Celebrity iCloud Accounts Compromised by Weak Passwords, Not iCloud Breach

[silentmajority]

If Jennifer Lawrence's password was "hungergame1" then without knowing her I can guarantee that she will have a much stronger password in the future. She definitely won't update her password to "hungergame2".

If a weak password is the main culprit behind these leaked photos then I don't know how anyone can accuse anyone of victim blaming when the victim is obviously part of the problem.

I'm not saying that they deserved for this to happen to them. In fact I feel really bad for them because its obvious that some of those photos and pictures were never meant to be released as they were. However, there is a reason why most people lock their doors when they leave, chain their bikes up at the park, don't leave their cars unlocked with the keys in the ignition, there's a reason why we have antivirus software on our computers along with passwords and usernames, and it's because we all know that there are people out there who will steal from us, hurt us, and exploit us.

 

[iBug2]

How likely is it they didn't get it this way though? I'm not believing they tried one or two common password on all these accounts. Which goes back to the brute force theory, right?

The easiest way to hack an account is resetting the password with security questions if they are easy to guess or find out using google.

Obviously I have no idea if this was the method of use but that's usually the first method of choice.

 

[Trapezoid]

How likely is it they didn't get it this way though? I'm not believing they tried one or two common password on all these accounts. Which goes back to the brute force theory, right?

Apple stated that the brute force hole that they patched was not exploited in this hack.

So, the only thing left is that Apple is lying. If they are, Apple is run by a bunch of idiots and deserve whatever they get.

I'm gonna go with that's not the case.

 

[DisMyMac]

its obvious that some of those photos and pictures were never meant to be released as they were.

Why are you so sure of this.

 

[milo]

For the most part, people can't make security impossible for a criminal.

But people can make it easier for a criminal or can make it more difficult.

"Blame" isn't the right word, but the people who make it easier are going to end up victims more often than those who make it difficult.

People aren't safe and secure automatically, we all have a responsibility to make the effort to make ourselves safe and secure. And if we do a poor job, we have to accept some of the responsibility for the end result.

 

[iBug2]

Why are you so sure of this.

Well, some of them might have been leaked intentionally, but that's really irrelevant since probably most of the leaks were unintentional.

 

[gnasher729]

if given the opportunity, i'm sure Kate Upton would have preferred to have her account locked vs having someone post a photo of her *********** for the camera

One, your post is disgusting.

Two, enabling a DoS attack means that no celebrity will ever be able to use their account again.

 

[apolloa]

You just ignored everything I said and harped on something that I asked only because it seemed like you were misunderstanding what I was saying. Something that I said beforehand that I'm not saying to insult. Something I was trying to give you the benefit of the doubt on. Note to self: that's not the case.

It has nothing to do with opinion. It's a fact. You're in denial about it because you're here to bash apple.

I did not say that Apple is not at fault in that Kirsten Dunst thing you quoted me saying. IF you'd like to show me where I said that, I'd be glad to entertain you?

There's no opinion. You're wrong. This has nothing to do with brute force, unless your next argument is Apple is lying about their investigation?

I am bashing Apple for it's poor security, something you seem to choose to ignore? I don't know why you are. But I refuse to simply post comments in a love and hug style, about every single thing Apple does that is reported on in a news story here, anyone who does isn't very smart.

You implied the tweet made by Kirsten Dunst was no proof that her iCloud account was accessed and the photos taken from there, somehow implying you knew better than Kirsten herself.
That is how your post came across, also as Apple has stated in this press release, several celebrity accounts were accessed.

For instance:

We wanted to provide an update to our investigation into the theft of photos of certain celebrities.

Therefore Apple are implying they are performing an investigation into photographs being stolen, and we don't need to guess who's photos or what their content is.

They then state:

After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions

Thereby confirming they have had celebrity accounts illegally accessed, and considering the first sentence they made, we are to presume the attackers stole the celebrity's photographs from their iCloud accounts, because Apple did not deny it.

And it is a very big and convenient coincidence that they patch the very security hole the hackers claim they used, the same time this story breaks.

And I have never once in any of my comments on this matter stated ALL the photos were obtained from Apple, that goes for anyone else proclaiming I did.

 

[Lankyman]

So given a choice who would you prefer to look after your data - your bank or Apple?

Hmm! tough one eh!

I'm going to suggest that Apple rebrand themselves as Teflon.

I'm surprised some of you haven't suggested we round up these celebrities put them in stocks and pelt them with rotten eggs for not choosing better passwords. Fancy the cheek of it, trying to sully Apple's reputation.

 

[rmbpuser]

come on they are nude photos of fit celebrities it will only boost their carrer they should be thankful, its not like the government hasnt seen them already this pales compared to to NSA.

dont superstars have people who care after their online presence? they should spend 5 minutes less on their nail art and learn about strong passwords. its so easy to hack someones account when you know their birthday and their secret question is "my favourite colour" i "hacked" my brothers account that way when i was 11.

cant really blame those horny "hackers" though maybe they should of targeted some male stars too

also this kind of "hacking" happens everyday and nobody cares, but celebrities i guess are special

 

[silentmajority]

Why are you so sure of this.

Just an assumption on my part. When I read an article where an actress expresses remorse for flashing her boobs in a movie then I am assuming that the same actress wouldn't want a video released where she is getting slapped in the face with a penis. Who knows though maybe I'm wrong.

 

[paulxandrei]

blame... yes! Apple for some weak pwd you created. eg.'jenny123' this noob celebrity should be ashamed. and should not be allowed to use apple again.

 

[Am3r1ca16]

That's my /b/

 

[A MacBook lover]

Some of the images did come from compromised iCloud accounts.

"After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet."

And you're right, from what I've read a lot of these photos have been shared for months or years before being leaked. That doesn't change Apple's own partial acknowledgement. With all that said, my original premise stands. The bashing seemed to be more in your mind than in that headline. It's just my opinion. You may be seeing something I'm not.

Does yellow journalism work better? I could agree that bashing is the wrong term.

 

[jaison13]

jessica brown findley definitely got the worst of the hacked celebs. bt there is no shame in her game. she's way hotter than i originally thought she was from that downton abbey show.

 

[StyxMaker]

Did you even read my post? I said the same exact thing you just did. If you don't lock your doors, you're to blame just as much as the thief who walks in the unlocked door.

Did you ever wonder why they use the phrase 'breaking and entering'? They are each a separate crime. Entering your house without your permission, even if the door is unlocked, is a crime.

 

[firewood]

We can just hope that they get caught and sent to jail, and then we can all have a laugh about idiot hackers who are more stupid than some celebrity. I'd be quite confident that say a $100,000 reward will get them ratted out.

Good luck with that if they turn out to be inside some other countries military establishment. Check your firewall logs sometime.

 

[apolloa]

come on they are nude photos of fit celebrities it will only boost their carrer they should be thankful, its not like the government hasnt seen them already this pales compared to to NSA.

Not for Kirsten Dunst it won't, considering she has been totally naked in at least one film now. I think she feels it's more of a personal attack as you or I would.

 

[zioxide]

And it is a very big and convenient coincidence that they patch the very security hole the hackers claim they used, the same time this story breaks.

They patched the security hole because they found out about it 3 days ago when that iBrute script was uploaded to GitHub.

I find it hard to believe all these celebs got hacked and all these pics were gathered in 2 days.

I still haven't seen anywhere official where the hackers claimed to have used iBrute.

Did you ever wonder why they use the phrase 'breaking and entering'? They are each a separate crime. Entering your house without your permission, even if the door is unlocked, is a crime.

Never did I claim it wasn't a crime. It is a crime. But if someone breaks into your house and steals your laptop by walking through a door you left unlocked, your insurance company isn't going to pay for you to get a new laptop. In their eyes, you're responsible as well as you failed to activate your common and available security measures.

 

[apolloa]

They patched the security hole because they found out about it 3 days ago when that iBrute script was uploaded to GitHub.

I find it hard to believe all these celebs got hacked and all these pics were gathered in 2 days.

I still haven't seen anywhere official where the hackers claimed to have used iBrute.

Not all photos, but some were stolen from the iCloud accounts, reading Apples statement. I think the hackers posted that they used a script? That they then posted on github? Sure you can call it bogus, but hackers tend to love to gloat about their attacks and how they did it. It makes them feel special I guess?

 

[DisMyMac]

When I read an article where an actress expresses remorse for flashing her boobs in a movie then I am assuming that the same actress wouldn't want a video released where she is getting slapped in the face with a penis.

That's actually pretty normal, but there are people working to keep it "wrong"... These are very rich girls anyway.

 

[The Barron]

1 Password is awesome for this basic stuff.

Sad that too many folks rely on simple passwords, regardless of their position in life.

I too have often wondered why so many people use such easy to figure passwords.

A junior high school hacker can get into anything he wants in mere seconds. Put a high school or better yet, a college student on it and presto! The vault, even businesses or celebrities, is open for the taking. Geeze

Get smart folks.

 

[iBug2]

Did you ever wonder why they use the phrase 'breaking and entering'? They are each a separate crime. Entering your house without your permission, even if the door is unlocked, is a crime.

Nobody is saying that the hacker should receive less of a punishment if the passwords were easy to guess.

 

[firewood]

jessica ... findley definitely got the worst of the hacked celebs. bt there is no shame in her game. she's way hotter than i originally thought she was from that ... show.

I wonder if the cousins of the temp staff for some celebrity PR agencies are doing stuff that even their clients don't know about (plausible deniability...).

 

[Aragornii]

Well this really sucks. I try to log in to my Apple ID and Apple won't let me do it without changing my password. "Your password is too easy to guess". I suppose this is fallout from the celeb hacking scandal.

My password is 8 random letters that do not form a dictionary word or words strung together. So, essentially impossible to guess.