General Discussion

cascadiance

(19,537 posts)

27. What they are describing was how Sarah Palin's Yahoo email account was hacked too...

Tue Sep 2, 2014, 08:19 PM

Sep 2014

The problem is that if you don't design security questions, etc. to get access to an account to take in to account that some people have very public lives where many of those security question answers are publicly available, then you have a flawed system. I know that Yahoo revised a lot their methodology for retrieving forgotten passwords after that, to avoid such circumstances and ensure that whether a person's personal life is well known or not, that the procedures for getting in to an account where someone has forgotten a password is secure.

I won't go in to details on flaws like these in general, but there are other ways that sometimes corporate systems have problems with security of data internally and otherwise that needs revamping, as I've seen it at times and helped fix some of those holes myself, but often times, the fundamental design still should be changed to make it better. That is the problem when you also get companies too big with oligopoly power, where they don't worry as much about this sort of problem when someone's account gets jeopardized and calls them out in public if they know what's happened, since often times, people don't have another option to go to in the marketplaces we have these days and their experiences get lost in the ethers.

Edit history

Please sign in to view edit histories.

Recommendations

0 members have recommended this reply (displayed in chronological order):

28 replies

= new reply since forum marked as read

Highlight:

Apple should be sued over the data leak [View all] Yavin4 Sep 2014 OP

Other than lawyers, who gets the money? And who ends up actually paying the costs? NYC_SKP Sep 2014 #1

If the celebrities involved are smart... TDale313 Sep 2014 #6

I like that idea, but would prefer settlements that insure security of my data. NYC_SKP Sep 2014 #10

Well, hopefully that will be part of the outcome. TDale313 Sep 2014 #14

I imagine they will be. TDale313 Sep 2014 #2

They certainly won't admit it jakeXT Sep 2014 #3

Why are you ann--- Sep 2014 #4

They had shitty security that allowed infinite number of password attempts without lockout. PeaceNikki Sep 2014 #7

Exactly! Yavin4 Sep 2014 #9

Oh good Lord, seriously? Erich Bloodaxe BSN Sep 2014 #11

Yes, although that may not be the method the people used to get the pictures... PoliticAverse Sep 2014 #18

What they are describing was how Sarah Palin's Yahoo email account was hacked too... cascadiance Sep 2014 #27

I'm betting that Apple ann--- Sep 2014 #13

I bet you are! I've seen your other posts on this topic. PeaceNikki Sep 2014 #16

A day before the hack... liberalmuse Sep 2014 #5

Do you know that? Erich Bloodaxe BSN Sep 2014 #8

Apple marketed to the public that their cloud services were secure. Yavin4 Sep 2014 #12

They also got every user to click "I agree" to their terms jberryhill Sep 2014 #15

Yeah, I'm pretty sure there is some disclaimer in the TOS Blue_Tires Sep 2014 #21

According to this ann--- Sep 2014 #17

Yeah, sure. Lose 25% of your nest egg like me and many other Americans? elias49 Sep 2014 #20

Not something I think is worth prioritizing. phil89 Sep 2014 #19

Lockouts are an "easy solution" repeated by people who have no idea what they are talking about. Xithras Sep 2014 #22

"Lockouts won't solve anything." Better than nothing. Yavin4 Sep 2014 #23

Unless you're famous. Then they're worse than nothing. Xithras Sep 2014 #24

Apple's core business strategy is the cloud Yavin4 Sep 2014 #28

So your investigation has explained the whole leak? Great. I will look for your report. nt Logical Sep 2014 #25

I'm sure in the EULA's and Terms and Conditions that users of iCloud TransitJohn Sep 2014 #26