How should we judge a government?

In Malaysia, if you don't watch television or read newspapers, you are uninformed; but if you do, you are misinformed!

"If you're not careful, the newspapers will have you hating the people who are being oppressed, and loving the people who are doing the oppressing." - Malcolm X

Never argue with stupid people, they will drag you down to their level and then beat you with experience - Mark Twain

Never argue with an idiot, otherwise people won't know which one of you is the idiot.
Since light travels faster than sound, some people appear bright - until you hear them speak.

Why we should be against censorship in a court of law: Publicity is the very soul of justice … it keeps the judge himself, while trying, under trial. - Jeremy Bentham

"Our government is like a baby's alimentary canal, with a happy appetite at one end and no
responsibility at the other. " - Ronald Reagan

Government fed by the people

Government fed by the people

Career options

Career options
I suggest government... because nobody has ever been caught.

Corruption so prevalent it affects English language?

Corruption so prevalent it affects English language?

When there's too much dirt...

When there's too much dirt...
We need better tools... to cover up mega corruptions.

Prevent bullying now!

Prevent bullying now!
If you're not going to speak up, how is the world supposed to know you exist? “Orang boleh pandai setinggi langit, tapi selama ia tidak menulis, ia akan hilang di dalam masyarakat dan dari sejarah.” - Ananta Prameodya Toer (Your intellect may soar to the sky but if you do not write, you will be lost from society and to history.)

Wednesday, August 08, 2012

IT security checks had to rely on a person's name


"I spent an hour and a half talking to AppleCare. One of the reasons it took me so long to get anything resolved with Apple during my initial phone call was because I couldn’t answer the security questions it had on file for me. It turned out there’s a good reason for that. Perhaps an hour or so into the call, the Apple representative on the line said “Mr. Herman, I….”
“Wait. What did you call me?”
“Mr. Herman?”
“My name is Honan.”
Often, before we are allowed to post our comments, we are asked by website admin to prove we are not robots by having to type what we could decipher from random display of alphanumeric code. Well, the above example has proven how important it is to rely on the human factor. In this case of hacking, someone had assumed the identity of the user and changed his passwords and security checks which made the genuine user unable to prove he was the original user!
How Apple and Amazon Security Flaws Let to My Epic Hacking
Excerpt:
"In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook..."
"But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices..."
"At 4:33 p.m., according to Apple’s tech support records, someone called AppleCare claiming to be me. Apple says the caller reported that he couldn’t get into his .Me e-mail — which, of course was my .Me e-mail."
"In response, Apple issued a temporary password. It did this despite the caller’s inability to answer security questions I had set up. And it did this after the hacker supplied only two pieces of information that anyone with an internet connection and a phone can discover."
"At 4:50 p.m., a password reset confirmation arrived in my inbox. I don’t really use my .Me e-mail, and rarely check it. But even if I did, I might not have noticed the message because the hackers immediately sent it to the trash. They then were able to follow the link in that e-mail to permanently reset my AppleID password..."
"At 4:52 p.m., a Gmail password recovery e-mail arrived in my .Me mailbox. Two minutes later, another e-mail arrived notifying me that my Google account password had changed."
"At 5:02 p.m., they reset my Twitter password. At 5:00 they used iCloud’s “Find My” tool to remotely wipe my iPhone. At 5:01 they remotely wiped my iPad. At 5:05 they remotely wiped my MacBook. Around this same time, they deleted my Google account. At 5:10, I placed the call to AppleCare. At 5:12 the attackers posted a message to my account on Twitter taking credit for the hack."
"By wiping my MacBook and deleting my Google account, they now not only had the ability to control my account, but were able to prevent me from regaining access. And crazily, in ways that I don’t and never will understand, those deletions were just collateral damage. My MacBook data — including those irreplaceable pictures of my family, of my child’s first year and relatives who have now passed from this life — weren’t the target. Nor were the eight years of messages in my Gmail account. The target was always Twitter. My MacBook data was torched simply to prevent me from getting back in."



Link

1 comment:

Anonymous said...

I think people that taking someone else money by hacking someone else account was doing a crime.i hope there were no people like this in this country.they smile,look at our face n think we r stupid.