for moderate amounts of time. This is where iPad excels and why it is such an excellent computer for schools. I've never argued that any current or past iOS device can “do everything” – patently, it cannot – but I do argue that it can handle 95-100% of everything a computer is typically called on to do in a school setting. The majority of our classes now use iOS exclusively, despite easy access to Mac laptops being available.

Finally, there remain several tasks for which computers are used which tablets remain unsuitable for the reasons listed above. Simply think of the apps that are missing from iPads: Final Cut Pro X, Aperture, Logic Pro, iBooks Author, Adobe Photoshop. These tasks – for now – remain the preserve of the traditional “desktop-class” PC (in which category I include laptops).

For the whole story, please read the Source: http://speirs.org/blog/2013/3/4/beyond-consumption-vs-creation.

Horace Dediu: Apple is approaching Samsung capital expenditures

Horace Dediu has been writing an important series on Apple and Samsung capital structure. In his 12 Dec 2012 post Horace compares 2006 – 2012 capital expenditures

In the post reviewing Samsung’s Capital Structure I noted that its component divisions have historically taken 90% of capital investments and that the overall capital intensity for Samsung Electronics has increased in proportion to its component revenues.

In another post regarding the capital structures of other technology companies with different business models I noted that Apple has changed its capital structure to a significant degree over the previous three years.

In the following graph I combined these observations to show how capital expenditure patterns may be used to discern the underlying business model.

That’s just a teaser tidbit. So go straight to the source for the Asymco analysis.  There is a lot going on here that is not obvious.

I consider this extraordinary evidence of an extraordinary shift in strategy.

(…) 

So what tale does this capital tell?