derekcurrie

gatorguy said:

steven n. said:

gatorguy said:

lkrupp said:

So these people fell for phishing scams, didn’t care about their account security, and now want Apple to make them whole? I thought crap like this only happens in the U.S. where everybody is a victim and a survivor of someone or some corporation. 

The articles I had read didn't say it had been shown to be a phishing scheme that led to it AFAICT, instead that it's wasn't yet determined how it happened. Apple did say that none of the affected accounts had 2FA enabled so the assumption would be that users themselves were primarily to blame, but I dont think Apple themselves had said how the account credentials had actually been accessed. 

Typical, behind the 8-ball as usual.

https://www.wsj.com/articles/apple-deeply-apologetic-over-account-hacks-in-china-1539690961?mod=rss_Technology

"At the time, it wasn’t clear how the login credentials were obtained, but Apple later said  (in their apology) that it was through a phishing attack on Apple ID owners who did not have two-factor authentication (2FA)  enabled."

Thanks.

Phishing Apple accounts is very old news, well known within the Mac security community. Recall the brazen revelation of naked celebrity photos on the net over a period of years. The chatter was all about how hackers broke into user's accounts and stole their photos. Nope! There never was any hacking involved. All of it was due to phishing. They did eventually catch the main guy responsible and toss him in jail. That incident inspired Apple to get serious about 2FA. But again, they had nothing to apologize for. It was simply more Wetware Error.

And note that Apple phishing spam has become remarkably sophisticated. The ongoing crop uses fake purchase notifications, such as users having been charged to join Apple Music. They post a link where users can go if they disagree with the charge. THAT is the phishing link. What's at the other end looks remarkably like you're contacting Apple to complain about the charge you never requested. Hand over your ID, password, charge method and they got you. If you're not paying attention, it's easy to fall for it. But it's NOT Apple's fault.

Mhob said:

Apple needs to make the Horses drink. 2FA should no longer be an opt-in. It should be required. 

If this technologically illiterate consumer group presses their case in court, there is no doubt that two-factor authentication will become a requirement of Apple users, like it or not. Then the next goal will be 3FA.

This what is colloquially known as "Wetware Error", PEBCAK ("Problem Exists Between Chair And Keyboard"), and professionally known as Social Engineering. It has nothing-at-all to do with Apple's responsibilities. There is no shifting of blame here. I'm astonished that Apple's lawyers allowed the company to apologize as there is nothing to apologize for! Instead, what Apple is doing is pointing out that they too find PHISHING (the actual catalyst of the problem, not Apple) to be unacceptable and in need of further preventative measures. 

I use 2FA. Apple has stumbled/bumbled a bit as they got used to 2FA. But Apple has refined it very reasonably and very safely of late. Adding security to any system will always compromise Ease Of Use. Convenience vs Security is forever a compromise.

As for my part, since 1998 I've reported my spam to spamcop.net. Anyone can do it for free. I've usually donated to them as well. Additionally, I forward ALL Apple phishing attempts directly to Apple via their kindly provided phishing report email address: reportphishing@apple.com . You're welcome, China.

Many companies, such as Apple, gratefully accept reports of phishing spam attacks. Some even sent thank you notes! (Hello PayPal and LinkedIn!) A few companies make the reporting of phishing difficult. (*Grumble* Google and Yahoo!) Too many companies don't care and either ignore the problem or tell you to go elsewhere. The fact is that the very best place to report phishing is directly to the company being phished. If a company is blowing off phishing reports, complain to them about their bad, careless, self-destructive attitude, if you can.

xiao-zhi said:

...The tendency of AppleInsider to zealously defend Apple at all costs...

No, you don't read AI or any Apple specific reporting websites. Apple users are consistently the most discriminating of the tech community. We get annoyed with every Apple Bungle, as I call them. Lately, the Apple Bungles have been more than plentiful and we've been ticked off about it. Being an Apple fanboi means being a critical thinker, not a puppet sheeple. Such creatures are more prevalent among the Apple Hater Trolls, like yourself 'xiao-zhi'. That line about 'defend Apple at all costs' is as old as the dinosaur trolls. It's what trolls spew when someone forgot to hand them this week's Troll Talking Points.

IOW: You made an wrong, excremental and entirely ignorable statement. Please get involved with the actual Apple user community and figure us out for yourself.

Now back to the REAL news...

It has been my personal impression over the last couple years that Bloomberg has striven to place younger employees into the position of reporting. This has been most evident in their video programming. I've often found the new, younger staff to be less informed while being more child-like in their reporting enthusiasm, versus the staid seriousness I assume Bloomberg is trying to avoid. As such, I now think of Bloomberg as having gone overboard in their attempt to draw in the youth market.

Stirring the pot, here are some baseless speculations of my own, gathered together from my experience with the Apple market over the last 25 years:

Q1) Could Bloomberg be involved in AAPL stock manipulation?
I ask this because manipulating AAPL in the news was common practice circa 2014 - 2017. I personally called these manipulative reports Apple Bear BS. In statistics, correlation is next to useless in establishing cause and effect. But I did correlate this period of time with Carl Icahn's activist stockholder behavior regarding Apple. Once Mr. Icahn sold off his Apple stock, I correlated that the Apple Bear BS came to a halt. I have to wonder if there is a manipulation factor at work within Bloomberg. But this speculation is of course baseless.

Q2) Are stories written and published at Bloomberg being driven by their marketing division?
I call the ascendance of marketing executives into management 'Marketing-As-Management.' It is common among aging companies. The overall effect is demoralization of the productive members of a company as well is irrational business decisions. In the case of Bloomberg, their marketing may either have an irrational bias toward Apple, one of the most productive companies in history. Or it might be the case that their Marketing-As-Management doesn't provide the scrutiny required for the reporting of the highly complex technology sector. But this speculation is of course baseless.

Q3) Is Bloomberg overly intent and dependent upon the youth factor in their reporting and in their intended target audience?

Q4) Are there other sources of bias within Bloomberg I haven't imagined?

Q5) Is this just an ordinary and all too common case of bad technology journalism?

In any case, I hope the current concern of hardware hacking is sorted out and that Bloomberg can get back to what I consider to be professional quality reporting.

It's Corporatocracy vs We The People!
There will be blood.
It's the second revolution!
We shall be free again.