August 7th, 2012
Getting beyond the particulars of how Mat Honan had hackers use social engineering to get his passwords reset and his iOS and MacOS devices remote wiped, for my money here's the key lesson of the whole sorry saga:
I bought into the Apple account system originally to buy songs at 99 cents a pop, and over the years that same ID has evolved into a single point of entry that controls my phones, tablets, computers and data-driven life. With this AppleID, someone can make thousands of dollars of purchases in an instant, or do damage at a cost that you can't put a price on.
This isn't just about Apple – it's about all the corporations expanding from their original niches into as many corners of our online life as possible.1 Having a single sign-on is scary, and only gets more so as the uses of that ID expand over time.2
I'd like to think that scares like this would motivate Apple, Amazon, Google, Microsoft and the rest to get this stuff right lest the public be discouraged from signing up for all the different services they offer, but I fear that convenience wins out all too often.
- For what it's worth, I haven't enabled iCloud on my Mac Mini or my iPod Touch. Not because I foresaw this sort of problem; it's just that I don't see the benefit of iCloud. I bought my iPod Touch as a replacement PDA, not a device for accessing the internet on the move. In any case, given that when I'm at work I'm not in range of an accessible WiFi service, so my iPod Touch isn't going to be accessing iCloud anyway. ↩
- I dread the day when Apple finally make some feature I really want/need insist upon having access to iCloud. That might be my cue to take a close look at whatever the successor to the Nexus 7 turns out to be. ↩