your victim-blaming diatribe is as absurd as someone blaming you after thugs broke into your (locked) home and murdered your wife & children. take more responsibility for your actions, yo! dont leave the wife & kids alone!
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Hackers Using Law Enforcement Tools to Access iCloud Backups Unprotected by Two-Factor Authentication
- Thread starter MacRumors
- Start date
- Sort by reaction score
your victim-blaming diatribe is as absurd as someone blaming you after thugs broke into your (locked) home and murdered your wife & children. take more responsibility for your actions, yo! dont leave the wife & kids alone!
Perhaps there was that issue, but I've been able to use Google or Exchange contacts or even simply importing them through a backup/exported file without any issues for quite a while. So while iCloud was and is an option it's by far not the only one and doesn't have to be used (even if/when something wasn't working quite right somewhere).
----------
Meaning with quite a bit of doubt?
They are not really comparable situations. Your comparison is absurd, because you equate a murder of your wife and kids and having an online account compromised. In your scenario you would also need to add a detail such as the house key being hidden under the door mat.
Surely it must be possible to turn it OFF even if it's ON by default. Otherwise troves and troves of iOS users will be switching to Android or Windows Phone very soon...
Did you take every precaution you could by buying a gun and training your wife and child how to use it?
Anyways, these people are celebrities. Their handlers are paid to know how to deal with this stuff (don't use real/publicly available information), use 'fake' AppleID, 2-step authentication, ect. That is what they are paid for.
But they can be faulted for making it so easy for someone who gets that information to be able to get your full device backup in a not encrypted format. And honestly they are not giving you a door made of steel with steel bolts. They have given you a door that is pretty easy to jimmy open since icloud backups are not protected by Apple's two factor solution.
Last edited:
Should have been the case from day one and should not take the remainder of the year.
Not one to use hyperbole then, eh..?
If you actually read my post you discover I'm not pointing the finger just at them, but rather suggesting they did have some role in how things played out. They are not completely to blame, clearly, but neither are they blameless.
Hey, I'm all for adults making whatever consensual films they like, but accept that if you don't want outsiders to see it, take all reasonable measures to protect it, i.e. not on your phone (easily lost/misplaced) or up in the cloud (out of your control).
If you're adult enough to make a vid/pic like this, then act responsibly like one too in protecting yourself.
Nothing wrong with the cloud(s) just as long as one has the ability to choose what is stored up there and what isn't.
It is already encrypted.
But if you have the passwords, encryption means nothing.
The facts here are that iCloud once allowed multiple incorrect logins aka brute force hack. Now multiple high profile celebrities have had their pictures leaked from supposed iCloud backups.
Did they just have the passwords the whole time and finally sold them? Did they have the pictures the whole time and finally sold them? Or is this a new exploit which apple or any company would not admit to publically off the bat if at all.
In any case, it's not great.
Apple's claiming it's not their fault because they needed passwords to hack them.
But these hackers are saying Apple made it easy to get the password! Brute force, incompetent customer service reps...
http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/
This has been going on for at least 2 years.
But these hackers are saying Apple made it easy to get the password! Brute force, incompetent customer service reps...
http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/
This has been going on for at least 2 years.
For a while, if you wanted to backup your contacts, you had no option but to use iCloud because Apple removed local sync to iTunes.
It is the case now and is completely irrelevant since if you have the user name and password its unencrypted for you because otherwise it would be no good to you at all !
Jeez how difficult is it to understand this?
It is the case now and is completely irrelevant since if you have the user name and password its unencrypted for you because otherwise it would be no good to you at all !
Jeez how difficult is it to understand this?
Not difficult at all. Thanks for asking champ.
The LA Times reports that the passwords were obtained by phishing:
http://www.latimes.com/local/lanow/...d-by-phishing-source-says-20140902-story.html
If true, access to the content in the cloud could have been prevented if 2-factor authentication had been properly implemented for all services.
http://www.latimes.com/local/lanow/...d-by-phishing-source-says-20140902-story.html
If true, access to the content in the cloud could have been prevented if 2-factor authentication had been properly implemented for all services.
Apple's iCloud has become the victim of its own success. The company has relentlessly pushed the idea that you don't need physical storage space, that everything should just be uploaded to iCloud. It's also pushed the idea that whatever is in your iCloud is completely private, secure, and, unlike a gmail account, not mined for data.
It's a shame that this has happened but it wouldn't have been such a PR disaster if Apple hadn't made so many claims about the magical, wonderful, secure iCloud.
It's a shame that this has happened but it wouldn't have been such a PR disaster if Apple hadn't made so many claims about the magical, wonderful, secure iCloud.
Nothing is secure these days. Apple, Google, etc. all have flaws. Keeping ahead of hackers is a lifetime endeavor.
What truly matters is people like me own the responsibility of how we store our photos, videos and private data. Perhaps these actors need to look at their role in this event.
The point is that they wouldn't get your password with 2-factor authentication enabled because you don't have security questions anymore. But other than that I agree with you.
Personal responsibility is the excuse that bad systems engineers use for their failed designs.
"But you were supposed to hold it right! It's YOUR fault, not mine!"
it's not victim blaming nor is it the same as murder. However that said, if you don't have a plan to handle criminals during a home invasion while you or your family is home, including ways to escape and defend yourself and notify officials then, yeah, you do have to sit back and ask yourself if there wasn't perhaps more than a few things that could have prevented the horrible crime. BE PREPARED! That's on all of us because guess what.....bad guys exist and pray on those that are NOT prepared. They rarely go after the ones who are. These actors had zero plan nor did they execute much in the way of protecting said valuables. What they did was equivalent to simply locking their front door and banking on that being the end all be all for their protection. Wake up call, bad guys don't often just unlock your door and honestly you shouldn't be keeping such valuable data in such easy reach.
Actually what happened here is the equivalent to someone leaving their purse on or iPad on the front seat of a car while parked at a shopping mall then crying foul because someone broke in and took their stuff.
I'm sorry but these actors or anyone who puts sensitive data on a third party online site that clearly tells you use at your own risk is dumb. Take responsibility and don't leave said valuables outside your control.
The actors themselves, like purses and valuables are targets. More so than the average person and by not being aware of how the technology they are using can potentially put them at risk is on them. They have a role to play here too. Are they victims? Sure, but just like anyway, they have a role to play in protecting their valuables.
AppleID = email address = BAD
One thing that would help here is a Username that is distinct from an email address.
So rather than logging on as tom.cruise@somewhere.com I logon as ShortGuy.
Which perhaps is a lesson for everyone here, you need to use an email thats separate from your "main" or "known" email. Even create one just for this purpose.
Ideally it wouldn't be an email address at all, but I believe currently it has to be?
One thing that would help here is a Username that is distinct from an email address.
So rather than logging on as tom.cruise@somewhere.com I logon as ShortGuy.
Which perhaps is a lesson for everyone here, you need to use an email thats separate from your "main" or "known" email. Even create one just for this purpose.
Ideally it wouldn't be an email address at all, but I believe currently it has to be?