engine - 1:13 pm on Aug 8, 2012 (gmt 0)
Progress. Holes being plugged.
Amazon Closes Security Gap [wired.com]
Amazon changed its customer privacy policies on Monday, closing security gaps that were exploited in the identity hacking of Wired reporter Mat Honan on Friday.
Previously, Amazon allowed people to call in and change the email address associated with an Amazon account or add a credit card number to an Amazon account as long as the caller could identify him or herself by name, email address and mailing address — three bits of personal information that are easily found online.
On Tuesday, Amazon handed down to its customer service department a policy change that no longer allows people to call in and change account settings, such as credit cards or email addresses associated with its user accounts.
Apple Freezes Over-The-Phone Apple ID Password Reset [wired.com]
Apple on Tuesday ordered its support staff to immediately stop processing AppleID password changes requested over the phone, following the identity hacking of Wired reporter Mat Honan over the weekend, according to Apple employees.
An Apple worker with knowledge of the situation, speaking on condition of anonymity, told Wired that the over-the-phone password freeze would last at least 24 hours. The employee speculated that the freeze was put in place to give Apple more time to determine what security policies needed to be changed, if any.