August 12, 2012

Cloud dangers for YOUR digital life.

If you have a new smart phone, iPad, tablet or computer, and you are busy linking all your devuces to automatically syncronize your music, pictures, and work files, then reas and share this blog post. Your digital life can be erased in seconds using the cloud too. Clouds and iClouds may seem fluffy and nice, but both have their dangers. New pilots get Visual Flight Rules licenses: control of your aircraft requires visual reference to the horizon and the ground. VRF pilots should NEVER FLY INTO CLOUDS. Without more training, the average VFR pilot will get their aircraft into a spiral-dive in about 15 minutes. Your computing "Cloud" can also take you into a digital spiral-dive with its new vulnerability to hacking.
In 2012, we learned that linking your devices via the Cloud, including iCloud, renders you susceptible to the malicious use of the Cloud to wipe your entire digital life.
Tech writer Mat Honan got hacked recently, and then all of his linked services, including iCloud based services, were used to erase his iPhone, MacBook and all his web based iCloud data. The use of a single service, such as FaceBook, to log into different services also factored into the malicious actions of the hacker to invade one of Mr Honan's services after another. You can read about Mr Honan's nightmare that he kindly shared on one of his blogs at:   EMPTYAGE.   Darlene Storm (Computer World) also has a nice story about this subject:   HERE  , where you can read about some warnings regarding the CLOUD that were uttered by no less than Steve Wozniak himself (Apple's co-founder).

This experience highlights the danger of syncing all your devices and online services. When you change or create a document on one device, the change propagates to the Cloud server, and then to all your other devices. Your laptop, home computer, phones, iPad. What many of us have not appreciated is that these updates also include the DELETION of your files. I have been concerned with this for some time, since Apple's iDisk service went away. Since 2000 my iDisk was a handy external shared disk. I added or removed files from my iDisk and coordinated several lab workstations with this tool. Of course, while these shared files were on my iDisk, there were also copies of the files on my computer drives. Even if my iDisk was hacked, there was no automatic sync to my devices. This is NOT the case with iCloud's file syncronization. It is also similarly dangerous if you use SugarSync's option to autosyc to any file on your hard drive. Deleting files will propagate the deletion for you. If that was your only copy of the file, ouch, its gone!

So, if you are a Mac user that upgraded to OS-X Lion, or your new Mac already uses this system,  you can quickly autosync your devices. However, the more services you link in some way, the more danger there is for your digital life. If one service gets hacked, it can be the gateway to get information and keys for your other accounts, storage and services.

My immediate recommendations:
1) If you are using any Cloud service such as Dropbox, Google Drive or SugarSync, just use the one sycn-folder option: you have ONE folder on your hard drive that is sync'd automatically with your Cloud and other devices. If you have digital stuff you would HATE to lose, then do not leave the only copy in your sync folder. Build your documents in other folders and directories, and place updated COPIES of those files into your Sync folder. Always keep copies in regular folders that are not integrated into the autosyc process. A hacker can erase your Sync folder contents, but your main file copies will reside elsewhere on your hard drive.

2) For any iPhone users out there, consider NOT autosyncing your pictures and critical work files through iCloud. You should have the option to inactivate some of these functions. I have had a Mac account since 2000, and I loved my iDisk. However, while I have an iCloud capable account now, I do not use it for syncing files. The iPhoto program is a great tool, but I do not sync my photos through the iCloud and do not plan to. It is too risky for me. Should I get hacked, my iCloud could be used to wipe those files on all my devices.

3) Run backups of your main device, maybe this is your laptop, with a good old USB-2 external hard drive. OS-X has a great "time-machine" backup system that is easy to use. Windows also has basic backup functions for external drives. Use your external drive at least once a week. If you plan to keep your devices fully integrated and autosycned in iCloud, then do your backups. If Mat Honan had a backup drive, he would be much better off. Mr Honan noted that he had drifted away from the habitual use of his good old backup drive once he went into the cloud, in hindsight a mistake.

These new data dangers have great implications for Google's new operating system and Microsoft's next system, coming out soon. These systems are based on the Cloud for their very fundamental operations. At this time they are completely vulnerable to this kind of hack that can wipe out your entire digital life. SO DO NOT GET RID OF THAT EXTERNAL BACKUP DRIVE YET, KEEP USING IT. I AM TOO. As online services have rushed to link to each other, very little effort has gone into solving the security issues that exist with this kind of mass connectivity. Do you use Facebook to log into all your services now? Imagine that your password is hacked. All your services are then breached.

It seems that APPLE's phone support screwed up, and actually gave hackers more information about Mr Honan's account, even though the caller could not answer some of the security questions. What Apple might do to fix that problem I have yet to learn, but it just goes to show you that the iCloud ain't all its cracked up to be. The implications for businesses and industrial espionage are significant. So follow some of these IFR ways and stay out of that cloud induced spiral dive.

August 4, 2012

Make Computer Thieves your Prey.

Just a short blog. No matter what computer system you are using or even Android and Apple smart phones, you can install Preyproject's free theft reporting tools on your computer/phone. Simply go to

and download the installer for your device. Make a new account, and if your device is stolen, you can go online, login via the web and activate reporting from your device. If your device has a camera, it will even take secret pics of whoever is using your machine. It also will report its location.

I recommend it.

Dr Mitton