The AppleID account of a journalist was hacked via social engineering. His iPhone and Macbook were erased and locked. As we all know, Blackberry Protect offers similar locking/erasing options. Does anybody know how hard it would be to get access to a Blackberry account with the help of the Blackberry support? Which data do they ask for to give you a new password to access the BB ID?
Was that the same guy twitter account got hacked? The same piece of crap guy that spread bull about RIM? If so this roaster smoker deserves everything he got. Karmas a mofoking female dog in heat
That's what happens in a world ruled by computers and mobility. That's why I believe RIMs security is so under rated. Soon banking will be done using mobile devices and we will need a secure mobile to do this. This is something berries do better then anyone
It was hacked by talking to and fooling Apples free AppleCare customer support team. Try calling RIM customer support, it'll cost you $40. I doubt many Hackers would pay that.
The devices weren't hacked, the Apple account was. The problem is that one Apple ID controls access to everything, the purchase of music, apps, movies, and even laptops in the App Store/iTunes, as well as iCloud (which lets one do remote wipes). Is BlackBerry ID that different? A single BlackBerry ID controls access to many of the same things.
The devices weren't hacked, the Apple account was. [...]. Is BlackBerry ID that different? A single BlackBerry ID controls access to many of the same things.
That's it. In case of the BB ID, all I found out was the option to send a new password to the existing email adress, but no phone support or anything else which could be fooled by users who stole your data. It would be interesting if Kevin or any other "pro user" could try to find out whether hacks like the one described would work with a BB ID.
Both the user AND Apple's iCloud support were grossly negligent in this case. A single vulnerability (single login) predictably gave access to everything. Put all the failures together and it was always a disaster waiting to happen.
Could this happen to a BlackBerry? Probably not on the same scale because it is less likely all devices would be behind common login details, but everything hangs on the motivation of the user to use diverse passwords and protect the other clues which could be used by hackers to facilitate an attack through the human element.
this does express (at a basic level) the dangers of cloud computing. The more things are linked together, the more a single vulnerability can affect them all.
Last edited by Sith_Apprentice; 08-07-12 at 07:33 AM.
This is much less likely to happen the exact way outside of the loophole provided by apple and amazon. But I wouldn't completely rule out the possibility of similar loopholes existing elsewhere though.
I must be the only one that doesn't really consider this "hacking."
All they did was make a phone call to get the information. Lol. That's a screw up on the customer services behalf, not Apple as a whole in a sense.
The device itself wasn't hacked.
But that's just my opinion.
I must be the only one that doesn't really consider this "hacking."
All they did was make a phone call to get the information. Lol. That's a screw up on the customer services behalf, not Apple as a whole in a sense.
The device itself wasn't hacked.
But that's just my opinion.
Sent from my iPhone 4S using Tapatalk
+5000
This is a social engineering attack, thats all it is.
Hopefully, RIM will implement a cloud-based backup solution where all encryption/decryption is performed locally. and two-factor authentication is required. If a cloud provdier does not have access to your encryption keys, they can't give them away.
Hopefully, RIM will implement a cloud-based backup solution where all encryption/decryption is performed locally. and two-factor authentication is required. If a cloud provdier does not have access to your encryption keys, they can't give them away.
They have had this for quite some time. BES performs this already. Also I believe that all data through BB Protect is encrypted as well. It does not have two factor authentication (and that would be more difficult to implement) but the other points are there.
They have had this for quite some time. BES performs this already. Also I believe that all data through BB Protect is encrypted as well. It does not have two factor authentication (and that would be more difficult to implement) but the other points are there.
Yes, but it would be an attractive feature for non-BES users too.
I would like to see a more comprehensive backup offering for BIS users, and one that could be used by encrypted devices, unlike BB Protect. Two-factor authentication would be essential.
In response, Apple issued a temporary password. It did this despite the caller�s inability to answer security questions I had set up. And it did this after the hacker supplied only two pieces of information that anyone with an internet connection and a phone can discover.
I would like to see a more comprehensive backup offering for BIS users, and one that could be used by encrypted devices, unlike BB Protect. Two-factor authentication would be essential.
What do you mean more comprehensive, what features are you looking for (as an example)? Encrypting the devices can be done by anyone as well, its an option built into the OS, as is encrypting the media card. RIM makes this quite easy.
Two factor authentication should be an option I agree, though implementing that exactly is another story entirely.
The biggest issue was his MAC was wiped via iCloud (find my MAC) as there was no 2 factor authentication preventing it. Steve Gibson of Gibson Research is recording a podcast as I type this detailing the hack. Interesting stuff. He is saying the last 4 digits of your credit card is all Apple Care needs to send a re-set temporary password for your Apple ID.