By John Gruber
1Password — Secure every sign-in for every app on every device.
Mat Honan:
But what happened to me exposes vital security flaws in several customer service systems, most notably Apple and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.
★ Monday, 6 August 2012