jay-h (8/22/2012)
One of the lessons from this hack is how tough it is to control accross multiple accounts. The Amazon and Apple means of authentication were not all that bad in themselves, but each leaked different information, and this different information could be combined.With people posting all sorts of things (unfortunately as with Facebook and other accounts tied to Facebook) with their own names, it's not hard to extract a lot of information... where you live, where you shop, names of your pets and children, your car, your hobbies and habits, your extended family members ... enough could be put together from 'innocent' references to create a pretty good social hack.
And this is why most security questions are utterly useless. I should not only be able to provide the answers, you should let me pick my own questions too. "Where were you born?" isn't secure at all and easily picked up from publicly available information.