Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Maybe I am clueless, but I had no idea that phishing emails were illegal......
They are designed to gain unauthorized access to your private information. Yes, you gave them the password, but not for the purposes they used it for.

Think of it this way. I call your elderly parents up and convince them I am you and that you are in jail and need $2,000 bail money immediately. They wire me the money and I head off into the sunset. By your definition, since they voluntarily gave me the money then what I did was perfectly legal. However, I think we can agree it was theft by deception. Same thing with a phishing email.

A visual of Hope Solo was cemented in my brain.

It is seared into the retina of my brown eye.
 
  • Like
Reactions: crjackson2134
Why would he get arrested for "unauthorized access" to a computer if they literally gave him the passwords?
Because he got the passwords under false pretenses.

If you hand your car keys to the valet and he takes your car and makes off with it, are you suggesting that isn’t a crime because you “literally gave him” the keys?
[doublepost=1551477778][/doublepost]
Maybe I am clueless, but I had no idea that phishing emails were illegal......
Obtaining valuable information under false pretenses?

Fraud: “wrongful or criminal deception intended to result in financial or personal gain.”
 
What the **** are these misogynistic comments on MR? His phishing BS was pure extortion that tarnished the reputation of prominent women by his posting of their private pictures in order to humiliate them. How he/the people who did this got the images does not matter + whether anyone decides to take potentially compromising pictures is their choice.

If anything, this case sets precedence for revenge porn and that is key here.
 
Why would he get arrested for "unauthorized access" to a computer if they literally gave him the passwords?

Phishing is like pretending to be a police officer with a fake warrant. Sure you gave the person access to look into your home but you assumed it was for legitimate purposes. The celebs was essentially scammed out of their information.
 
Presumably they worked with the victims, or they ran a dictionary attack and found that they could crack the password themselves in 3 minutes?
Apple can obviously do anything that a hacker could do (technically, as a company that can be sued they will not do things they would be sued for). But any company that is just moderately technically competent will have no way to take shortcuts to a user's password.
[doublepost=1551485414][/doublepost]
You are peeing up a virtual rope trying to get that perception corrected. It is emblazoned on the social consciousness as the iCloud hack. It is what it is. You'd have no more success than I would telling certain Apple fans Google doesn't sell your data. By the time I get to "...ad space based on anon-...", nothing but the proverbial 1000 yard stare ← metaphorical
Google sells data and iCloud was hacked. Whaddayagonnado. ¯\_(ツ)_/¯

Google makes its money by renting the information it has about you to the highest bidder. iCloud wasn't hacked.
[doublepost=1551485539][/doublepost]
Why would he get arrested for "unauthorized access" to a computer if they literally gave him the passwords?
Because giving someone a password doesn't make access authorized. Only the account holder is ever authorized. Someone else who by whatever means got access to the password is _not_ authorized.
 
  • Like
Reactions: Solomani
Pretty weak security measures when a high school teacher can breach them. It's the breach that keeps on giving since once it's on the internet it's there forever with no way to remove.

Ok... so I’m guessing you believe HS teacher = low tech IQ??? That’s pretty snobbish of you.
 
  • Like
Reactions: willmtaylor
This is why I just don't sext, take nudes or anything like that. Yes its my phone, Yes I should have the right to do what I want in the privacy of my own home, but that is idealistic not realistic. Firstly, you don't know if that piece of hot stuff you are enamoured with will be your friend a year from now, and secondly how secure these devices really are to third parties. People should have a modicum of digital "street smarts", or as trad-cons would say, "personally responsibility". If somebody hacks my phone all they are going to get is some half written university notes on environmental chemistry, boomer memes, and my ugly mug in tourist location. Not any my of ex girl friends, nor my hairy body bits.
 
They didn't give him they're passwords in a "Here, do whatever you want with them," attitude. He probably fooled them by sending them a FAKE "Please log into your iCloud account" email or something similar.
If you're dumb enough to give up your password under any circumstances, you're asking for it and deserve it.
 
What a “Great Guy”. You think we should lock people in cages over things like this.
I do. I actually think he is getting off pretty easy compared to the damage he did to so many people's image / reputations. What if we just lock him up until all copies of the images he stole are removed from the Internet? I am not a big fan of "celebrities" and I don't think they should have any extra rights than the rest of us. But they are people like the rest of us and this idiot launched an unprovoked personal attack on them. Lock him up.
 
  • Like
Reactions: Stars&Stripes
If they're storing passwords correctly, how would they know that?

They wouldn’t have to know the exact deets to know that a password was only 5 characters (grandfathered in from old rules), all alpha, no caps, etc. they have systems know set up to check for required elements and for a while were ‘strongly encouraging’ folks to create better passwords. Around the time of this event they started analyzing passwords and forcing folks to switch them to stronger ones.
[doublepost=1551540565][/doublepost]
Why is it that some of you on this site have such a hard time admitting that this was indeed a hack?
[doublepost=1551539377][/doublepost]The definition of a hack is to use a computer to gain unauthorized access to data in a system. HACK!

While you are correct that that is the general definition, over time the term ‘hack’ has been more precisely defined via movies, tv shows and the media to mean access via digital means. In other words, looking for and utilizing weak spots in coding, creating viruses etc. and it’s that more specific definition that is so ingrained in most folks that it’s now the only definition they recognize. And this whole ‘celebgate’ or ‘fapgate’ as many reddit users called it, was not a ‘hack’ under that definition but access via social engineering.

To me, who gets the definition you are using, would say the issue isn’t the word ‘hack’ but rather the media incorrectly defining who or what was hacked. It wasn’t Apple, iCloud, Google Drive that were hacked, it was users of these services. Because the access was via using the social engineering technique of phishing get users to give up their log ins. The fake emails were the computer (because it’s a digital form of communication) and the users brains were the system accessed for the data of their logins. Which then allowed for access to the various accounts.
[doublepost=1551541179][/doublepost]
Glad he is going to prison. I am also glad that Apple initiated 2FA to help people be more secure with their account.

Except that Apple doesn’t require it across the board unless you are using certain features like Apple Pay Cash etc. there are tons of folks that still don’t have 2FA set up just like they don’t have passcodes on their devices. And they are often just the kind of users that would fall for phishing emails.

I also wonder what effect mandatory 2FA would have on Apple handing over iCloud account data to law enforcement would be. If that system could be set up to encrypt user data in iCloud regardless of backup or syncing modes. After all when you have 2FA your device passcode appears to be linked particular data like your iCloud Keychain. If you don’t put in the right passcode you have to reset that data. Imagine that being across the board. Even if it’s just an option you can turn on. Perhaps even set individual passcodes that don’t have to be the same as any device code.
 
"...as part of what's now known as the "Celebgate" attack."

Stop trying to make "Celebgate" happen. It's not going to happen.

Raise your hand if you have been personally victimized by Christopher Brannan.
 
Last edited:
In some way I thank them. Before Fappening happen Apple were very slack in their Cloud, Internet security and all that. ( They may pretend they care, as Tim Cook always do, but they don't, most of the problem were only fixed after this got blown out way over in the public. ) It was only after that they had the sense to add online Security into their design process.

But then there were also a few years where Apple were absolutely paranoid, you could tell as they made the security so damn hard you hard to remember 2 - 3 random question's answer before you do anything. I think they have a better balance right now.

Hopefully no more of these incident would happen.
 
If you're dumb enough to give up your password under any circumstances, you're asking for it and deserve it.

Unfortunately not everyone is as smart in all realms of knowledge as you, CJ. That does not mean they should be taken advantage of criminally.

I know you are cocky, but if you truly believe what you espoused, then imagine a world that others do to you what you "deserve" just because you are less knowledgeable than they in an area.
 
  • Like
Reactions: Stars&Stripes
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.