Apple 'Actively Investigating' Possible Hacking of Celebrity iCloud Accounts

[H2SO4]

This whole thing only has visibility because celebs are involved. If it had been you or me……..tumbleweed.
Jeez AAPL have some glaring holes in their software that still need fixing, here’s one to do with Gatekeeper from a very respected poster, (certainly by me anyway).
You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that the DownLite developer has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing, has not done so, even though it's aware of the problem. This failure of oversight is inexcusable and has compromised both Gatekeeper and the Developer ID program. You can't rely on Gatekeeper alone to protect you from harmful software.

 

[ksuyen]

I wouldn't be surprised if the celebs leaked the pics themselves. Because that's never happened to get a boost in publicity. People who think that Apple is not vulnerable to hacks are a bit delusional. It's still code just like all other software. Would it be nice to think that Apple is above hacks, sure, just not very realistic. My motto, if I don't want others to see it, keep it to yourself.

Yes, but even if it's not Apple the only one fault here, even hypothetically speaking if it's only 5% of the compromised photos are from iClouds, why all the reports point their fingers solely, only, to Apple? As if every problems in the world is Apple's fault. Where is the logic for that?

 

[alex0002]

If I have an Android phone and an newer iMac let's say. I connect my phone and import the photos using iPhoto. Would it then sync to iCloud if I had set it up? That's not a far fetched scenario.

Not far fetched at all. I have an Android phone and a macbook pro and import the photos to the Mac using Airdroid for the connection. No cable required.

The only difference is that I'm missing the sync to iCloud and the fact that no one would want to look at my pictures.

It's also common for people to transfer all content from one device to another when they upgrade phones, so the original phone camera type doesn't mean much. Perhaps these pictures have been obtained from more than one source, with this latest iCloud flaw being just one method that might have been used.

 

[LordQ]

Seems kinda silly that people would go so bezerk over a couple of nipples. OMG, Jennifer Lawrence has nipples!!! :roll eyes:

Well, this will blow over in a couple of weeks and everyone will forget all about it. Nakedness is highly overrated.

^This. Reminds of the big deal everyone was making two weeks ago when Nintendo showed some shots of Samus on shorts and sports bra in the new Smash Bros...

2014 and people still get mad crazy about some skin.

 

[haruhiko]

So is that all it takes to make a PR disaster?

1) Buy up some nude celeb photos for Bitcoin on the darknet ( That's the source of these photos )

2) Find a bug in iCloud

3) Release purchased photos and blame that bug for the leak of celebrity nude photos, almost all celebs use iPhone so it will seem legit.

4) Knee-jerk reaction by Apple to fix bug makes it seem like that was the actual cause.

Much misdirection here. Too many Apple haters on an Apple forum (suddenly), and so many sensationalized articles when nothing has been confirmed. Something else is going on.

Sometimes it's how we do to demonize a country.

 

[powerstrokin]

Seems kinda silly that people would go so bezerk over a couple of nipples. OMG, Jennifer Lawrence has nipples!!! :roll eyes:

Well, this will blow over in a couple of weeks and everyone will forget all about it. Nakedness is highly overrated.

Yeah I uh.. take back what I said before about why is this all revolving around her.. I now know why she's so pissed off.

All I'm going to say is that if this revelation comes to light... her career is over. Or maybe it will take off, but it won't be PG rated movies. That is, if she doesn't go to jail herself.

 

[kerrikins]

Yeah I uh.. take back what I said before about why is this all revolving around her.. I now know why she's so pissed off.

All I'm going to say is that if this revelation comes to light... her career is over. Or maybe it will take off, but it won't be PG rated movies. That is, if she doesn't go to jail herself.

What on earth? Why would she go to jail for having her private pictures released?

So far the reaction has been very sympathetic other than 'why did they have these on their phones', I don't think her career is over.

 

[powerstrokin]

What on earth? Why would she go to jail for having her private pictures released?

So far the reaction has been very sympathetic other than 'why did they have these on their phones', I don't think her career is over.

I'll just link this article. You figure out the rest.

http://en.wikipedia.org/wiki/Zoophilia_and_the_law_in_the_United_States

 

[teknikal90]

thats why yo should read before agreeing or tapping "okay" to any popups on ios devices. theres a reason that you agree to terms and conditions and a reason you tap okay to allow photo stream. if people would read the popup like they are supposed to they would know these things. apple specifically tells you what an app is doing or if it doesn't, thats the user's responsibility to find out what the app does before just hitting "okay" or "accept". It's not apple's fault. it's the users' fault.

what you're saying is technically true.
legally true.
But i believe implementing something great goes beyond 'legally true' to doing it the right way.

i dont think 99% of people read the full terms. I'd wager that even you dont.

 

[rish]

I can confirm what Rigby said--I just tried it for myself and 2-step verification does not help protect your photostream. All you need is the Apple ID account name and password for photostream access.

Strengthen your passwords with characters other than numbers and letters. Perhaps turn photo stream off and anything else that publishes data you want to keep private. Don't upload private pics to iCloud Drive or any other drive in the cloud for that matter. Hopefully that keeps people safe.

 

[jonbravo77]

Yes, but even if it's not Apple the only one fault here, even hypothetically speaking if it's only 5% of the compromised photos are from iClouds, why all the reports point their fingers solely, only, to Apple? As if every problems in the world is Apple's fault. Where is the logic for that?

There is no logic. Haters will always hate, that's all they know. It's easy to point fingers than to find the truth. Apple is a successful company and they don't bow down to the stock holders which pisses a lot of people off. And of course, I'll be looked upon as a "fanboy" or whatever. To that I say take a look in the mirror and you will find what is partly the problem with consumers in this country. Gotta blame someone for your own stupidity like putting things on a distant server that you don't want others to see, allegedly..

 

[rish]

You could do what I do, use a long sentence of words smashed together. The more non sensical the better. To add to the difficulty, mispell the words, incorportate a long number, alternate cases and use non alphanumerics, the use emoticons is a bonus, especially mid sentence.

For example :
whee2731}bumm$LurveRoknRoolmouzikk!B-) (yes, that's 44 letters .
Original
We 2731 } bums love rock and roll music! B-) (even that non mispelled version is pretty crazy... )

Both are not too hard to remember and pretty insane to guess unless you are god . Of course, you don't have to make it THAT long.

I use a very long insane password on very very sensitive, log in once per week accounts. I don't even allow network logins, only console, but I'm paranoids about all aspect of security. Though, users are by far the weakest link, you have to protect them against themselves.

Ok. That's seriously long but I get the format to help remember. However just to be safe I think I'll need to write that down somewhere. I agree completely with you. There is a fair bit of responsibility that lies with the user in keeping their data secure. Quite frankly I think everyone should be paranoid about securing their info as there as some who thrive in cracking accounts for fun, others for malicious reason and those that seem untouchable in the name of national security. I shall heed your guidance. Appreciated.

 

[roadbloc]

Bit of a delayed response, but Apple owe it to their customers to get this sorted. Hope they patch it up nice and secure. If my private pics started circling the web I'd be furious. Then again, I'm smart enough not to put any of my personal pictures on the cloud.

 

[gnasher729]

Yes, but even if it's not Apple the only one fault here, even hypothetically speaking if it's only 5% of the compromised photos are from iClouds, why all the reports point their fingers solely, only, to Apple? As if every problems in the world is Apple's fault. Where is the logic for that?

What if, hypothetically, 0% of the photos come from iCloud?

The only source for the claim of an iCloud hack is a statement of an unknown criminal whose goal was to cause trouble for celebrities. A claim that they hacked iCloud falls straight into the category "cause trouble for celebrities".

----------

Yeah I uh.. take back what I said before about why is this all revolving around her.. I now know why she's so pissed off.

All I'm going to say is that if this revelation comes to light... her career is over. Or maybe it will take off, but it won't be PG rated movies. That is, if she doesn't go to jail herself.

Don't be daft. Some nude pictures don't hurt anyone's career today. I mean sex tapes + vacant face expression (that Paris woman, can't remember her first name), or pictures + fat arse (Kardashian) make successful careers.

About the "going to jail": What exactly would she go to jail for? Is having a female body a crime where you live? Sharia laws? Or what?

 

[powerstrokin]

What if, hypothetically, 0% of the photos come from iCloud?

The only source for the claim of an iCloud hack is a statement of an unknown criminal whose goal was to cause trouble for celebrities. A claim that they hacked iCloud falls straight into the category "cause trouble for celebrities".

----------



Don't be daft. Some nude pictures don't hurt anyone's career today. I mean sex tapes + vacant face expression (that Paris woman, can't remember her first name), or pictures + fat arse (Kardashian) make successful careers.

About the "going to jail": What exactly would she go to jail for? Is having a female body a crime where you live? Sharia laws? Or what?

Sigh... She's on video clearly with a dog penis inside her. The video was posted on youtube of all places. It lasted a few hours if you can believe that. Lasted on youtube a few hours I mean. The video was about 45 seconds I think.

 

[gnasher729]

This issue aside, here's a nice single shot graphic regarding password strength:
http://xkcd.com/936/

Another useful tip: If a site has security questions to recover your password, nobody forces you to use true answers. Mothers maiden name = random871203 is hard to guess for anyone, and they won't find the answer on the internet.

----------

Sigh... She's on video clearly with a dog penis inside her. The video was posted on youtube of all places. It lasted a few hours if you can believe that. Lasted on youtube a few hours I mean. The video was about 45 seconds I think.

Are you proud of watching this? If it's true, which I will not verify, then you are the one who should go to jail.

 

[Medic311]

Seems kinda silly that people would go so bezerk over a couple of nipples. OMG, Jennifer Lawrence has nipples!!! :roll eyes:

Well, this will blow over in a couple of weeks and everyone will forget all about it. Nakedness is highly overrated.

Guess you haven't seen the compilations. There are way more things leaked than just nipples.

 

[captain kaos]

Well, its on all the newspapers, and apple's being very quiet about it.

 

[rish]

This maybe of use. A news update of approx 2 hours ago (link below):

http://www.telegraph.co.uk/news/worldnews/northamerica/usa/11068823/FBI-leads-hunt-for-hacker-behind-Jennifer-Lawrence-naked-pictures.html

Same news site talking iCloud:

http://www.telegraph.co.uk/technology/internet-security/11067563/Jennifer-Lawrence-hack-iCloud-security-explained.html

Reporting seems level headed in comparison to what has been posted elsewhere. There's a lot of sensationalist reporting on a number of news sites.

 

[Keirasplace]

This maybe of use. A news update of approx 2 hours ago (link below):

http://www.telegraph.co.uk/news/wor...-behind-Jennifer-Lawrence-naked-pictures.html

Same news site talking iCloud:

http://www.telegraph.co.uk/technolo...-Lawrence-hack-iCloud-security-explained.html

Reporting seems level headed in comparison to what has been posted elsewhere. There's a lot of sensationalist reporting on a number of news sites.

Again, this is more, how it could be done, not how it was done. That the picture came from there is not proof that they hacked this account. There are many other ways to obtain a password.

Unless the Icloud password was only used there and she has had no Malware for the last several years, we can't be sure where the password came from. If the photo is very recent, it would increase the probability, but still wouldn't insure the use of this script.

----------

Well, its on all the newspapers, and apple's being very quiet about it.

You do know that monday was a major holiday in the US. Most people, including Apple employees, are not doubt enjoying their long weekend. By tuesday or Wednesday you will probably get a definitive answer.

----------

Bit of a delayed response, but Apple owe it to their customers to get this sorted. Hope they patch it up nice and secure. If my private pics started circling the web I'd be furious. Then again, I'm smart enough not to put any of my personal pictures on the cloud.

They've ALREADY patched it hours ago. Behind the news hey!

 

[Tacitus]

Words like reportedly, investigating, allegedly, etc. They are English words that all mean the same thing - nobody knows for sure yet.

I'm becoming ever more convinced that my countrymen (and women) are losing the ability to think and comprehend simple English. It appears to happen most often on Apple threads, particularly on the Guardian's tech site.

And yeah, it's "would HAVE" read the stories...

"Would of" is becoming so common in the UK as to be unremarkable.

 

[the8thark]

No it's not confirmed yet. I don't know why MR hasn't mentioned it but on The Verge they have mentioned it's not confirmed yet.

MacRumors think confirmed is anyone but Apple saying it. Now you know why.

 

[litchie]

Nowadays I just turned off iCloud sync all together. Find my iPhone is useful though.

 

[DoubleU]

If I have an Android phone and an newer iMac let's say. I connect my phone and import the photos using iPhoto. Would it then sync to iCloud if I had set it up? That's not a far fetched scenario.

People have been asking for years to get iPhoto to backup to iCloud and it doesn't happen. It's only Photos on iOS and the Photostream that get backed up automatically. No iOS device no photos on iCloud.

 

[peterh988]

I also doubt celebrities would have an easy to guess password for obvious reasons.

Nah, slebs are just as lazy/stupid/unknowing/uncaring as the rest of us.

We've recently had a phone voicemail hacking trial in the UK, virtually all the 'hacking' involved nothing more than calling the slebs voicemail and inputting one of the three default passcodes (0000 1111 1234) and hey presto, you're listening to their messages.