Dee Bee Premium Member join:2005-05-08 St Catharines, ON 1 edit |
Dee Bee
Premium Member
2014-Sep-1 5:57 pm
Celebrity Compromising Pics Due To iCloud Hack ?Various celebrities have had compromising photos posted online. Questions remain as to whether Apple's iCloud was hacked or if another method or methods were used to obtain the photos. Links to various theories below: » techcrunch.com/2014/09/0 ··· to-hack/» www.engadget.com/2014/09 ··· exploit/» www.theguardian.com/tech ··· -rihanna» www.cbsnews.com/news/app ··· rts-say/As some of the articles pointed out, I wonder how many people use two-step verification? I have to say I don't use it myself. |
|
|
ptrowskiGot Helix? Premium Member join:2005-03-14 Woodstock, CT |
ptrowski
Premium Member
2014-Sep-1 6:01 pm
And I thank them for it. |
|
The Dv8orJust call me Dong Suck Oh, M.D. Premium Member join:2001-08-09 Denver, CO |
to Dee Bee
I love how it's iCloud's fault idiots respond to stupid emails. |
|
|
to Dee Bee
This appears to have been a brute force attack against the icloud.com website. The website did not lockout multiple failed login attempts, so someone wrote a simple python script that would go through common passwords and brute force attempts to login. » 9to5mac.com/2014/09/01/v ··· o-leaks/ |
|
Daemon Premium Member join:2003-06-29 Washington, DC |
to Dee Bee
The original claim that it was an iCloud breach came from an anonymous 4chan poster. Given that many in the pictures are not using iPhones, and the list of people affected is very long, I think that the original claim was merely speculation and isn't actually the case. Some of the people affected claim the pictures are years old and were deleted long ago. Others have claimed the pictures are fake, some of which has been shown to be true. (Of course, other claims of fake photos are actually PR screens) One theory I've read is that there is a darknet celeb picture trading ring that has been operating for quite a while, requiring payment of new, unseen pictures as a membership fee. I find this story more plausible--it would explain why so many in the photos are using Android phones, and would explain the age of some of the photos. Given my experience interacting with the underbelly of the internet 15-20 years ago (back when IRC and FTP ruled the roost), and my understanding of the seediness of Hollywood, I would not at all be surprised if this were the case. Some photos come from a hack, some from an ex fling, some from a geek squad member, etc. |
|
Alcohol Premium Member join:2003-05-26 Climax, MI |
to Ctrl Alt Del
said by Ctrl Alt Del:This appears to have been a brute force attack against the icloud.com website. The website did not lockout multiple failed login attempts, so someone wrote a simple python script that would go through common passwords and brute force attempts to login.
»9to5mac.com/2014/09/01/v ··· o-leaks/ if true then apple is to be blamed 100% for this. no way their payment nfc thing is going to be taken seriously now. |
|
|
said by Alcohol:if true then apple is to be blamed 100% for this. no way their payment nfc thing is going to be taken seriously now. Apple's security on the phone is top notch. Their web services, not so much. Using two factor authentication would have helped in this instance, which they now offer, because of the last big attack on their web services. |
|
Mike Mod join:2000-09-17 Pittsburgh, PA |
Mike
Mod
2014-Sep-2 7:48 am
Sort of like organic chemistry whereas the top grade is a D but curved to an A? |
|
|
said by Mike:Sort of like organic chemistry whereas the top grade is a D but curved to an A? Grading on a curve means your performance is compared to others. If Apple's web service security were compared to others (Facebook, Google, Microsoft, etc), they'd fail. It seems that Apple still prefers user convenience over inconvenient security. Which sucks, because Apple's work on securing your physical device has been very thorough. Apple's work in securing iOS is extremely commendable: » twit.tv/show/security-now/446 |
|
Mike Mod join:2000-09-17 Pittsburgh, PA ·Verizon FiOS
|
Mike
Mod
2014-Sep-2 10:01 am
Work smart, not hard.
The amount of jailbreaks that exist is disheartening.
The fact that Cydia is actually thriving is a bad mark to the device security.... and that their lawyers haven't ripped the guy behind it to shreds is lack corporate enforcement. |
|
|
to Dee Bee
Jennifer Lawrence looks absolutely stunning. |
|
1 edit |
to Mike
There hasn't been a remotely executable jailbreak in quite some time. Current jailbreaks rely on repeated, explicit user interaction with a fully unlocked device connected to a computer also requiring user interaction.
Yes, it could be more secure, but it's still a hell of a lot better than many other mobile devices and even many non-mobile systems.
And there's nothing illegal about Cydia itself. Distributing jailbreaks.. more questionable (although still likely legal). But Cydia is fine. (also, never head of the Streisand effect?) |
|
|
prior to Dee Bee
Anon
2014-Sep-2 12:33 pm
to Dee Bee
the accounts of the postings prior to 4chan have one or two comments, out of many, claiming they had gotten the images from icloud.
-- in other news, supposedly one of the people who put them on 4chan, has already moved but promised to continue posting. and that dark network is split into two sides now, for and against the publications. |
|
El QuintronCancel Culture Ambassador Premium Member join:2008-04-28 Tronna |
to Daemon
said by Daemon: One theory I've read is that there is a darknet celeb picture trading ring that has been operating for quite a while, requiring payment of new, unseen pictures as a membership fee. I find this story more plausible--it would explain why so many in the photos are using Android phones, and would explain the age of some of the photos. Given my experience interacting with the underbelly of the internet 15-20 years ago (back when IRC and FTP ruled the roost), and my understanding of the seediness of Hollywood, I would not at all be surprised if this were the case. Some photos come from a hack, some from an ex fling, some from a geek squad member, etc.
This would be the most plausible theory IMO. The fact that so many pictures are floating around seems to indicate that iCloud wasn't the only entity to blame. It probably bears the brunt of it, but if I were conspiratorially minded, I'd think that blaming iCloud security would be a scapegoat used to hide the existence of said ring. EQ |
|
ptrowskiGot Helix? Premium Member join:2005-03-14 Woodstock, CT |
to Mike
said by Mike:Work smart, not hard.
The amount of jailbreaks that exist is disheartening.
The fact that Cydia is actually thriving is a bad mark to the device security.... and that their lawyers haven't ripped the guy behind it to shreds is lack corporate enforcement. Where do you think Apple get's some of their developers and ideas from? |
|
|
to Mike
No it isn't. The existence of jailbreaks and Cydia is a testament to how badly people want to escape from the protection/jail that Apple built into the device. These people are persistent, and as with DRM and other activation technologies, someone else will find a way around these blocks: » theiphonewiki.com/wiki/TimelineThe exploits needed though are sometimes insane and sometimes it's only a tethered jailbreak. (A tethered jailbreak requires your iOS device to be connected to a computer for remote code injection, unthethered means you can reboot your phone and it will remain jailbroken without help from an outside computer). Android phones have the same thing. What do you think rooting is? |
|
|
to Dee Bee
Just another reason not to trust the cloud. |
|
4 edits |
to Dee Bee
Apples Two Factor Authentication Doesnt Protect iCloud Backups Or Photo Streams » techcrunch.com/2014/09/0 ··· d=pushupquote: On the user front, all of the standard pieces of advice still apply. Use a complex password, do not share it with anyone, use a private email if at all possible for your ID one you also dont share with anyone
|
|
Robert Premium Member join:2001-08-25 Miami, FL |
to Dee Bee
They must have logged on wrong |
|
|
to haroldo
said by haroldo:Apples Two Factor Authentication Doesnt Protect iCloud Backups Or Photo Streams
»techcrunch.com/2014/09/0 ··· d=pushup quote: On the user front, all of the standard pieces of advice still apply. Use a complex password, do not share it with anyone, use a private email if at all possible for your ID one you also dont share with anyone
And yet this is what Apple's Tim Cooke says would have protected those photo's. Is he lying? |
|
Riamen Premium Member join:2002-11-04 Calgary |
Riamen
Premium Member
2014-Sep-5 8:51 am
said by EdmundGerber:And yet this is what Apple's Tim Cooke says would have protected those photo's. Is he lying? It would have prevented the culprits from guessing the user's security questions and gaining access to the account in the first place. 2FA replaces the security questions. |
|