Companies Advise Tighter Security After Honan Hack

In the wake of the hacking of Mat Honan's accounts, Google, Facebook, Amazon, and Apple are just a few of the companies making their security policies tougher, and they are advising people to do the same. From the article: "Even as those companies’ teams moved to patch the holes, others moved to offer security tips. Matt Cutts, head of Google’s Webspam team, used his personal Website to urge Gmail users to embrace two-factor authentication. 'Much of the story is about Amazon or Apple’s security practices, but I would still advise everyone to turn on Google’s two-factor authentication to make your Gmail account safer and less likely to get hacked,' he wrote in the August 6 posting."

Feels like post-911

[A+beautiful+mind]

In the name of security Google has been pestering for my phone number for years, while their motives are much less about my security and more about their business reasons.

Re:Feels like post-911

[patchmaster]

Google has had my phone number for years. To my knowledge I've yet to receive a single call that originated from Google or someone to whom Google gave my phone number.

I'm all for identifying evil as evil, but it would be nice to have some actual evidence before making the accusation.

Re:Feels like post-911

[ThunderBird89]

Yet it seems you're very happy to use the internet, whose death you so crave, to voice your opinion and grief about the internet you use to give voice to your opinion.
Seeing the contradiction?

[First sentence is deliberately self-referential and obfuscated]

Re:Feels like post-911

[tlhIngan]

I'm all for identifying evil as evil, but it would be nice to have some actual evidence before making the accusation.

The fact that a single "no" is not enough to get them to stop asking is evidence enough.

Not to mention Google really tries to hide the "No" button. It just pops up as a box that says you need to enter your phone number. If you look down, the link to skip it is very tiny, enough to miss it. I'm willing ot bet most people don't even know there's an option to skip it.

It also pops up randomly on you, and each time it seems the "No" link gets tinier and moved somewhere else.

For Do No Evil, they certainly are applying all the usual marketing tricks to hide stuff like free downloads and such. If they really cared, it would be in normal font with text saying it's completely optional and you can bypass it by clicking the nice big link.

Re:Feels like post-911

Mat, the guy who was "hacked", also had a great password and didn't run attachments. The hackers didn't even need to know his password to gain access to his accounts. He was more a victim of using guessable e-mail addresses to log into Apple, Amazon, Gmail, and Twitter. He also bought stuff on Apple and Amazon. If you've done those things, then you too can be a victim. It was more a hack of the "forgot password" pages. some social engineering of the support staff, and intimate knowledge of the identification procedures of said companies.

Re:Feels like post-911

[c++0xFF]

It's in Google's and your own best interest to make your accounts as secure as possible. They get a black eye in the media every time there's a high-profile hacking of a Google account ... which in turn hits at their reputation for providing solid, secure services.

Given that most users don't know what's best for them, I think it's completely reasonable for them to pester a little bit about a way to improve security.

Now, that said ... there should be a way to turn the reminder off completely. Some people (me) simply can't use it.

Re:And 2 factor will do what?

[kaiser423]

Any computer I use to check gmail is fully under my control.

Lucky you. That's not the case for most of us.