yes, I said there are multiple hacks, but if you actually see them, the mass quantity is w iPhones. I would say 88% would be my estimate.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple 'Actively Investigating' Possible Hacking of Celebrity iCloud Accounts
- Thread starter MacRumors
- Start date
- Sort by reaction score
yes, I said there are multiple hacks, but if you actually see them, the mass quantity is w iPhones. I would say 88% would be my estimate.
Sony has no recent leak or hack, it was hacked a few years ago now, and I was annoyed with them too, but as we learnt they were just the start of the hacking trend that has been going on. I blame some of these companies for not prosecuting the hackers enough, throw them in jail for 10 years and they'll change their minds.
If you are referring to the recent activities on PSN, that was due to a DDOS, not hacking, and the same group attacked Steam and Microsoft too at the same time, and they tweeted a bomb threat to the American Airlines jet a Sony exec was on, the plane was emergency diverted and landed..
Rather different to this story and no hacking, just a bunch of c**** and in my mind should be treated as terrorists with the bomb threat.
Well yes, different from all the oh-so-predictable iP6 part leaks. I am thankful I don't have compromising photos on my iCloud servers/accounts.
----------
Sure. Still doesn't mean it must be iCloud specific.
e.g., It may be because iPhone is popular with them. Even if the actual leak is with phishing, the hit rate is just higher. *shrug*
----------
Sales went back up (to like 90% before the hack) as soon as the PS network came back. ^_^
I wasn't talking about the recent DDOS attack
And the lolsec, including the leader, were prosecuted.
Last edited:
But it wasn't hacked. All they did was bring the service down with denial of service attacks, no information was stolen at all. It is a totally different scenario to this one.
But that's a damn impressive sales result, but as I said they brought it back online as nothing was hacked.
Stop editing your comment!! Well in that case I can't remember back to then. But I see your point about the sales increase...
I have to applaud your comment actually, good come back. How long did it take for the sales to reach that figure though? Was it the same day?
I highly doubt that it is iCloud's fault. I checked some of the photos and many are taken with Android or other phones which obviously don't use iCloud. But they could transfer them over to iCloud from their Mac or iPhone/iPad/iPod but I sort of doubt that.
They were hacked. Millions of account info were taken, though no credit card info.
Sony had to buy identity theft protection for all of us, and offered us freebies.
I can't help it ! I have to edit my own messages when I see typos or I can fill in more details.
You won't be able to change me with just one post.
Sales came back swiftly (within weeks).
As for this leak, all we know are photos from 100 celebs were leaked. They are not all iPhone photos. Apple say they are investigating, and they plugged a hole. Allegedly, some photos were older than iCloud. That's it.
Last edited:
Oh I remember all about that..... I got a free game or two. I mean I can't remember the news on the sales etc.
And sales returned in weeks, still impressive and an example of how the confidence was restored. Must be as I still use them.
It will be interesting to see how this pans out then over the next few day's. Although I think with security, people would be a lot more concerned about medical information then financial information? Talking about Apple and security.
Anyway all hackers are scum as far as I'm concerned, no one can hide on the internet, they can be found, but they don't seem to want to find them or once they do, they don't punish them enough IMO.
But to me it still reads as partly Apple's fault due to the simple way the hack was done. And they cannot put a lid on it easily.
Last edited:
Brute forces attacks over the network are very rarely done. Because they will show even if the account has no lockout. Why? Because you'd need tens of millions of tries to guess a decent password and I'm guessing that this sudden massive peak of people "losing" their phones, way above normal, would show up in the logs in minutes.
Hackers prefer stealth than a massive breach when they want information. So, they sometimes do it over the network on small subsets of top passwords if there is a no lockout bug on a service. System accounts have a lockout, so its the services that are most often vulnerable. In the case of targetting specific users, the top passwords attack can really be stealth (very few actual trials are needed).
PS: since most networks are not very secure from attacks on the inside, a hacker doesn't need to breach the highest security account to compromise the network. Only one in the right spot is needed. The fact that people reuse passwords for their secure logins in less secure sites is a major problem. The fact even people who know better can't help themselves running Malware is another issue.
But see the difference here is that these photos were swiped by way of an icloud backup (allegedly)
if this were true then these women arent being especially stupid, even a reasonable person would not know that their photos would somehow automatically, without them knowing, are being uploaded onto apples servers as soon as the phones get charged at night (by way of icloud backups).
Heck, i didnt pay attention to this until i got the notice that my icloud storage was full and played around to figure out that my camera roll back up was taking up all the space. I didnt explicitly opt for a camera roll back up. Its chosen automatically.
I didnt know this at the time and I frequent tech sites. Most people dont.
This is different to users knowingly activating photostream, or users knowingly pressing send to send an email with their nudes onto a gmail account.
No this is simply users taking pictures on their phone and then doing nothing to it afterwards. iCloud did the rest automatically.
Apple needs to fix this.
No, those are just included in iBrute. You have to expand it yourself.
This is a hole that until it was fixed by Apple today existed from the beginning.
Which means you could easily get into anybody's account AND to all other passwords stored in iCloud Keychain.
I personally would have thought locking someone out after 5 attempts or so would be almost a given.
With respect, missing a hole like that when you're a multi million dollar corporation means you have lax procedures and testing, or poor oversight. Apple will learn from this, I have no doubt. Allowing millions of guesses on someone's password isn't good. Imagine if the exploit had been used to wipe thousands of iDevices around the world. I feel bad for the celebrities, and maybe the iCloud hole wasn't the cause. But I still scratch my head that a hole like this was found, and am still curious as to how long it was out there before it was patched.
I think you guys are missing the most obvious “hack” of all, guessing security questions:
http://www.gq.com/news-politics/new...nude-photos-scarlett-johansson?printable=true
http://www.gq.com/news-politics/new...nude-photos-scarlett-johansson?printable=true
People being foolish doesn't justify the criminals acts that were committed here.
And surely you know the difference between this and porn. Better yet, let's take Celebrity X out of the equation and insert your mom or your sister or just any random female you care about. Would we still think their foolishness would justify this criminal invasion of privacy and ensuing humiliation?
I'm a suspicious that celebrities were taking nude photos and putting them on iCloud in the first place. By the way, I disabled unnecessary iCloud services a long time ago; it's just more stuff to worry about.
Exactly. 'Cos the Android fragmentation (which is so true) has 'never' had any security issues lol ie. flash!
The only reason why there's been no celeb Android breaches could be due to a lack of usage???
----------
Sure. No problem. I don't care if anyone else uses it - I just don't personally like the idea. I do think it's great for sharing with family or friends far enough away, but I just email choice ones instead.
It's easier than it seems. You don't remember 20 characters; you remember 5 or 6, then combine them.
I like 6 character segments because I find it has a natural rhythm when you say it over and over in your head.
G2m48c
Pronounce this this over and over in your mind (capitals loudly and lowercase softly) until you have it memorized, then pronounce this the same way
V1q951
Finally do it again for this
#mkf3a
Together, you get G2m48cV1q951#mkf3a
That's 18 characters, random enough, and uses lowercase, uppercase, and special characters. It's easy to memorize each chunk, and easy to modify.
You also construct something out of a phrase from a book like so.
;%Thhgitagitsotakfoteostc5poJtePP
This is taken from "This hero had gone into the abyss, gone irrevocably, the son of the astrologer- king, forgiven on the eve of Sunday, the cruel fifth procurator of Judea, the equestrian Pontius Pilate"
This could be a little more random, but works and is memorable if you remember the sentence. Obviously, don't use either of these specific examples in real life now that they are on a public forum.
"The Cloud" is a euphemism for your data on someone else's drive. But don't worry, "The Cloud", "Google Glass", etc...are all approved by the NSA.