Gizmodo Editor got iHacked
Mass
Brisbane, Queensland
1227 posts
crazymorton
Brisbane, Queensland
3274 posts
Be interesting to see the how in his next story on Wired
|
copuis
Brisbane, Queensland
3082 posts
yup, apple fanboi, read and take note, not as secure as some people think (or lead others to think)
|
ravn0s
Brisbane, Queensland
15674 posts
is it really called hacking when some dude just calls up apple support and persuades them to give him access?
|
eXemplar
Brisbane, Queensland
2783 posts
Does apple not have some sort of second factor authentication? that's pretty shoddy
|
skythra
Brisbane, Queensland
5933 posts
is it really called hacking when some dude just calls up apple support and persuades them to give him access? Social engineering was the original hack, and still is one of the most common points of failure in security systems anywhere. What the real failure was a unified login system that allowed access to almost everything. I'm surprised they didn't ring up itunes to about 1 billion dollars while they were at it.
|
HeardY
Gaelic newb
Sydney, New South Wales
20770 posts
simul
Brisbane, Queensland
1372 posts
Companies really really need to be better with protecting against social engineering, especially after news of the world issues.
yup, apple fanboi, read and take note, not as secure as some people think (or lead others to think)
Do you actually understand what happened? |
simul
Brisbane, Queensland
1373 posts
Does apple not have some sort of second factor authentication? that's pretty shoddy
I don't think I've ever seen two factor used with over the phone support? But no, Apple doesn't have it, and should on their services. That being said, I avoid two factor because of the chances of getting locked out for good.
|
skythra
Brisbane, Queensland
5934 posts
Do you actually understand what happened? Yes, ignore the social engineered part; A person got access to his password, reset it to whatever he wanted and because a shitload of things were linked together THANKS TO iTUNES and the unified login system, they were able to remotely wipe every device and access the associated apple email address. So yes, this is an apple fuckup; although soon with windows 8 it's to be a windows fuckup considering they're asking for a unified windows live login for your phone+computer+email etc. Tell me how this would have happend today to this same extreme to ANY OTHER COMPUTER and then tell me if YOU understand. This could have happened identically the same if it was a stalker who got his password, a angry ex-girlfriend who had some privileged information (perhaps she knew his username, dob, address, mothers maiden name etc) or even just some bruteforce hacker.
|
Jayman
Brisbane, Queensland
730 posts
Yes, ignore the social engineered part;A person got access to his password, reset it to whatever he wanted and because a shitload of things were linked together THANKS TO iTUNES and the unified login system, they were able to remotely wipe every device and access the associated apple email address.So yes, this is an apple fuckup; although soon with windows 8 it's to be a windows fuckup considering they're asking for a unified windows live login for your phone+computer+email etc.Tell me how this would have happend today to this same extreme to ANY OTHER COMPUTER and then tell me if YOU understand.This could have happened identically the same if it was a stalker who got his password, a angry ex-girlfriend who had some privileged information (perhaps she knew his username, dob, address, mothers maiden name etc) or even just some bruteforce hacker. Well it is actually a FEATURE to be able to remotely wipe the devices. You don't HAVE to have that enabled if you don't want to. It's there if someone steals your crap. He must have turned it on (on each device). If you enable the feature then you should have a backup system in place so you can afford to lose everything. He'd be in the same boat if it was stolen.
|
Spook
Brisbane, Queensland
34099 posts
signing in to say how much i enjoyed the article in the op.
|
simul
Brisbane, Queensland
1374 posts
A person got access to his password, reset it to whatever he wanted and because a shitload of things were linked together THANKS TO iTUNES and the unified login system, they were able to remotely wipe every device and access the associated apple email address.
Device wiping is opt-in, you have to explicitly enable it. No different to any other consumer+enterprise device.
So yes, this is an apple fuckup; although soon with windows 8 it's to be a windows fuckup considering they're asking for a unified windows live login for your phone+computer+email etc.
Its a downside of cloud computing, nothing more. If you want to be 100% secure, don't put your computer on a network, then lock it in a safe. Its not that there are specific flaws in the technology, rather its the nature of the technology. 2factor has its own issues, and isn't impossible to hack, it just puts the security risk somewhere else.
Tell me how this would have happend today to this same extreme to ANY OTHER COMPUTER and then tell me if YOU understand.
http://www.net-security.org/secworld.php?id=8289 - Blackberries
http://www.computerweekly.com/news/1280091938/Social-engineering-was-key-to-Google-hack - Google (inc Android/ChromeOS)
http://en.wikipedia.org/wiki/News_International_phone_hacking_scandal - Voicemail
http://news.softpedia.com/news/Twitter-Admin-Account-Hacked-via-Social-Engineering-110694.shtml - Twitter servers
http://www.net-security.org/secworld.php?id=12516 - Banking servers
As for Microsoft, I see it all the time, but its always local exchange/sharepoint/AD, rather than an internet service, so its handled internally.
|
redhat
Sydney, New South Wales
815 posts
What's wrong with two factor Auth..?
The only thing I can think of is attacker has a compromised computer that you have at least entered the 2 factor code on at least twice.
Google kind of gets around this by only requiring 2 factor once every 60 days on trusted computers. Hopefully that's enough time for patch or virus scan.
|
trog
AGN Admin
Brisbane, Queensland
36410 posts
Device wiping is opt-in, you have to explicitly enable it. No different to any other consumer+enterprise device. Genuine question; what's to stop someone compromising your account and then opting into it on your behalf?
|
You missed the point simul, it wasn't that other companies and organisations weren't as vulnerable to social engineering or other hacks, it was that they weren't as unified/integrated and therefore having one password/account hacked could not result in the loss of absolutely everything on a smartphone, a tablet and a computer.
|
Raven
Melbourne, Victoria
7265 posts
Highlight of this article sounds to be that iCloud sucks more than anything else.
Shouldn't the term for this situation, given that they took over all his iDevices, be that he was iJacked, not iHacked?
|
StopShootingMe
Brisbane, Queensland
3573 posts
You missed the point simul, it wasn't that other companies and organisations weren't as vulnerable to social engineering or other hacks, it was that they weren't as unified/integrated and therefore having one password/account hacked could not result in the loss of absolutely everything on a smartphone, a tablet and a computer.
I don't know about you guys, but if someone were to get access to my Google account they could do some serious harm. Google credentials are all that was required to set up my phone, and would also apply to an Android tablet if I had one, it also gets Gmail, Picasa, Youtube, my contacts, Google Docs and some other features. The remote wipe wouldn't have been an issue, and I use Dropbox for storage, but still.
This is something that could happen to a user of Google products. Use 2-step authentication, I guess.
|
thermite
Brisbane, Queensland
9981 posts
iJacked is what happened when I found your mums pics on adult friend finder
|
Eorl
Brisbane, Queensland
7256 posts
I don't know about you guys, but if someone were to get access to my Google account they could do some serious harm. Google credentials are all that was required to set up my phone, and would also apply to an Android tablet if I had one, it also gets Gmail, Picasa, Youtube, my contacts, Google Docs and some other features. The remote wipe wouldn't have been an issue, and I use Dropbox for storage, but still.
This is something that could happen to a user of Google products. Use 2-step authentication, I guess. I don't believe you can gain immediate access to your computer, your Android smartphone and your Android tablet if you gain access to someone's Google account. My tablet and my old phone only had permission links, that was it. There was no remote access enabled and I don't think there ever has been, so I'm not sure where you are going with the idea that Android users can get hacked as badly.
|
Dan
Special Text
Brisbane, Queensland
13497 posts
Genuine question; what's to stop someone compromising your account and then opting into it on your behalf? .Has to be opted into directly on the device being configured for it. Jayman's comment about it being the same end result if it had have been stolen are spot on. Though it's not as feasible that a thief is going to steal all three devices (phone, tablet and laptop) all at once, and you'd be more likely to have time to change some of your passwords before they were able to get as far, but the data is still all gone. So it's a fair point to say that having that remote wipe functionality enabled without some manner of backup system external to your idevices is only about preventing a thief from getting your data, and not about preserving it for yourself.
|
simul
Brisbane, Queensland
1375 posts
You missed the point simul, it wasn't that other companies and organisations weren't as vulnerable to social engineering or other hacks, it was that they weren't as unified/integrated and therefore having one password/account hacked could not result in the loss of absolutely everything on a smartphone, a tablet and a computer.
I don't believe you can gain immediate access to your computer, your Android smartphone and your Android tablet if you gain access to someone's Google account.
Google - Android/ChromeOS - http://support.google.com/a/bin/answer.py?hl=en&answer=173390
Exactly the same as iCould, opt-in.
But apart from that (because nobody uses ChromeOS) - no, there is no other way that it could happen to this extreme. But that is *only* because there is only 1 other platform out there with the same company controlling all 3 devices, and thats Microsoft, who won't have an integrated solution for another month or two. My actual argument against this however, is that its just the nature of cloud computing and centralised identification servers, nothing more. BB and MS currently have this issue within organisations, its just not global, yet.
What's wrong with two factor Auth..?
Theres nothing wrong with it, and theres no doubt its more secure. But it makes it a lot easier to get locked out of your own account (lost phone, lost RSA), and if someone is targeting you, its always possible to get around. It just has its own associated risks.
Genuine question; what's to stop someone compromising your account and then opting into it on your behalf?
Its an on-device preference, and its hidden pretty deep in menus.
PS. To contextualise, while being an avid Mac/iOS user, I think iCloud is a pile of crap, and that Apple can't do cloud services for shit. That being said, there is nothing at fault here on the technology front, it was a human issue at its core that is the same flaw as in many other systems.
|
copuis
Brisbane, Queensland
3083 posts
one of the big things about these hacks, and others like them. they have been mostly social engineering hacks
so there are few things you can do,
you can lie about your DOB, mother maiden name etc,
you could forgoconvenience, get a blackberry phone, use an Ipad on the go, and a microsoft based PC, and not share the same passwords etc
or keep everything local, avoid cloud based servers and services,
tbh I fear the day that steam enables you to sell games, as that would give it value in being stolen (more than it currently is)
|
fpot
Gold Coast, Queensland
21231 posts
Sounds like a case for Danny Witwer to fix.
|
skythra
Brisbane, Queensland
5938 posts
Well it is actually a FEATURE to be able to remotely wipe the devices. A safety feature. Not having is supposed to be LESS secure than having it. -- no, there is no other way that it could happen to this extreme. I told you so, but you still decided to post links of isolated failures having nothing to do with giant integrated shared UID's. -- Google - Android/ChromeOS - http://support.google.com/a/bin/answer.py?hl=en&answer=173390 Did you read the first line? Editions supported: Google Apps for Business, Education, and Government.
Remote Wipe a Mobile Device
If your user has Google Sync configured on a supported mobile device or an Android device with the Google Apps Device Policy app installed, you can use the Google Apps control panel to remotely wipe the device. No you didn't. You're worse than news.com.au with your hyperbole. -- Also thanks to it being a more open platform, even if they did wipe my device, i could restore it (after changing my password) in seconds. Because my backups aren't tied to the exact same failpoint as everything else. My backups are on my computer, unlinked. They're on my SD card, which is unlinked. They're on my external HDD which is unlinked! Edit: Sorry just wanted to point out when i say "They're on my..." i'm talking about both PC and android backups. So microsoft google and linux are all fine.. but apple devices all have one failpoint.
|
Triamks
Brisbane, Queensland
3518 posts
Jayman
Brisbane, Queensland
731 posts
Also thanks to it being a more open platform, even if they did wipe my device, i could restore it (after changing my password) in seconds. Because my backups aren't tied to the exact same failpoint as everything else. My backups are on my computer, unlinked. They're on my SD card, which is unlinked. They're on my external HDD which is unlinked!Edit: Sorry just wanted to point out when i say "They're on my..." i'm talking about both PC and android backups. So microsoft google and linux are all fine.. but apple devices all have one failpoint. I don't get what you mean. Again, you don't HAVE to backup you're iPad / iPhone to iCloud. You could store backup files on an external drive if you wanted to. You'd back up your mac more or less like a PC to an external drive. Nothing needs to be linked backup wise. I have no idea what you're talking about with all this "Linking" with regards to backups. I don't at all understand how Microsoft / Google and Linix are all fine when Apple devices are not. Were the feature not enabled to remotely wipe his devices, how would it be any different at all? If he had his backups sorted he could have been up in running in no time as well.
|
simul
Brisbane, Queensland
1376 posts
Did you read the first line?
Damn straight I did, whats your point. Its the same fucking feature. I use GApps for business, as will Gizmodo/Gawker.
Also thanks to it being a more open platform, even if they did wipe my device, i could restore it (after changing my password) in seconds.
Unless they changed your password and personal details, like they did with his iCloud account...
Because my backups aren't tied to the exact same failpoint as everything else.
Do you actually understand what iCloud is? iCloud is behind-the-scenes sync, it has nothing to do with backup (apart from an opt-in ability to backup iOS devices wirelessly to iCloud). If you are only using iCloud, you are NOT backing up. You have the choice, at any time, to backup your data outside of iCloud via a straight file export, or automatically to iTunes (which last time I checked is opt-out).
To quote support docs:
http://support.apple.com/kb/HT4910
It's always a good idea to create a backup of your data to keep in a safe place. If you accidentally delete an important contact, email, or document, you can retrieve it from your backup.
Specifically on iOS devices (macs do not have iCloud backup):
In addition to backing up via iCloud Backup, you should also consider backing up via iTunes as advised in Optimizing your iOS backup experience (Should I use iTunes or iCloud to back up my iOS device?).
Summary:
iCloud == Sync
iCloud != Backup
|
copuis
Brisbane, Queensland
3084 posts
i found hard drives are good for back ups,
even better is if all your pron in on a hard drive, and you go over quota, or the internet is out for some reason, you can fab away till it works again
if it is all backed up in the cloud, you could lose access to it, or worse still, someone else my access it, then all your tab will stick together
|
skythra
Brisbane, Queensland
5940 posts
I don't get what you mean. Again, you don't HAVE to backup you're iPad / iPhone to iCloud. You could store backup files on an external drive if you wanted to. My backup like this on my iOS device comes out like garbage. MP3's which have hash file names, and no id tags in them? how's that a backup? Their proprietary format ruins any value a backup has. whats your point. Although the sentence is phrased as a question, the full stop idicates that you're unwilling to listen to an answer. 1) Your work shit is property of work. If they wipe it, then that's your job to deal with it. 2) If your work shit is lost, then that's better than it being stolen. It wasn't yours. This reporter lost his own things, from his personally owned devices. Nothing to do with management of his work. You're comparing apples to oranges and yelling "IT'S ALL FRUIT" back at the mirror when you justify yourself. To quote their support docs's Really you link that and you again don't read what you're sourcing as justification of your argument. It's always a good idea to create a backup of your data to keep in a safe place. If you accidentally delete an important contact, email, or document, you can retrieve it from your backup. The instructions below explain how to back up data for each of your applications. If you back up your application data to your computer, make sure you back up your computer to a storage device or service. Then, if your computer is damaged or lost, you can restore all of your data to your new computer.
In addition, it's a good idea to back up your iOS devices regularly. If you replace or upgrade your iPhone or iPad, you can restore all of your data quickly and easily from your backup to your new iOS device.
Backing up iOS devices
It is recommended that you enable iCloud Backup for your iOS device Seriously you're playing this card? Summary:
iCloud == Sync
iCloud != Backup ?|?|?|?|?|?|? WHAAT You just tripped over your own link there a little right? Edit: Sorry just wanted to drop this little tiny bombshell On Monday, Wired tried to verify the hackers’ access technique by performing it on a different account. We were successful.
|
Jayman
Brisbane, Queensland
732 posts
My backup like this on my iOS device comes out like garbage. MP3's which have hash file names, and no id tags in them? how's that a backup? You still use iTunes for the backup. If you want to keep the backup folder on and external HDD you can do that, or have it synced with dropbox etc. Their proprietary format ruins any value a backup has No... you just have to use iTunes for backups and restores. Really you link that and you again don't read what you're sourcing as justification of your argument. Wow. Did you even read what he said. Yes iCloud will backup iOS settings and it's recommended you turn the feature on. But don't treat it as your backup. Still backup with iTunes. iCloud backups were really introduced so you could use an iDevice as a stand alone device. Edit: Sorry just wanted to drop this little tiny bombshell:
On Monday, Wired tried to verify the hackers’ access technique by performing it on a different account. We were successful.
No ones saying something doesn't need to be changed at Apple and Amazon both for letting these things happen. We're saying It would have been easy as crap to restore everything in no time JUST THE SAME AS A PC had he had backups in place. He didn't. He was an idiot. Your spiel about Because my backups aren't tied to the exact same failpoint as everything else. My backups are on my computer, unlinked etc. was rubbish.
|
simul
Brisbane, Queensland
1377 posts
I can't see any mention of ChromeOS on that support page or through any googling, are you sure Chrome OS actually has a remote wipe feature built in?
ChromeOS is fully based on your Google account credentials, almost everything is stored on the cloud based on it. You get locked out of your Google account, you have lost your stuff on ChromeOS. Again, not a flaw in the technology, a feature.
|
simul
Brisbane, Queensland
1378 posts
Basically what Jayman said.
?|?|?|?|?|?|? WHAAT You just tripped over your own link there a little right?
Not at all. iCloud is sync. iCloud has a feature called backup, 1 feature of 10 or so. This feature does not replace, nor should it, local backups. iCloud backup is primarily for people who want to use it as an independent computing device - at which point its not possible to do local backups anyway.
My backup like this on my iOS device comes out like garbage. MP3's which have hash file names, and no id tags in them? how's that a backup?
Its backup because its a copy of the data. Combined with a little magical button called restore, which, wait for it, restores your backup. Backup again, is not the same as data liberation.
This reporter lost his own things, from his personally owned devices. Nothing to do with management of his work. You're comparing apples to oranges and yelling "IT'S ALL FRUIT" back at the mirror when you justify yourself.
I'm not comparing the context, just that it is the same feature, with the same functionality. Functionality-wise, it is all fruit.
Although the sentence is phrased as a question, the full stop idicates that you're unwilling to listen to an answer.
I don't need an answer thank you, I am quite content with my current position. Your fundamental argument is a religious one, that is philosophically based on the belief that "Apple is shit". If only the words Apple and Google were switched in the article, your position would be the polar opposite, thus the religious analogy.
While its nice to have branding arguments once in a while, thinking that the companies actually hate each other is a completely furfy, mostly done for marketing and to rally up the fanboys. |
trog
AGN Admin
Brisbane, Queensland
36417 posts
That Wired article is really interesting and I strongly encourage everyone to read it: http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/ Its backup because its a copy of the data. Combined with a little magical button called restore, which, wait for it, restores your backup. Backup again, is not the same as data liberation. I completely agree with this. Windows XP's backup feature produces a multi-gigabyte file that would be gibberish if you tried to open it in notepad, but it is a backup image. It is very important to note that if you are using any backup tool that does not simply copy the file system, you are at the mercy of that tool in some way or another. I personally only do manual filesystem backups - it is much more boring and painful and time consuming, but I have higher levels of confidence about the backups and I know I can grab any file from them at any time to inspect and compare. (I am currently about halfway through writing a tool to verify these backups against each other to look for discrepancies so I can be more confident about data integrity - it already found silent data corruption on one of my backup drives so I know that it will be useful for my purposes.) |
skythra
Brisbane, Queensland
5941 posts
Its backup because its a copy of the data. You're confusing words. I don't want to backup data, i want to backup information. Data is useless without context. With context it's information. Your fundamental argument is a religious one, that is philosophically based on the belief that "Apple is shit". No, i don't like how apple centralizes things. That's the ONLY thing i don't like. They've got fantastic products and they're simple enough so I don't have to provide support. They're reliable and not prone to failure like plenty of other products, and most importantly, they're a status quo, so if you give it to a CEO he will fit right in with his CEO buddies. He won't expect more or less. It has nothing to do with religion. You're just trying to sidetrack the issue. I use android sure, but i recommend iphones. I even support macbooks, although 80% of my time with them is inside vmware fusion or bootcamp. This would be my default stance for anyone who heavily linked multiple systems with a single failurepoint with an easy way to gain access to them. I have twostep auth, but i also use 3 emails none of which are linked to each other, and have different phone recovery numbers, so someone who finds me on ausgamers can't use the same email to login to my ebay, or to my netbank. I have a host of passwords (although i don't change them enough, i'm in the process of updating them all to have characters like !@$#^ etc at the moment.) that i use that aren't shared between things so even if they get one password they can't get to other places which would share that email address because the password is different. I am mostly arguing sure, but that's because i don't agree with where your stance on the issue is. I understand that you're saying logical things that make sense especially in hindsight. But they're not the advice that apple is giving but you're portraying it like it is. That's why i'm arguing. Apple is about an end user, and they're aiming at the lowest common denominator. They're making products simple to appeal to a massive audience and they imply (although less these days) that they're safe. They put in place things which they call backup mechanisms and to an uneducated user (most of the clientbase) they look good. My complaint with apple is that these backups are for show. I have twostep auth on most of my games (blizzard/steam/etc). I have it on my email and netbanks. I expect that apple will go down this road, but they should have had it by now. It's not 2009 anymore. My argument is also that this can't happen to google because of two-step, and that even if they took my google shit, and wiped it, in your unlikely scenario (which doesn't apply to me or anyone i know), then i would have recovered in <20 minutes from all damage. My backups are platform independant and save my information, not data. The data is irrelevant. Changing the words around doesn't change my stance.
|
simul
Brisbane, Queensland
1379 posts
You're confusing words. I don't want to backup data, i want to backup information. Data is useless without context. With context it's information.
...
My backups are platform independant and save my information, not data. The data is irrelevant.
With regards to iTunes, iTunes Music Library.xml has all your context. All mobile me (iCloud) services have XML export/backup/restore features built in to their desktop front-ends. They aren't straight data files (.mp3's with tagged data), but all the data *and* "information" is there, and easily parseable.
That's why i'm arguing. Apple is about an end user, and they're aiming at the lowest common denominator. They're making products simple to appeal to a massive audience and they imply (although less these days) that they're safe. They put in place things which they call backup mechanisms and to an uneducated user (most of the clientbase) they look good. My complaint with apple is that these backups are for show.
The "iCloud Backup" - admittedly a bad name, is a) only for iOS devices, and b) 1 of many default backup options. The market they are trying to attract with the backup service, is for those users who do not have a computer to do local backup to, and only have iOS devices. Anytime a user plugs their device into a Mac (or Windows), iTunes will also offer to backup the device (at least last time I checked).
Don't get me wrong, as an agnostic developer (I mostly deal with cross-platform), iCloud is a steaming pile of shit - and an awfully opaque and complex implementation of sync. From a historical (.mac, back to my mac, mobile me), and a current point of view, Apple is completely useless at server-side, always has been, most likely always will be.
However, to reiterate, my argument is two-fold:
- The "hole" in this situation wasn't the technology, it was social engineering. The amazon social hack aspect of it is just as bad. But its people in the loop that it is the issue, not the technology itself. The technology did exactly what it was supposed to do. Two-step doesn't eliminate the problem, it only makes it more work for the hacker. In this situation, the victim didn't use two-step on his Google account anyway, and therefore you can assume they wouldn't use it (if Apple offered it) on iCloud either.
- From an tech architecture perspective, iCloud works no differently to Google Sync, Activesync, BBMediaSync. If someone hacks into my Google account, and deletes all my emails/contacts/calendar, IMAP/GSync will happily sync this to all my connected devices. Its just the nature of the cloud being the truth. Only local backups can truly avoid this - and local backups are as much/little effort on Apples platform as anywhere else.
|
Jayman
Brisbane, Queensland
733 posts
The biggest thing I personally got from that article is I also have the same prefix on all my email, and just like him, my main account is Gmail and my backup is an Apple .me address. Even though I have 2 factor turned on Gmail... time to change that! Also: http://www.theverge.com/2012/8/7/3226893/apple-icloud-password-freeze-24-hoursApple is reportedly instituting a 24-hour freeze on over-the-phone iCloud password changes following the well-publicized hack of Wired writer Mat Honan’s account. |
copuis
Brisbane, Queensland
3085 posts
just a thought here,
to me, a hack is something different, while I like the term "social engineering hack" I would think this is more fraud/thief of passwords rather than hacking.
had the guy found this dude's iPhone and then gained entry and all the passwords from there, then i would call that a hack, this is akin to credit card fraud, like someone stealing your mail, getting the details from bill, and sending a new card out to spend up big (all done through good ole mail box theft), no one would call that hacking
the word hack seems to be used to freely for any crime/unhappy happenings in the digital world, just my 2 cents
|
the word hack seems to be used to freely for any crime/unhappy happenings in the digital world, just my 2 cents yeh I agree, but it's fair enough here I think. the phrase social engineering hack sounds reasonable enough
|
This thread is archived and cannot be replied to.
|
PM
WWW