This Week's Sponsor:

Kolide

Ensures that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.

Amazon And Apple Take Steps To Fix Security Holes Revealed By Mat Honan’s Hack

Amazon and Apple have taken serious steps today in responding to news of how Mat Honan was hacked, which was done not with brute-force but by using social engineering to trick Apple and Amazon support staff to give out various pieces of information and reset some passwords. Amazon reacted first and arguably more decisively by enacting a new security policy of no longer allowing users to change account settings (such as credit card information and email addresses) via the phone.

Apple has meanwhile enacted a 24-hour freeze on resetting account passwords over the phone whilst they review their security practices. When Wired then tried to reset an AppleID password through Apple support staff on the phone, the representative said “Right now, our system does not allow us to reset passwords. I don’t know why”.

An Apple worker with knowledge of the situation, speaking on condition of anonymity, told Wired that the over-the-phone password freeze would last at least 24 hours. The employee speculated that the freeze was put in place to give Apple more time to determine what security policies needed to be changed, if any.

[via Wired (1) (2)]

Join

Unlock More with Club MacStories

Founded in 2015, Club MacStories has delivered exclusive content every week for over six years.

In that time, members have enjoyed nearly 400 weekly and monthly newsletters packed with more of your favorite MacStories writing as well as Club-only podcasts, eBooks, discounts on apps, icons, and services. Join today, and you’ll get everything new that we publish every week, plus access to our entire archive of back issues and downloadable perks.

The Club expanded in 2021 with Club MacStories+ and Club Premier. Club MacStories+ members enjoy even more exclusive stories, a vibrant Discord community, a rotating roster of app discounts, and more. And, with Club Premier, you get everything we offer at every Club level plus an extended, ad-free version of our podcast AppStories that is delivered early each week in high-bitrate audio.

Choose the Club plan that’s right for you:

  • Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with app collections, tips, automation workflows, longform writing, a Club-only podcast, periodic giveaways, and more;
  • Club MacStories+: Everything that Club MacStories offers, plus exclusive content like Federico’s Automation Academy and John’s Macintosh Desktop Experience, a powerful web app for searching and exploring over 6 years of content and creating custom RSS feeds of Club content, an active Discord community, and a rotating collection of discounts, and more;
  • Club Premier: Everything in from our other plans and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.

Former MacStories contributor.

graham@macstories.net