Here's How Easy it is for a Hacker to Wreck Your Life
Mat Honan of Wired is a better man than me. In exchange for his promise not to prosecute, he got the hacker who ruined his digital life to talk to him. If it were me, I might have left my need to know the details of the attack, along with my inherent desire to tell a good story, to one side so that I could track down the pallid twerp and beat him mercilessly with a sock full of nickels. I almost want to do it now, on Honan's behalf.
Why did this emotionally stunted knuckle-dragger and at least one similarly addled pal wipe out all of Honan's data from several devices as well as his iCloud account? Because they wanted Honan's three-letter Twitter handle for themselves.
"That's all they wanted," Honan writes in his astonishing account of the event. "They just wanted to take it, and fuck shit up, and watch it burn. It wasn't personal."
Well, they made it personal. I, for sure, would have taken it personally. The hacker identified as Phobia told Honan: "I honestly didn't have any heat towards you before this. i just liked your username..." He used that username to tweet racist and homophobic stuff. He wiped Honan's drives so Honan wouldn't be able to stop the attack, in the process deleting pictures depicting his victim's daughter's first 18 months of life, along with every other digital thing Honan owned.
That seems pretty personal to me. Make that two socks full of nickels, followed by a thorough pummeling with a sack of oranges. Then I'd call the cops, hoping that Phobia and I would share a cell.
Honan explains the details of how easy the hack was, and how easy it was for him and his Wired colleagues to replicate it themselves. But in brief: in order to get Honan's Twitter password, the dweeb had to get into Honan's Gmail account. To do so, he had to engineer Apple and Amazon to spit out some personal information. The lack of security is almost as infuriating as the actual attack: all Phobia needed was Honan's name, billing address, and the last four digits of Honan's credit card. It takes a little effort, but all these things are readily obtainable.
Phobia used Amazon to get the credit card digits, but he didn't have to. "If you have an AppleID, every time you call Pizza Hut, you've [given] the 16-year-old on the other end of the line all he needs to take over your entire digital life," Honan writes. We should all be very, very frightened by this. And Apple really needs to shore up its security procedures, pronto.
Honan rightly takes some responsibility for the loss of data, since he didn't back it up, and he didn't have Google's two-factor authentication turned on. He also had his Google and Apple accounts linked, which enabled the hack. Are you backing up your hard drive right now? Somewhere other than a cloud service? Well, you should be.
But Honan goes too far with the self-blame. He says he's not even angry at the 19-year-old ninny who did this to him. That ninny wrote to Honan, in Ninnyspeak: "yea i really am a nice guy idk why i do some of the things i do. idk my goal is to get it out there to other people so eventually every1 can over come hackers."
Ah, so it's a public service! Honan apparently didn't ask Phobia why he tweeted racist and homophobic stuff, or why the cretin so fervently desired a three-letter Twitter handle that he would only control for a short period of time.
For the record, here are a couple of the tweets -- which Honan has chosen not to delete -- that Phobia shared through Honan's account:
"If any of you guys aren't faggots and have a xbox and wanna play gta4 or mw2 with me, hit me up on aim"
"Fuck Barack, hes black. Go Mitt Romney"
"I am ultimately to blame," Honan writes. No, Mat, you're not. Neither is the woman in the short skirt who gets raped.