Comments on: Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password http://www.welivesecurity.com/2012/08/09/authentication-attacks-apple-amazon-icloud-google-anything-with-a-password/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: Terence Kam (eStrategyPro.com) http://www.welivesecurity.com/2012/08/09/authentication-attacks-apple-amazon-icloud-google-anything-with-a-password/#comment-1047 Fri, 10 Aug 2012 02:03:56 +0000 http://blog.eset.com/?p=14671#comment-1047 Also, with regards to doing offline backups, it is definitely a good idea.
But that will not help Mat Honan if the alternative and scarier scenario happenned:
 
The fact that the hackers wiped out his devices is not the worst that could happen. At least Mat knew he's hacked a few minutes after being compromised.
 
What if the hackers were more devious? They would have hidden the fact that he's hacked and slowly accumulate his identity information over a long period of time. With these secretly stolen id information, the hackers could have slowly destroyed his life (eg borrow money in his name, commit crimes with his identity, use his bank account as a mule for money laundering). It will be much more difficult to recover from such a 'slow‘ hack.
In this alternative scenario, backups wouldn't save him. He will have a much more diabolical problem!

]]>