TidBITS Presents “Protecting Your Digital Life” on 22 August 2012
By now you’ve probably heard about the case of how technology writer Mat Honan was hacked, thanks to a combination of ill-considered security policies on the part of Amazon and Apple. The hacker turned out to be a 19-year-old whose goal was to take over Honan’s three-letter @mat Twitter account; he thought it would be funny to post racist and homophobic tweets from Honan’s account. The hacker also used iCloud to perform remote wipes on Honan’s iPhone, iPad, and MacBook, and while Honan was able to restore the iPhone and iPad from iCloud backups, he ended up paying nearly $1700 to DriveSavers to restore some of the data from his MacBook,
which he had never backed up.
In the end, it appears that Honan has managed to restore most everything to pre-hack state, he has learned the importance of backups and online security, and he has published some good stories out of the experience, so it wasn’t all bad. But he was also lucky — the hacker could have caused much more damage, and in most cases of online identity theft, lost data is accompanied by financial repercussions from stolen credit card numbers, compromised bank accounts, and scams aimed at friends and relatives.
Many people — us included — have found this story tremendously unsettling. Although similar hacks happen to people all the time, Honan has done such a good job documenting what happened — from Amazon’s and Apple’s mistakes to his own significant lapses of judgment (not even Time Machine backups, really?), that it’s easy to imagine yourself in his shoes. Since Honan’s story first appeared, we’ve been talking internally about it, trying to figure out how vulnerable we’d be, what we could do to reduce the chances of this happening to us, and what we should recommend to you, our friends and readers.
Now we’re bringing that discussion to you, in our next TidBITS Presents event — “Protecting Your Digital Life.” It will feature Rich Mogull, who is both our security editor and a principal at the security firm Securosis, and the polymathic Joe Kissell, who has penned both “Take Control of Passwords in Mac OS X, Second Edition” for us and the “Mac Security Bible” for Wiley (both of which are several years old). We’ll be focusing on the best practices for ensuring that, even if one of your online accounts is compromised (which can happen through no fault of your own!), your entire digital life can’t easily be laid bare for these
virtual vultures to peck through.
So please join us live on Wednesday, 22 August 2012, at 12:00 PM Eastern (9 AM Pacific) at the TidBITS Presents page (if you’re in another time zone, check out the Every Time Zone site to convert to local time). Or, here’s a .ics file you can import into your calendar. The presentation is open to everyone — we’re not limiting live participation to TidBITS members this time, but please, if you’d like to see us do more of these live presentations, which take a lot of work to put on, chip
in a few bucks to support our efforts. We’ll be trying to keep the main discussion to 30 minutes, and we’ll take questions from the live chat at the end for another 30 minutes. If you can’t make it live, you’ll be able to watch the recorded presentation afterwards at your leisure.
We continue to learn about the best ways to use Google Hangouts On Air, so be sure to scroll down and read the FAQ at the bottom of the TidBITS Presents page before the presentation. See you at noon on Wednesday!
Good solid easy to understand advice. I plan to share this with co-workers and family members.
Just a comment on why I didn't watch live. While I do read TidBITS religiously, I don't read it on any schedule. I just finished reading this week's issue today as a matter fact. A little more notice might be nice.
Thanks! I realized there wasn't much advance notice this time because although we had tentatively agreed on the date some time ago, Rich's schedule was up in the air for a bit and we thought we might have to change the time. We'll try to get future events announced with more notice!
2am Sydney time didn't help. :)
Hi Adam & crew;
Just a video tip, please consider having participants add a little light above the camera on their computer so they look better, instead of dark and shadowy or lit by the computer screen. Also try to look at the camera instead of the screen, as much as that is possible. I'm not so good myself, but making eye contact with viewers helps. Otherwise very nice work!
Thanks for the suggestions, Dave. How was my lighting? I ask because I did explicitly put a lamp above my camera and computer for this particular event (as opposed to the others).
Looking at the camera is damn near impossible, since it's above everything that moves on screen. I always position the main video feed right under the camera (which is actually between my two screens, so I have to put that window overlapping the two). But as soon as you have to look at something else to read a comment or whatnot, your eyes clearly move away from the camera. Any tricks here that people have come across?
Adam and Rich were reasonably acceptable for skin color but Joe looked like he'd been in the Bastile and hadn't seen the sun for a couple of decades. All came into focus within a second or two of switching views, but I assume the delay was due to my wireless broadband connection, which is not LST/4G.
I think Joe's just cultivating the pale Parisian look. :-)
We're working on getting better lighting for the next one - apparently clamp-on shop lights are a good, cheap solution.
I have watched all three of your Google Hangouts presentation and have found them chock full of very practical tips and suggestion (even though I don't have ML yet). If I could wake up at 2:00 am (Melbourne time), I doubt I'd be in any condition to absorb the content, so I am an "after" viewer. As for the security session, I plan to do a post to my blog with very brief summary and with the suggestion that my readers spend the time to view the whole thing, if that's not illegal and is acceptable to you. I pat myself on the back that I had already taken on board two of your points long ago before you made them in this session, backups and a password vault (my preference is SplashID). I will be going through my passwords and security questions in line with your recommendations. I have repeatedly benefited from the first two measures. As Joe pointed out, it's a small price to pay for the piece of mind when those resources are needed.
You are absolutely welcome to post about the presentation and encourage others to attend - these are completely open to the public. Thanks for the kind words, and we're pleased you liked the content!
It took me a week to get to it, but once started, it was good enough to watch through. Great work guys.