Bit Bucket

It’s actually two favors.  This only applies if you:

1. Have an iPhone/iPad/Mac
2. Have an Amazon Account

If you don’t have both of those, then keep scrolling.

This is in response to Mat Honan’s hack. I also would like your help, Internet friends, in spreading this around. It’s a response to the hack, but it won’t totally prevent you from being hacked, it just prevents you from being hacked like Mat was this time.

1) Do not share a credit card’s information with both Apple and Amazon. In this case, Mat used the same card in both places (in fairness to Mat, before tonight, so did I) and that lead to his undoing. The hackers used the last four digits of his card on file at Amazon, and its attendant billing address, to fool the people at Apple into believing that’s who he was.  Apple then turned over his account to the person who could identify those basic pieces of information.  If you use one credit card at Apple, use a different one with your Amazon account. Just go in, change ‘em round so that if Apple has your card, Amazon doesn’t. Just for a while here until policies change.

2) Turn off Find My Mac for any laptop or desktop computers. Until such time as Apple has dealt with this vulnerability, we no longer trust Find My Mac to be worth the potential risk. Your data - even backed up properly - is too important to risk to this potential attack vector until additional information is available. As secondary devices, your iPhone or iPad can be much more quickly restored in the event of damage like this, but if you can’t afford to be without your cellphone, you should turn this off, as well.

These aren’t final solutions, security is an ever evolving thing, but these two tips are important right now.