Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Celebrity iCloud Accounts Compromised by Weak Passwords, Not iCloud Breach
- Thread starter MacRumors
- Start date
- Sort by reaction score
Right, OK, whatever you say. I disagree of course, you're talking out of your ***.
If you can't see why this analogy is also flawed, I have nothing further to discuss with you.
Sometimes, yes. There is sufficient grey area between "sometimes" and a brute force attack.
I still I don't call being able to log in anywhere by trying passwords like 111111, brute force
.Anyway, one thing they can do is lockout after say 3, reopen the lockout 30 minutes later and then allow 3 other missed tries and then completely lockout the account if they're wrong again. That way, if someone truthfully could not log in and then later remembered the passwords, they'd still be OK.
"Though this tool allowed for multiple attempts to enter a password without being locked out of an account, it appears that it was not a factor in the recent hacking of celebrity accounts due to Apple's statement that Find My iPhone was not involved."
Sorry, that doesn't absolve Apple of anything. A secure system should have thwarted repeated attacks. It was the repeated attack that gave away the weak passwords.
So how do you determine the weakness of the passwords? Number of attacks!
Bottom line, the account should have locked out after say 5 attempts preventing any brute force tool!
Sorry, that doesn't absolve Apple of anything. A secure system should have thwarted repeated attacks. It was the repeated attack that gave away the weak passwords.
So how do you determine the weakness of the passwords? Number of attacks!
Bottom line, the account should have locked out after say 5 attempts preventing any brute force tool!
Dumb Blond
When are people going to get it? It serves her right. 24, blond, and stupid. Sure she can act, but who cares. People 2 step verification eliminates all this crap and gives you much better piece of mind and then you don't have to hassle with the idiotic security questions no one knows. Keep in mind Apple has millions and millions of credit card information from people all over the world so my password to Apple ID is more secure than my banks. Cant wait to see what happens when we can start paying for stuff with our phones and idiots like J law continue to use dumb blond passwords. WAKE UP Amen for 1Password
When are people going to get it? It serves her right. 24, blond, and stupid. Sure she can act, but who cares. People 2 step verification eliminates all this crap and gives you much better piece of mind and then you don't have to hassle with the idiotic security questions no one knows. Keep in mind Apple has millions and millions of credit card information from people all over the world so my password to Apple ID is more secure than my banks. Cant wait to see what happens when we can start paying for stuff with our phones and idiots like J law continue to use dumb blond passwords. WAKE UP Amen for 1Password
That type of thing is bought and sold daily on underground sites. This IS celebrity stuff we're talking about.
And in any case. In my opinion anybody that puts up nude photos of themselves anywhere is stupid to begin with.
Serves them right.
Even if it is not legally the fault of the someone who get mugged on the street, the local police force crime prevention unit spends a lot of time educating the public on stupid things not to do, given current circumstances. There's a pretty strong hint there.
I continue to be amazed at your unrelenting fervor for being Apples foremost sycophant.
Let's review your statement and apply even a smidgen of perspective; you'll be amazed at what happens when one isn't blinded by the big Apple. Rogifan, just to make sure, I want you to know I wasn't referencing the USA's largest city.
"This was a big media story" That's what the media does, for better or worse, break stories.
"it involved celebrities" Celebrities, stories, and dare I say nudity? Of course it had no chance of displacing other news (SARCASM, Rogifan)
"holiday weekend with not much other news" Other news or not, potential hack of celebrity nudity is not a run of the mill story.
"iCloud hack that wasn't" It may or may not have been an iCloud hack. If genuflecting at the Altar of Apple provides you with clairvoyance the rest of us don't have; please enlighten us. I, however, suspect that blind ignorance has iClouded your judgement (see what I did there?).
I gotta hand it to you though, you do provide me and others, with our daily cult-induced snicker (not the chocolate bar).
That's why every time a company is found to have stored unsalted password hashes, especially if these hashes get stolen, the person(s) responsible should get jail time. Not talking about the thief but whoever made the decision to store unsafe passwords.
This.
We use victim blaming all over the society to teach people not to act stupid and "welcome" criminals. Otherwise the streets would be filled with people losing their wallets every day.
You hear that? ViperDesign thinks it's impossible for 11 or more people to have weak passwords! Wow!
(The stupidity! It burns!)It's not like the hackers said, "We've got this list of 11 people. We need to hack those accounts *only*."
No. The hackers had been working for quite some time to get these sorts of photos from as many people (celebs or not) as possible. They are almost certainly *continuing* to work on getting *more* such images.
Lol you're the one proclaiming your superiority over an Oscar winner.
Common people need to get a grip on their ego.
People need to be responsible with their own accounts. If you use a weak password and someone figures it out then you must take some of the blame for it. This is not in anyway similar to getting mugged.
Beating yourself up over a mistake is not the same as millions of people victim blaming JLaw because her privacy was hacked. A true comparison would be the poster blaming himself for his mistake and also Jennifer Lawrence blaming herself for a mistake. And I use mistake for lack of a better term, being the victim of an illegal crime is not a mistake at all.
The difference here is that people are slut-shaming her for taking nude pictures, victim-blaming her for those pictures being hacked and released to the public, and calling her stupid for allegedly having an easy password/security question combo. Much different than a guy posting about how he was subject to identity fraud when we don't know how or why details.
If you can't parse through why this is a false equivalency, I have no faith in the public school system anymore.
GenisST Equipment List
I love this poster's list of equipment! Beats bragging about how many Apple devices one has purchased.
I love this poster's list of equipment! Beats bragging about how many Apple devices one has purchased.