Over the weekend, technology writer Mat Honan was hacked in spectacular fashion.
Hackers hijacked his Google account and deleted his emails, broadcast racist and homophobic slurs from his Twitter account, and erased data from his Apple devices, including photos of his infant daughter, he said in a first-person account published on Wired.com.
The incident not only exposed embarrassing security practices at two major tech companies -- Apple and Amazon -- but it also offered some lessons to everyday computer users who often fail to secure their email accounts and increasingly store their digital lives in the cloud, experts say.
Use two-factor authentication
According to Honan, the hackers took control of his Google account, erasing eight years of e-mails. But experts say he could have thwarted the attackers at an early stage if he had turned on Google's two-factor authentication feature. (He admits he did not.)
By turning on the feature, Google sends users a text message with a code they must enter when they sign in, along with their username and password. This adds an extra layer of security if their password is stolen.
Graham Cluley, a senior technology consultant at Sophos, said most people don't bother to turn on the optional feature, but they should.
"That way, not only would a hacker need to know your user ID and password, they'd also have to have access to your mobile phone, which most hackers won't have," Cluley said. "It's a great form of protecting yourself, and it's very easy."
Google explains how to turn on two-step verification in its support forum.
Create Separate Apple IDs
Honan said the hackers also broke into his iCloud account to remotely delete the data on his iPhone, iPad and MacBook.
An Apple ID has become the key identifier for accessing the company's various services, from storing data in iCloud to purchasing songs on iTunes to downloading apps from the App Store. On its support forum, Apple recommends using the same Apple ID for all three services.
But the forum also shows how users can create different IDs for different Apple accounts, and security experts recommend it. That way, if their App Store or iTunes account is compromised, hackers can't access sensitive data they have stored in the cloud. In Honan's case, it was photos of his daughter he had not backed up. (My colleague Jason Gilbert offers tips on backing up photos here.)
The devastating consequences of Honan's iCloud account being hacked highlights the tradeoffs of cloud storage, said Harry Sverdlove, CTO of the security firm Bit9.
While the cloud allows people to simplify their digital lives by linking email, calendars, music and photos from multiple Apple devices, it also increases the potential for them to lose much more data if the account is compromised.
"By having everything in the cloud, it makes it that much easier for a malicious actor to really cause havoc in your life," he said.
Companies Should Do More To Verify Users
Security experts also called on Apple and Amazon to improve their security practices.
According to Honan, Amazon's tech support revealed his partial credit card number to the hackers. From there, the hackers used those digits to convince an Apple representative that they were Honan and receive a temporary password for his Apple ID, granting them access to his iCloud account. All of this was done by phone, according to Honan.
But experts say both companies should do more to verify users. For example, the last four digits of a credit card number should never be used to verify someone's identity because those digits can easily be found on paper receipts, Cluley said.
Instead, he suggested companies ask consumers who need change their account settings to identify some recent things they bought on that account.
"They could ask: 'Which of the following purchases have you made in the last month?'" Cluley said. "That way they could prove they are who they said they are."
Be Careful Plugging In Your DC Jack
Unless you have an Apple laptop with its MagSafe magnetic connector, you need to be gentle when plugging in your computer. If excessive force is applied to the jack, the solder joints connecting the jack to the motherboard can crack. The points of contact can quickly overheat, further damaging the motherboard and the jack. In some cases the motherboard can even catch fire. So don't apply too much force, don't use a cheap after-market charger (only an original charger), and if you notice that the jack is loose, bring it to a repair place ASAP. The more you use a laptop with a loose jack, the looser it becomes and the more you risk destroying both the charger and the motherboard.
Clean Your Cooling System With Compressed Air
Buy a bottle of compressed air and blow the dust out of your fan and heat sink once a month. Laptop heat sinks are very fine and get cloaked with dust easily. Open the case and get rid of all the dirt, dust, lint, Cheetos remains and whatever else might have accumulated in there. If you can't figure out how to open the case, call the manufacturer. Most help desks will be more than happy to tell you how to open the case for maintenance, even if your warranty or support plan is up. Also make sure to use static-neutral compressed air. The most popular brand is probably <a href="http://www.dust-off.com/" target="_hplink">Dust-Off</a>.
Don't Use Your Laptop In Bed
If you can avoid using a laptop that's lying on a bed or sofa, then please do. When you put your laptop on soft material, you block the ventilation holes in the bottom and the laptop can't suck in air for cooling. Make sure that your laptop sits on a hard surface such as a table or computer mat and that there is space between the bottom of the computer and the surface so that air can travel under the computer. If you must use your laptop in bed, prop it on a big hardcover book or a lapdesk.
Consider a Cooling Pad
Avoid overheating at all times. The lower the temperature of your laptop, the longer it will live. All of the repair shops we spoke with reiterated the importance of keeping the laptop's temperature low and agreed that overheating was a huge cause of laptop failure. Even <a href="http://www.amazon.com/gp/search/ref=sr_nr_scat_2243862011_ln?rh=n%3A2243862011%2Ck%3Alaptop+cooling&keywords=laptop+cooling&ie=UTF8&qid=1316580080&scn=2243862011&h=c0e469de81e81fe1a07328301960ae52fc27e8fc" target="_hplink">a cheap $20 laptop cooling pad</a> can help extend the life of your device.
Get CCleaner, Use CCleaner
Download CCleaner for Mac and PC. Every second you spend on your computer doing even simple things, the computer is working hard. That means it can get clogged with temporary files, history, cookies, etc. You can clean the computer and the registry with this very useful tool. CCleaner is free and incredibly easy to use, and <a href="http://www.piriform.com/CCLEANER" target="_hplink">you can download it here</a>. We've heard suggestions to use it as often as every day, but you should be fine with every week or two.
Don't Drink And Surf
No liquids near your laptop! It's that simple. Don't drink by your computer, don't eat by your computer, don't keep your goldfish bowl by your computer. Even if you've never spilled anything before in your life, it's just a matter of time, and the spill could seriously fry your electronics.
Clean Your Screen Correctly
When dust dirties your screen, don't grab for chemical cleaners like Windex. The chemicals in those cleaning solutions can destroy the thin protective layer on your screen and damage the display over time. Instead, take two tissues, one with a touch of H2O and one dry. Wipe your screen with the wet one and then the dry one, to clean completely and soak up any water drops on the screen. Even better, <a href="http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&field-keywords=lcd+display+cleaners&x=0&y=0" target="_hplink">use only approved LCD cleaners</a> to keep your screen shiny, new and scratch-free.
Manage Your Battery Life
Drain the laptop's battery all the way occasionally. Most manufacturers recommend using the computer until the battery is drained completely at least once a month. Don't keep the laptop charged all the time, as this can reduce battery life in the long run.
Get Anti-Virus Software
There are millions of viruses, malware, spyware and other really nasty bugs designed solely to harm your system. Fortunately, there are plenty of free anti-virus programs recommended by our New York-area repair shops, including: - <a href="http://www.microsoft.com/en-us/security_essentials/default.aspx" target="_hplink">Microsoft Essentials</a>. ("It's light, free, updated on a regular basis and just works," according to one of our repairmen.) - <a href="http://www.malwarebytes.org/" target="_hplink">Malwarebytes</a>, a program for all the malware that's flying around. - <a href="http://www.safer-networking.org/index2.html" target="_hplink">Spybot</a>, for spyware protection. - <a href="http://www.avast.com/en-us/index" target="_hplink">Avast</a>. - <a href="http://free.avg.com/us-en/homepage" target="_hplink">AVG Free</a>. Even <a href="http://www.reedcorner.net/guides/macvirus/malware_catalog.php" target="_hplink">if your laptop is a Mac</a>, you should have one of these anti-virus programs.
Download Those Windows Updates
Get those Windows Updates! Once a week Microsoft releases updates to its operating system, and often those fixes are critical to your security. In Windows 7, simply click on "Start," type in "Windows Update" and click on the first result to be taken to the Windows Updater. Mac users should also update regularly, <a href="http://www.huffingtonpost.com/2011/09/20/mac-os-x-lion-password_n_971469.html" target="_hplink">especially in light of the recent bugs in Lion OS X</a>.