08-09-12 07:11 AM
29 12
tools
  1. Maxxxpower's Avatar
    The AppleID account of a journalist was hacked via social engineering. His iPhone and Macbook were erased and locked. As we all know, Blackberry Protect offers similar locking/erasing options. Does anybody know how hard it would be to get access to a Blackberry account with the help of the Blackberry support? Which data do they ask for to give you a new password to access the BB ID?

    How Apple and Amazon Security Flaws Led to My Epic Hacking | Gadget Lab | Wired.com
    08-07-12 05:35 AM
  2. GTiLeo's Avatar
    Its pretty hard to hack a berry, how hard I can not tell you but RIM prides itself on its security and apple is to stupid to do the same.

    Although its nice to see a bit of negativity that goes around apple
    08-07-12 06:15 AM
  3. GTiLeo's Avatar
    Was that the same guy twitter account got hacked? The same piece of crap guy that spread bull about RIM? If so this roaster smoker deserves everything he got. Karmas a mofoking female dog in heat
    08-07-12 06:28 AM
  4. californiablackberry's Avatar
    I'm still shocked how popular the story got. I read it on Gizmodo they day it a happened. That's why I don't use any cloud service.

    Sent from my DROID RAZR using Tapatalk 2
    08-07-12 06:31 AM
  5. Heavy Fluid's Avatar
    That is pretty scary. I don't want to live my life in fear, but that is pretty much how I do it now.
    Cathyxx724 likes this.
    08-07-12 06:58 AM
  6. GTiLeo's Avatar
    That's what happens in a world ruled by computers and mobility. That's why I believe RIMs security is so under rated. Soon banking will be done using mobile devices and we will need a secure mobile to do this. This is something berries do better then anyone
    08-07-12 07:06 AM
  7. xandermac's Avatar
    It was hacked by talking to and fooling Apples free AppleCare customer support team. Try calling RIM customer support, it'll cost you $40. I doubt many Hackers would pay that.
    08-07-12 07:08 AM
  8. JasW's Avatar
    The devices weren't hacked, the Apple account was. The problem is that one Apple ID controls access to everything, the purchase of music, apps, movies, and even laptops in the App Store/iTunes, as well as iCloud (which lets one do remote wipes). Is BlackBerry ID that different? A single BlackBerry ID controls access to many of the same things.
    amazinglygraceless likes this.
    08-07-12 07:44 AM
  9. Cozz4ever's Avatar
    " That's what you get. I own several Apple products but the phone must always be a Blackberry."

    08-07-12 07:53 AM
  10. Maxxxpower's Avatar
    The devices weren't hacked, the Apple account was. [...]. Is BlackBerry ID that different? A single BlackBerry ID controls access to many of the same things.
    That's it. In case of the BB ID, all I found out was the option to send a new password to the existing email adress, but no phone support or anything else which could be fooled by users who stole your data. It would be interesting if Kevin or any other "pro user" could try to find out whether hacks like the one described would work with a BB ID.
    08-07-12 08:11 AM
  11. Branta's Avatar
    Both the user AND Apple's iCloud support were grossly negligent in this case. A single vulnerability (single login) predictably gave access to everything. Put all the failures together and it was always a disaster waiting to happen.

    Could this happen to a BlackBerry? Probably not on the same scale because it is less likely all devices would be behind common login details, but everything hangs on the motivation of the user to use diverse passwords and protect the other clues which could be used by hackers to facilitate an attack through the human element.
    Laura Knotek and bungaboy like this.
    08-07-12 08:25 AM
  12. Sith_Apprentice's Avatar
    Steve Wozniak: Cloud computing will lead to 'horrible problem'

    this does express (at a basic level) the dangers of cloud computing. The more things are linked together, the more a single vulnerability can affect them all.
    Last edited by Sith_Apprentice; 08-07-12 at 08:33 AM.
    bungaboy likes this.
    08-07-12 08:30 AM
  13. ynomrah's Avatar
    This is much less likely to happen the exact way outside of the loophole provided by apple and amazon. But I wouldn't completely rule out the possibility of similar loopholes existing elsewhere though.

    Sent from my SAMSUNG-SGH-I717 using Tapatalk 2
    amazinglygraceless likes this.
    08-07-12 08:40 AM
  14. antheauxny's Avatar
    I must be the only one that doesn't really consider this "hacking."
    All they did was make a phone call to get the information. Lol. That's a screw up on the customer services behalf, not Apple as a whole in a sense.
    The device itself wasn't hacked.
    But that's just my opinion.


    Sent from my iPhone 4S using Tapatalk
    amazinglygraceless likes this.
    08-07-12 10:29 AM
  15. GTiLeo's Avatar
    Maybe this is the reason RIM hasnt brought out a cloud feature and opts to use bfidge and cables
    08-07-12 10:36 AM
  16. Sith_Apprentice's Avatar
    I must be the only one that doesn't really consider this "hacking."
    All they did was make a phone call to get the information. Lol. That's a screw up on the customer services behalf, not Apple as a whole in a sense.
    The device itself wasn't hacked.
    But that's just my opinion.


    Sent from my iPhone 4S using Tapatalk

    +5000

    This is a social engineering attack, thats all it is.
    bungaboy likes this.
    08-07-12 10:44 AM
  17. hondateg91's Avatar
    This is why I don't put anything up in the cloud. It all stays on my laptop or sd card and will transfer files when needed.
    08-07-12 10:47 AM
  18. hornlovah's Avatar
    Hopefully, RIM will implement a cloud-based backup solution where all encryption/decryption is performed locally. and two-factor authentication is required. If a cloud provdier does not have access to your encryption keys, they can't give them away.
    08-07-12 12:39 PM
  19. Sith_Apprentice's Avatar
    Hopefully, RIM will implement a cloud-based backup solution where all encryption/decryption is performed locally. and two-factor authentication is required. If a cloud provdier does not have access to your encryption keys, they can't give them away.

    They have had this for quite some time. BES performs this already. Also I believe that all data through BB Protect is encrypted as well. It does not have two factor authentication (and that would be more difficult to implement) but the other points are there.
    bungaboy likes this.
    08-07-12 12:41 PM
  20. hornlovah's Avatar
    They have had this for quite some time. BES performs this already. Also I believe that all data through BB Protect is encrypted as well. It does not have two factor authentication (and that would be more difficult to implement) but the other points are there.
    Yes, but it would be an attractive feature for non-BES users too.
    08-07-12 12:44 PM
  21. Sith_Apprentice's Avatar
    Yes, but it would be an attractive feature for non-BES users too.
    But my point is that it exists, and has for some time. BES for business users does this, and BB Protect for BIS users.

    http://forums.crackberry.com/general...8/#post7522186
    08-07-12 12:46 PM
  22. hornlovah's Avatar
    But my point is that it exists, and has for some time. BES for business users does this, and BB Protect for BIS users.

    http://forums.crackberry.com/general...8/#post7522186
    I would like to see a more comprehensive backup offering for BIS users, and one that could be used by encrypted devices, unlike BB Protect. Two-factor authentication would be essential.
    08-07-12 12:58 PM
  23. jegs2's Avatar
    In response, Apple issued a temporary password. It did this despite the callers inability to answer security questions I had set up. And it did this after the hacker supplied only two pieces of information that anyone with an internet connection and a phone can discover.
    Yeah, that's pretty inept.
    bungaboy likes this.
    08-07-12 12:58 PM
  24. Sith_Apprentice's Avatar
    I would like to see a more comprehensive backup offering for BIS users, and one that could be used by encrypted devices, unlike BB Protect. Two-factor authentication would be essential.
    What do you mean more comprehensive, what features are you looking for (as an example)? Encrypting the devices can be done by anyone as well, its an option built into the OS, as is encrypting the media card. RIM makes this quite easy.

    Two factor authentication should be an option I agree, though implementing that exactly is another story entirely.
    08-07-12 01:43 PM
  25. FreeJACLive's Avatar
    The biggest issue was his MAC was wiped via iCloud (find my MAC) as there was no 2 factor authentication preventing it. Steve Gibson of Gibson Research is recording a podcast as I type this detailing the hack. Interesting stuff. He is saying the last 4 digits of your credit card is all Apple Care needs to send a re-set temporary password for your Apple ID.
    Last edited by FreeJACLive; 08-08-12 at 03:04 PM.
    08-08-12 03:01 PM
29 12
LINK TO POST COPIED TO CLIPBOARD