The celebrity photo hacking incident that saw Jennifer Lawrence and many other celebrities lose control over intimate, personal images stored in the Cloud was serious enough to get the FBI involved. There is one suspect that no one is really pointing the finger at, though. It is Apple.
Both Apple and members of 4chan, the photo sharing site that the stolen images first appeared on, have told new agencies that all the images came from Apple’s iCloud. Apple, though, has denied a security breach. Their research indicates that the hacker obtained passwords by directly tricking the celebrities in question with phishing attacks. Nevertheless, Apple did have a well-publicized security vulnerability for weeks around the time of the attack. Yet, Apple didn’t to fix it.
The security vulnerability was a basic one
Apple’s cloud servers had a significant area of susceptibility until the day after the celebrity image leak scandal. It appeared in the Find My iPhone service. The problem was that it allowed unlimited password attempts. If a hacker had your username and used a brute-force hacking program to try every possible combination of letters and numbers, Apple’s servers weren’t set up to suspect foul play. They would allow millions of tries. This is a shocking oversight.
Nearly no other major online service allows more than five incorrect attempts. They temporarily lock your account and try to contact you. Once a hacker succeeds with a brute force attack on Find My iPhone, he can use it across all of that unlucky user’s Apple accounts, iCloud, included. Most passwords will fall to this type of attack — even ones that include a combination of numbers, letters and special characters.
News of the vulnerability came up in May
British computing magazine The Register published a report on the iCloud vulnerability back in May 2014. In addition, in August 2014, a European computer security organization called HackApp demonstrated proof of the Find My iPhone vulnerability in the form of a proof-of-concept app.
While Apple did nothing, hackers around world could have read the report and even used the app to hack into those accounts. Apple only got around to patching the vulnerability after the image leak, in September.
Apple puts your photos on iCloud by default
It’s hard to lose anything that you made have on your iPhone, iPad or iPod. This isn’t always a good thing. The moment you take a picture, Camera Roll backs up it up to iCloud automatically. It isn’t easy to find out how to turn this default feature off (you need to open Settings, then go to iCloud and then Photos, and then turn off My Photo Stream). It can also be hard to delete anything from iCloud. Deleting everything on your Apple device doesn’t touch content stored on iCloud.
Apple’s two-factor authentication is useless
When you have two-factor authentication turned on, you have two layers of security. First you put in your password to sign into iCloud. The service then sends you back a verification code to key in. It proves to Apple that you have physical possession of your phone.
The problem is, Apple makes two-factor verification very difficult to use. You need to apply to Apple and then wait three days for them to turn it on. On services like Google and Facebook, you can turn it on whenever you want to.
Apple’s two-factor authentication would be no use even if you did turn it on. They only offer it to protect your credit card purchases with — not for iCloud. Many people who do jump through Apple’s loops to enable two-factor authentication do not realize that it doesn’t protect them on iCloud.
What you need to do
It’s important to remember that many of the celebrities involved in the breach didn’t even realize that their intimate photos were on Apple’s servers. This could be you. Hackers don’t just aim for celebrity nudes. They can aim for nudes by anyone. These photos always have market value.
If you have intimate photos on your device, backing it up to the cloud is a bad idea. Whether or not Apple was involved in this particular incident, it could have been. To have the valuable belongings of millions of people in one place is always risky. Hackers can be tempted to get in and get off was a lot of loot with minimal effort. The thing to do, then, is to stop automatic backups. Then, you need to get on iCloud or whatever other service your device backs you photos up and erase whatever is already there.
For iCloud, you need to go to Settings, iCould, Storage & Backup, Manage Storage, The name of your device and then toggle off Camera. You can also click on Delete Backup here to get rid of everything.
End of Article ————————————————————————————
Do you want to learn the phrase that attracts men like crazy?
Have you heard of “Obsession Phrases?” These are phrases that attract men like crazy, they spark up a crazy cocktail of obsessive & addictive emotions of love within any man.
Discover the “Obsession Phrases” here… => TEACH ME HOW TO MAKE A MAN CRAZY FOR ME. Learn the “EXACT” words every man is dying to hear from you.