Don't blame the cloud, blame a lack of communication.

So by now you may have heard about Mat Honan, a technology writer that had his iCloud account hacked. The hackers eventually got into his Gmail account and deleted data from a host of iProducts, using Apple’s remote-wipe feature. You can find the story, written by the man himself at Wired.com.

Many opponents to cloud computing, those that in particular dislike the security of the cloud, may use this story as a scare tactic to keep people from using the cloud, keeping them in the dark ages of closed, in-house systems, but in reality this story has little to do with the cloud and more to do with poor security practices, which are the bane of every company, cloud or not.

Mat Honan’s personal hackers, and I do believe he was specifically targeted (any conspiracy theorists out there?), got into Honan’s account with the last four digits of his credit card. Amazon did little to protect this information, thinking it wasn't very useful data for hackers. Using that data as proof of their identity, the hackers convinced Apple to reset Honan's password. Talk about a false positive. In the words of Honan:

“The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.‪”

It’s hard to blame just one player in this story. Honan himself admits that he could have done more to protect himself. How was Amazon to know Apple used the last four digits of credit cards as identification, and how was Apple to know that Amazon displayed that information without hesitation. This was not an exploitation of an inherent weakness in the cloud; it was a lack of communication between companies, something that simple standards will completely rectify.

And you’ll be pleased to know that Amazon has since corrected this particular security flaw.