Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple 'Actively Investigating' Possible Hacking of Celebrity iCloud Accounts
- Thread starter MacRumors
- Start date
- Sort by reaction score
And I use it for my photos just fine, if hackers want to take up their hard drive space with pictures of my two year old with spaghetti on his face and goofy memes sent through iMessages they can knock themselves out.
Incidentally (if this is an iCloud breach) I'd still feel safer with my photos there then I ever did taking them to get processed back in the day.
But ITS NEVER EVER APPLES FAULT! It is ALWAYS the users fault in the eyes of Apple fans. If this was Googles cloud everyone would be slating their security, not its users, fact
That's true of complexity, but not openness. The most secure operating systems in the world are open source because that is how bugs are found by the good guys. However, they are also very simple in order to prevent vulnerabilities.
Windows, OS X, iOS, and Android (in most cases) combine the worst of both worlds. They are complicated, massive bundles of code and the companies try to prevent people from knowing exactly what is going on under the hood. Generally they do that to make the user experience easier, but that also makes the user less informed.
There is always a fine line between overwhelming the user with confusing technical info and leaving them blissfully unaware of what they are doing and Apple has always made the latter mistake IMHO. Microsoft always made the former mistake, which is why you would see messages in Windows that merely said "Error number 00000248728457208" or some such nonsense.
If the user saw "Send all of your photos, documents, etc to a stranger's computer that you don't control" instead of "Backup to iCloud", they may think twice before taking a picture of themselves naked. Cloud backups for all operating systems should be better explained, easier to control, and easy to completely disable.
You do realize that almost 100% of brute force attacks are not done over the network. Why? Because they will be discovered before they succeed if your password is even remotely good even if they were no brute force protection.
Of course, they then could be done slower over some time by distributed bots; but, that would limit the amount of accounts you can go after.
Brute force attacks usually are done straight on the password file either on the attacked server or after having slurped part of it to your own machine through a badly configured Web's server's access to the backend DB were the user passwords for the Web service are stored.
One thing though, even a brute force attack in this case would actually have to know some info on Jennifer Lawrences account prior to the attack. Unless your saying they attacked the whole Icloud and accidentally fell on her, which is ludicrously improbable.
That's why I think the most probably way they got the photo is through targetted social engineering. The Scarlet Johansson breach was very targetted.
Due diligence
Other sites that have reported this are saying that Apple is researching the allegations that there was an iCloud breach. In other words, they are performing due diligence to make sure their was or wasn't an issue. Hackers can say whatever they want, but it doesn't make it the truth.
Other sites that have reported this are saying that Apple is researching the allegations that there was an iCloud breach. In other words, they are performing due diligence to make sure their was or wasn't an issue. Hackers can say whatever they want, but it doesn't make it the truth.
Could you imagine the panic if Steve Job's situation was leaked when it first became known to him.
iCloud will never be taken seriously when it comes to something so confidential even after they pour tons of money into the fix. It's tarnished for life along with other cloud services!!! This is worst than the maps fiasco. If this new HealthCare service relies on iCloud it's DOA. No body wants their health info on the internet let alone their nude pics. Insurance companies could deny claims if they have proof of preexisting issues.
Customer - I want to get a life insurance policy
Insurance company - A recent iCloud leaked showed that you have high blood pressure and you smoke.
Customer - So what.
Insurance company - We can't insure you because you're high risk.
I'm much less concerned about credit cards than stolen sensitive information or remote wiping of my devices. Credit card numbers get stolen all the time (e.g. by restaurant waiters or the like); you simply dispute any fraudulent charges and get a replacement card. The other types of damage, on the other hand, cannot be undone.
This hacking accident is actually hugely beneficial PR for Apple to greatly encourage longer passwords, 2 factor auth, and a lot more suspicion of any phishing-like messages from "friends/bank/etc.". Makes me wonder how much PR traction it would have had otherwise.
Interesting how the 'hackers', I use that term lightly, claimed they got these images from iCloud and now all the fingers are being pointed at Apple, sure they left their service open to brute-forcing, but do you actually believe someone went through a huge list of passwords before guessing it? I also doubt celebrities would have an easy to guess password for obvious reasons.
There's no proof that these leaked images came from the iCloud accounts, it seems like a great cover up though as most of these celebrities use iPhones. No doubt they're shared from ex-boyfriends etc.
There's no proof that these leaked images came from the iCloud accounts, it seems like a great cover up though as most of these celebrities use iPhones. No doubt they're shared from ex-boyfriends etc.
This is the result of years of people collecting celebrity images and trading them on sites like anon-ib. There wasn't one single 'hack' that went into the dump rather the culmination of someones trading collection.
Perfect rundown of what happened.
Perfect rundown of what happened.
In 2014 if a person chooses to take naked photos that they want to remain private, using an internet connected device of any kind just isn't wise.
The average person doesn't understand just how connected these devices can be and how easily a talented hacker can steal those images.
Best to not take them at all (IMHO) but if you do, be sure they don't end up on an internet connected device.
The average person doesn't understand just how connected these devices can be and how easily a talented hacker can steal those images.
Best to not take them at all (IMHO) but if you do, be sure they don't end up on an internet connected device.
I wasn't talking about the openness of the code, I meant openness in providing access to the ressources.
Nothing is more secured than putting something in a 10000 pound Very Big safe (tm), dropping it in the middle of a desert and putting a large security detail around it that can't in anyway open it in any way. Then, the only way to open it is:
- Two very long combinations
- Two different tumbprints
- Two different Irises
The information itself inside should be fragmented and encrypted in such a way that even if it escaped, it would be of no value unless you have the long key of the two person who can open the safe and the one of the person who can actually use it. The person who can use it cannot open the safe himself!
Yes, very very secure, but almost impossible to work with in any way and if one of the persons dies, or the keys are destroyed, well you are SCREWED.
At this point there isn't even confirmation this stuff came from iCloud, don't you think you're taking this a few steps too far?
Because of blind followers like you that can't admit Apple could be at fault for anything. If they had no security against brute force password hacking (notice I said if) then yeah it is their fault.
Many Android users own iDevices. One can easily send pics to email or transfer from phone to computer. Some of these people may have Apple computers. Is there a law preventing Android phone users from buying a Mac or iPad? Most of these people are dirty rich and can afford a overpriced Apple computer. Some people may not like iPhones (hard to believe I guess) and would rather have a Android phone.
When you see people using Android do you automatically assume they don't use Apple computers and services?
Careless? Their privacy was invaded and the photos taken off the privacy of their own phones. Why are you blaming the victims for having the photos and not ******* who decided to steal them and PUT THEM OUT ON THE INTERNET.
How would you like it if someone just all access to your phone or other personal items (no matter how private) and just put them out for everyone to see and spread around and them people like you came along and just said "Well you shouldnt have had it in the first place".