Comments on: Ten Myths of Leopard: 5 “Back To My Mac” Security Panic!

By: Using Back to My Mac… to Catch a Thief! — RoughlyDrafted Magazine

Using Back to My Mac… to Catch a Thief! — RoughlyDrafted Magazine — Tue, 15 Apr 2008 21:23:25 +0000

[...] Ten Myths of Leopard: 5 “Back To My Mac” Security Panic! A Global Upgrade for Bonjour: AirPort, iPhone, Leopard, .Mac Thief Identity Within a couple days, the owners were able to assemble a full profile of information on the stolen laptop user as he signed into a hookup sites, read his Gmail messages, and shopped on eBay for… a police scanner. They discovered his birth date, mother’s maiden name, email address, Comcast IP address, and were able to use Photo Booth to take a snapshot that was clear enough to read the lettering of his tattoos. [...]

By: Ten Big Predictions for Apple in 2008 — RoughlyDrafted Magazine

Ten Big Predictions for Apple in 2008 — RoughlyDrafted Magazine — Sat, 29 Dec 2007 18:44:13 +0000

[...] Ten Myths of Leopard: 5 ”Back To My Mac“ Security Panic! Why Leopard’s Time Machine Doesn’t Support AirPort Disks [...]

By: Ten Myths of Leopard: 9 Apple is Spying on Users! — RoughlyDrafted Magazine

Fri, 09 Nov 2007 05:27:28 +0000

[...] Ten Myths of Leopard: 3 Nothing New for Developers! Ten Myths of Leopard: 4 Java 6 Abandonment! Ten Myths of Leopard: 5 “Back To My Mac” Security Panic! Ten Myths of Leopard: 6 Time Machine Eats Hard Drives! Ten Myths of Leopard: 7 Premature Death for [...]

By: maakuRD

maakuRD — Tue, 06 Nov 2007 13:10:39 +0000

I’m afraid I think you’re too charitable. It’s far from the end of the world, but it’s still a mistake. Your two or more computers and .Mac have independent passwords for a reason, and the Back to My Mac service shouldn’t create a single point of failure without warning. By default it should be like the logmein.com service, where after having entered one password to access the service, you need to the login password of the machine you’re connecting to. If you then choose to create a single point of failure by storing that password in your Keychain (logmein.com salts the name of the website representing your computer to make this ineffective but a rework of .Mac could make it an option) then that’s your business.

By: gus2000

gus2000 — Tue, 06 Nov 2007 02:53:24 +0000

Purity of Essence! We must protect our precious bodily fluids!*

Gus

* From “Dr. Strangelove”, which popped into my head when Daniel mentioned the army base scenario. I’m also reminded of it by the so-called security experts on OSX, who seem to be screaming about flouridation and the communists.

By: Gmanji

Gmanji — Mon, 05 Nov 2007 18:31:17 +0000

This would be a great feature if it actually worked. I have 4 macs on one local network it works with, but 2 others that I set up that are at different locations over the internet seem to consistently drop off my Shared list after a day or so. Is this because Apple is still working out bugs with wide area bonjour in .mac itself?

By: John Muir

John Muir — Mon, 05 Nov 2007 12:34:49 +0000

Hands up any pundits whose authentication details are…

Username: Administrator
Password: [blank]

Now file out of the door at the back.

By: patrick

patrick — Mon, 05 Nov 2007 12:24:56 +0000

From the quote, it sounds like Mead was just making the point that anyone who may have previously given out their .Mac password to someone to share (relatively) benign data, such as email, address book information and calendaring would have to take away that password if they wanted to use the Back to My Mac feature. I’m just saying; I didn’t read the original review. I think the whole thing is neat, but it might be nice if you had the option of having a secondary level of security there. In Tiger, if someone found my .Mac password, it wouldn’t be that big a deal; now it seems like something I might think twice about entering in a public browser to check my email.