Talk about a dealzmodo! DC resident Seth Horvitz bought a new HDTV on Amazon, but when he opened the peculiarly not-TV-shaped box, he found a $2,000 Sig Sauer SIG716 semi-automatic rifle instead, DCist reports. A mistake has been made. More »
Security is a vital part of our life. That’s why when we heard that Mat Honan’s iCloud account was hacked on Monday this week, we immediately followed the story. Apple was quick to respond by freezing the functionality to allow Apple ID password changes over the phone. Online retail giant Amazon is also doing the same by changing its customer privacy policies to close the security gaps that were exploited in the hack. But unlike Apple who previously said that the password freezing will only be temporary, Amazon has told Wired that they will no longer allow customers to change their account settings over the phone.
“We have investigated the reported exploit, and can confirm that the exploit has been closed as of yesterday afternoon,” an Amazon spokesman said. The hackers reportedly used the last four digits on the credit card linked to Honan’s Amazon account to access his Apple ID account as well as his Gmail and Twitter accounts. And the rest was history for Mat Honan who said, “In the space of one hour, my entire digital life was destroyed.”
By Ubergizmo. Related articles: Password security flaw on Amazon.com, Microsoft and NYPD unveils new high-tech law enforcement surveillance system,
The Optimum App for the Kindle Fire has served Cablevision customers in search of a second screen for some time now, but now it’s more like its siblings on iOS, PC or Mac. What we mean is that now it can stream live and on demand content subscribed to via your Cablevision service. That’s the good news, the catch is that you have to be connected to your home network for the live streams to work, but at least all the channels are available, rather than a subset like some providers. Of course if you aren’t interested in watching video on the small screen, you can still use the aforementioned Kindle Fire app as a remote as well as to manage your DVR or discover new content while the action plays on the big screen for the rest of those in your home to enjoy.
Continue reading Live streams come to Cablevision’s Optimum App for the Kindle Fire
Filed under: Home Entertainment, Tablet PCs
Live streams come to Cablevision’s Optimum App for the Kindle Fire originally appeared on Engadget on Wed, 08 Aug 2012 06:02:00 EDT. Please see our terms for use of feeds.
Permalink | 
Amazon | Email this | Comments
By now, you may have heard the story of the identity ‘hack’ perpetrated against Wired journalist Mat Honan. Using easily obtained data, an anonymous duo bluffed its way into changing his Amazon account, then his Apple iCloud account, then his Google account and ultimately the real target, Twitter. Both Amazon and Apple were docked for how easy it was to modify an account over the phone — and, in close succession, have both put at least a momentary lockdown on the changes that led to Honan losing much of his digital presence and some irreplaceable photos. His own publication has reportedly confirmed a policy change at Amazon that prevents over-the-phone account changes. Apple hasn’t been as direct about what’s going on, but Wired believes there’s been a 24-hour hold on phone-based Apple ID password resets while the company marshals its resources and decides how much extra strictness is required.
Neither company has said much about the issue. Amazon has been silent, while Apple claims that some of its existing procedures weren’t followed properly, regardless of any rules it might need to mend. However the companies address the problem, this is one of those moments where the lesson learned is more important than the outcome. Folks: if your accounts and your personal data matter to you, use truly secure passwords and back up your content. While Honan hints that he may have put at least some of the pieces back together, not everyone gets that second chance.
Filed under: Internet
Amazon, Apple stop taking key account changes over the phone after identity breach originally appeared on Engadget on Tue, 07 Aug 2012 23:40:00 EDT. Please see our terms for use of feeds.
Permalink | Wired (1), (2) | Email this | Comments
If you use the internet – and we know you do – you need to read about the massive “hacker” meltdown experienced by an online journalist this week due to security holes between cloud systems in two major networks. The “hack” as some are calling it – rather a clever realization, when it comes down to it – had one user’s account opened up with a simple phone call to Amazon. Once Amazon allowed the fake user to access one simple element in the victim’s account, the rest came tumbling down like a house of cards.
The key piece to this puzzle was the Amazon call-in policy that allowed anyone to change an email address of a user account just so long as they could identify the user’s name, email, and physical mailing address. This ability is no longer allowed as of this morning, with Amazon commenting to Wired that they changed the policy for “your security”, refusing to comment further.
The exploit – again this isn’t really a hack when it comes down to it, only needed the “hacker” to have the victim’s email – easy to guess – their full name – again, obvious – and their physical mailing address. This last bit was available, in this case, in a “whois” of a site that the victim owned. A “whois” is a listing of the ownership of a website, aka “Domain Registration Information” that many web hosts make available without question.
Once the hacker was able to change the email of his victim’s Amazon account, they were also able to see the last four digits of the victim’s credit card – these last four digits available to any person who is logged in to their own account, of course. Once the hackers had this, they were able to call in to Apple’s iCloud support with said information to “confirm” their way into his iCloud account as well. One company’s freely available account information used to easily bust in to another’s.
Now this “hole” is fixed, but you need to still be on your guard. Keep your eyes open for exploits such as these, have a peek at our post this morning about double-locking your Google account, for example, and simply stay smart.
Massive Amazon security hole “fixed” without comment is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Ty Rogers of Amazon PR has reportedly confirmed that the hole in Amazon’s authentication process that allowed Mat Honan to be hacked has been closed, “effective yesterday.” More »
This week it’s time to get back to the streaming side of things as Spotify hits yet another platform in the mobile space. On the Kindle Fire, Spotify’s streaming music service will be working with Android 4.0 with full support. You’ve got mobile free radio as well with the ability to create new radio stations and save the songs that you’re going to listen to multiple times. This application is available for download immediately through the Amazon Appstore for Android – you simply must grab it!
This release places Spotify on a tablet that’s been doing quite well in its first few months being on the market but has caught quite a bit of flack lately as Target dropped it from its ranks almost entirely. Have a peek at that giant retail cut-down and ask yourself if you’re glad you got yours while the getting was good. Then whip it out and have a peek at all the new features on this streaming music app.
Spotify for Kindle Fire has an all-new slide-out navigation bar and comes with a lovely collection of social features for all! You’ve got artist imagery and album covers in full high definition greatness, and you can work with related artist view to learn more about musical groups you might never have otherwise realized existed! When you’re listening in on this device you’ve also got 320kbps listening power that Spotify called “extreme” sound quality.
This build of the software is what Spotify tells us is “lightening fast” and, again, it’s available right this second – so go out and get it! Of course you’ll want to note that this version is limited based on your subscription status, you might have to grab the billfold as well. Have a peek at the timeline below to see other Spotify updates in recent weeks too!
Spotify hits the Kindle Fire is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Love your Kindle Fire, but find yourself habitually cursing its lack of Swedish music streaming services? Great news, Spotify’s now available through everyone’s favorite $200 Amazon tablet, bringing with it free custom radio stations, social functionality like the ability to view friends’ playlists and 320kbps listening. Interested parties can download the app from the source link below.
Filed under: Tablet PCs, Software
Spotify app hits Kindle Fire, brings mobile radio and 320kbps listening originally appeared on Engadget on Tue, 07 Aug 2012 12:23:00 EDT. Please see our terms for use of feeds.
Permalink | Amazon | Email this | Comments
Welcome to Engadget’s back to school guide! The end of summer vacation isn’t nearly as much fun as the weeks that come before, but a chance to update your tech tools likely helps to ease the pain. Today, we’re leaning back with our tablets — and you can head to the back to school hub to see the rest of the product guides as they’re added throughout the month. Be sure to keep checking back — at the end of August we’ll be giving away a ton of the gear featured in our guides — you can hit up the hub page right here!
Your back may be straining from the textbooks, laptop, gym gear and lunch in that dangling overstuffed messenger, but you’re still gonna want to save room for one more item — a tablet. After all, while you can surf, tweet, play games and watch video from your other devices, there’s nothing like doing it from a simple glass window that sits in the palm of your hand. As the hardware gets more powerful, these devices are rapidly becoming versatile enough to let you justify leaving the laptop at home on less-intensive days, so why not check out our picks of the finest devices you should be using and abusing before, during and after class.
Continue reading Engadget’s back to school guide 2012: tablets
Filed under: Tablet PCs
Engadget’s back to school guide 2012: tablets originally appeared on Engadget on Tue, 07 Aug 2012 12:00:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | Comments
A high-profile case of cloud hijacking and data vandalism has thrown new attention on iCloud, Amazon, Google and other big online names, as gaps in the ways security is handled potentially allow for hacking. Flaws in how Apple and Amazon handle account recovery have been blamed for the “digital destruction” of journalist Mat Honan’s online life, following hackers’ successful attempts to crack security on his iCloud account, gain access to his Gmail and Twitter, and then remotely lock and delete his MacBook, iPhone and iPad.
[Image credit: Louis Argerich]
At fault – at least in part – was the inexact overlap between recovery policies for Apple and Amazon accounts, Honan writes. Although he himself shoulders the blame for the ensuing permanent loss of data – which comes down to not doing enough backups – a difference in opinion on how important the final four digits of a credit card number can be between Apple and Amazon proved the key with which the hack was achieved.
“Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification” Mat Honan
Apple gave Honan’s hackers a temporary password to iCloud after they supplied his billing address and the last four digits of his credit card; the former was accessed from a WHOIS search, as Honan had used the address to register his personal site, and the latter through a manipulation of the Amazon account recovery system which reveals those digits of each saved card. The iCloud email account in question was identified via Gmail which, as Honan did not have two-factor authentication turned on, showed the partial recovery email address – m****n@me – which proved easy to guess in its entirety.
Those details allowed for unofficial iCloud access, and then everything in Honan’s OS X and iOS connected life was up for grabs. The hackers locked him out of his devices and then wiped his data using the very tools provided in Find My Mac intended to help legitimate owners protect their information.
“If you have an AppleID, every time you call Pizza Hut, you’ve giving the 16-year-old on the other end of the line all he needs to take over your entire digital life” Mat Honan
Although each company with a cloud service worth mentioning has its own data protection policies, few users stick solely to one provider. Apple claims that some aspects of its security polices “were not followed completely” but would not say if it was reconsidering how Find My Mac or other aspects of its iCloud security works; Amazon is yet to comment.
The takeaway for most users is to backup – preferably using local and/or separate cloud storage from other cloud data services relied upon – and to turn on two-step verification on Google accounts. Don’t link important accounts together, and consider having a completely separate account for recovery purposes.
When iCloud becomes the Perfect Storm is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
