Wired writer Mat Honan's story over the weekend was a very real and unfortunate reminder of how we all could stand to be a little more careful when it comes to digital security.
In case you (somehow) miss the story, Honan's iCloud account was "hacked" by a couple of 19-year-old knuckleheads who only liked his Twitter account and wanted to hijack it for a little while. They used access to his iCloud account to remote wipe his iPhone, iPad and MacBook, gain access to his Gmail, change the password, delete it, access his Twitter account and, well, you get the picture. In a matter of just a few minutes, they wreaked some serious havoc.
Not too much damage was done, though. By now, Honan has regained access to most of his accounts and is on his way back to restoring his digital life back to normal. But there were some ruins left in the wake of the weekend hackers, Honan's personal files that were only stored locally were wiped with his MacBook, including a year's worth of pictures of his daughter. Honan said:
"Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location."
Honan's story may not seem all that relevant or interesting, but it is. It shows that hackers can and will exploit any bit of information they can, no matter how small. This tale reminds us that it's often the basic information we likely find harmless that can do the most damage. Honan explained yesterday morning that the hackers who gained access to his iCloud account used "some clever social engineering" to bypass answering his security questions and used "only two pieces of information that anyone with an internet connection and a phone can discover" to have Apple tech support create a temporary password.
Interesting but how is that relevant?
Honan had his iPhone backup to iCloud every night and assumed this would be a great way to recover any information if the software somehow failed or the iPhone came up missing. A simple restore from an iCloud backup would have him back up and running in no time, no matter the issue. No one expects to get hacked, and it's impossible to predict what kind of destruction a hacker will cause if they commandeer just one of your accounts. In this case, the repercussions were fairly substantial. It's easy to shrug off a temporarily lost Gmail or Twitter account. It's not that bad to have to manually restore your iPad from scratch. But the pictures (of his baby daughter, no less) and the dozens, maybe even hundreds of documents, that were lost during the teens' rampage are hard to write off.
This story reveals one major and very important takeaway. The cloud, while very convenient, can disappear in the blink of an eye, along with all of your data. Whether your account is hacked or a service goes down, there are fatal flaws with trusting the cloud with your backups and other important information. But it also serves as a reminder that frequent backups are always a good idea, but in the same respect, one backup is never enough.
As I've explained a couple times now, we all are growing more and more comfortable with our smartphones. We are now more prone to storing private, important and sensitive information on our mobile devices, and with local storage space growing scarce, we often turn to the cloud to free up memory. That's fine, so long as it isn't your life line.
I cannot begin to count the number of times I have lost everything I had stored on a device due to a software glitch or some other unforeseen circumstance. I had countless JVM errors back in my BlackBerry days and quickly learned that frequent local backups on my computer was essential to maintaining my sanity. And while running the iOS 5 beta on my iPhone last year, I learned the hard way that Apple doesn't take too kindly to developers who don't stay current on beta releases. I was a few beta releases behind when, out of nowhere, my phone decided to wipe itself while I was taking a picture. I lost everything: thousands of pictures that weren't backed up, all of my application data, important PDFs and other documents. Gone. Forever.
So, as you would imagine, I have learned that backups are essential … for every device. I lapse some times and I don't always back up as often as I should – and I usually end up paying for that at some point or another. But I have, through different ways than Honan, learned the importance of backups and how not to rely on the cloud.
The question I have for you guys and gals is: how do you backup your devices? What steps exactly do you go through? Are there any particular methods you prefer over another?
Personally, I backup a few different ways. Every picture I take with a smartphone is automatically backed up to Dropbox as soon as it connects to a Wi-Fi network. I then copy and paste those Dropbox backups to a 500GB external HDD. Applications for iOS simply aren't backed up. But for Android, I use Astro File Manager to manually backup the APKs of each file, zip them and send to Dropbox. Again, once the file finishes uploading, I move it to a local directory on my computer.
I've tried Titanium Backup several times, once out of curiosity and a handful of other times on the recommendation of commenters and forum users. Every time, Titanium has completely screwed me over and forced me to setup my device without a backup, so I've learned to steer clear.
Beyond that, if my device is rooted with a custom recovery, such as ClockworkMod, I create Nandroid backups from time to time so I can have a backup image just in case anything goes haywire. Simply boot to recovery, wipe the device and restore the backup image and everything, down to the very last setting, is exactly as it was when the backup was performed. For the iPhone and iPad, I have learned to create local backups. And I've dabbled with iCloud backups every so often, but I hate the lack of interface for maintaining said backups, so I stick to local.
I don't do anything fancy. I just like to make sure my files and information is safe if anything were to come up. I could probably stand to beef up my security a bit, like implementing a two-step verification for Google Accounts. But for now, LastPass will do.
Tell me, readers. How do you backup your devices? Do you rely on the cloud? Or do you use it as a secondary backup solution? What would you do if, out of nowhere, everything was gone like what happened to Honan?