Matt Honan was thoroughly hacked, including having his iCloud link computers obliterated , because our net security infrastructure is completely broken.
Here's just one bit of the hack ...
... It turns out, a billing address and the last four digits of a credit card number are the only two pieces of information anyone needs to get into your iCloud account. Once supplied, Apple will issue a temporary password, and that password grants access to iCloud...
... First you call Amazon and tell them you are the account holder, and want to add a credit card number to the account. All you need is the name on the account, an associated e-mail address, and the billing address. Amazon then allows you to input a new credit card. (Wired used a bogus credit card number from a website that generates fake card numbers  that conform with the industry’s published self-check algorithm.) Then you hang up.
Next you call back, and tell Amazon that you’ve lost access to your account. Upon providing a name, billing address, and the new credit card number you gave the company on the prior call, Amazon will allow you to add a new e-mail address to the account. From here, you go to the Amazon website, and send a password reset to the new e-mail account. This allows you to see all the credit cards on file for the account — not the complete numbers, just the last four digits. But, as we know, Apple only needs those last four digits. We asked Amazon to comment on its security policy, but didn’t have anything to share by press time....
That sound you hear is the hollow laughter of Bruce Schneier, who used to write about the madness of 'secret questions' before the sheer stupidity of it all wore him down.
It's all broke guys.
Once upon a time civilians  used the same password everywhere. Smart civilians made it a bit harder to guess, like "Joseph45206". They knew their passwords.
They were hacked of course. So companies began insisting on more robust passwords. Civilians stopped remembering their passwords. So they took to requesting password resets whenever their browsers forgot a password. Except email addresses fade away, so resets often failed. Then sites started asking 'secret questions' to do resets, but nobody remembers the answer they gave to their #$! secret question . So now Apple support basically hands over credentials to nice sounding voices.
This system can't be fixed.
Phone based two-factor might help, but I've been using Google's two-factor since day 1 and it's still a royal pain in the ass. It's strictly for geeks. Not to mention what happens when you lose your phone.
We need to give Schneier a few drinks and get him to talk about this again. Failing that:
- Backup for Darwin's sake.
- Don't enable remote wipe of Mac OS X hardware. Just encrypt it.
- Use Google two-factor (two-step verification) if you are a geek and can stomach it.
- Fear the Cloud. Keep the data you value most close to you.
- Don't use iCloud.
- Don't trust Apple to get anything right that involves the Internet and/or Identity. 
- Get rid of the secret security question.
- Strictly limit password resets. If someone lost last access, charge them $50 to go to bank, post office or notary to establish their identity.
- Incorporate biometrics (thumb print and speech probably).
 Of course he didn't have backups. Don't beat him up about that, he's busy flogging himself.
 As opposed to geeks with 15 yo FileMaker password databases stored on encrypted disk images.
 Unless they've added a $!%!%$! secret question field to the #$!#$ FileMaker encrypted disk image database and the answer to the secret question is something like: "4hgoghi4ohh4tt".
 Apple needs to pay their executives less and their geeks more.