This author has been termed  "one of the most incisive wits of our generation, Easily comparable to Pynchon, or, from an earlier generation, P. G. Wodehouse, she not only nails the human condition -- our flaws, our brilliance, our desperation and our hopes -- but, weirdly, gets the science just right, and presents a plausible solution to the breakthrough of cold fusion that would utterly transform the world as we know it."

 

Her humor in the sample and her journalistic writing credentials make this book worth a try for fans of many genres.

Please, do NOT daisy chain your GR and Amazon accounts!!

From here: How Apple and Amazon Security Flaws Led to My Epic Hacking

Note: The follow is a selection of snippets from an article.  This is not my personal experience.
____________

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz.


SNIP


But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

This isn’t just my problem. Since Friday, Aug. 3, when hackers broke into my accounts, I’ve heard from other users who were compromised in the same way, at least one of whom was targeted by the same group.

SNIP

After coming across my account, the hackers did some background research. My Twitter account linked to my personal website, where they found my Gmail address. Guessing that this was also the e-mail address I used for Twitter, Phobia went to Google’s account recovery page. He didn’t even have to actually attempt a recovery. This was just a recon mission.

Because I didn’t have Google’s two-factor authentication turned on, when Phobia entered my Gmail address, he could view the alternate e-mail I had set up for account recovery. Google partially obscures that information, starring out many characters, but there were enough characters available, m••••n@me.com. Jackpot.

This was how the hack progressed. If I had some other account aside from an Apple e-mail address, or had used two-factor authentication for Gmail, everything would have stopped here. But using that Apple-run me.com e-mail account as a backup meant told the hacker I had an AppleID account, which meant I was vulnerable to being hacked.

SNIP

Getting a credit card number is tricker, but it also relies on taking advantage of a company’s back-end systems. Phobia says that a partner performed this part of the hack, but described the technique to us, which we were able to verify via our own tech support phone calls. It’s remarkably easy — so easy that Wired was able to duplicate the exploit twice in minutes.

First you call Amazon and tell them you are the account holder, and want to add a credit card number to the account. All you need is the name on the account, an associated e-mail address, and the billing address. Amazon then allows you to input a new credit card. (Wired used a bogus credit card number from a website that generates fake card numbers that conform with the industry’s published self-check algorithm.) Then you hang up.

Next you call back, and tell Amazon that you’ve lost access to your account. Upon providing a name, billing address, and the new credit card number you gave the company on the prior call, Amazon will allow you to add a new e-mail address to the account. From here, you go to the Amazon website, and send a password reset to the new e-mail account. This allows you to see all the credit cards on file for the account — not the complete numbers, just the last four digits. But, as we know, Apple only needs those last four digits. We asked Amazon to comment on its security policy, but didn’t have anything to share by press time.

The future is here! Flying robots will, any second now, be delivering your Christmas books, DVDs and gadgets to your door within 30 minutes of you ordering them, thanks to a new initiative announced by Amazon on CBS News' 60 Minutes on Sunday.

It's a brave new world, a whole new paradigm. Or so you'd think if you read most of the breathless coverage about the announcement, which will only get worse: expect a torrent of turgid think-pieces in the next 48 hours about who's going to get "disrupted" as a result of this latest shake-up – and what it means for the US's already beleaguered postal service.

[SNIP]

Bezos' neat trick has knocked several real stories about Amazon out of the way. Last week's Panorama investigation into Amazon's working and hiring practices, suggesting that the site's employees had an increased risk of mental illness, is the latest in a long line of pieces about the company's working conditions – zero-hour contracts, short breaks, and employees' every move tracked by internal systems. Amazon's drone debacle also moved discussion of its tax bill – another long-running controversy, sparked by the Guardian's revelation last year that the company had UK sales of £7bn but paid no UK corporation tax – to the margins. The technology giants – Amazon, Google, Microsoft et al – have have huge direct reach to audiences and customers, the money to hire swarms of PR and communications staff, and a technology press overwhelmingly happy to incredulously print almost every word, rather than to engage in the much harder task of actually holding them to account.