Skip to main content

Fingers Point At Apple In Nude Celebrities Hack

You'll no doubt have heard by now that compromising pictures of several celebrities have been released into the wild, after being leaked onto the 4chan site.

There have been strong rumours that these photos have all been retrieved through Apple's iCloud service, which Apple devices use for automated backup of photos. There's also been a suggestion that Dropbox may have been involved, but most commentators are pointing the finger at Apple at the moment.  

There are two issues that should concern you right now. Firstly, how secure is my iCloud data and secondly, does my Apple ID password allow access to any other services?

It appears that iCloud has an inherent weakness in its authentication model, allowing unlimited failed password attempts against a user ID. This allows a brute force attack to be staged, where a machine is used to rapidly enter combinations of letters and numbers until the right one is found. 

That is something that Apple can easily resolve, but in the meantime you can improve your protection by creating a longer password - the effort required to crack a password is significantly increased the longer your password is. 16 characters should be your target here. Remember that your Apple ID is an open gateway to things like purchases from iTunes and Find My iPhone - either of which could end up costing you serious money. 

If you use your Apple ID password (or a close variation of it) on other services then now is the time to change them. It's unlikely that your account has been breached, but this would be a wise precaution to take. Now that the exploit is widely known, the number attempting to replicate it and the potential targets will widen considerably. 

For those actresses who have been exposed it has been a violation of their privacy and, if the attack method is confirmed, a failure by Apple to live up to its security promise. 

But they will have their fat bank accounts, crowds of hangers-on and fans to ease the embarrassment, if your account is exposed, the pain might not be so easily salved. 

Comments

Popular posts from this blog

F1: Robert Kubica Impresses In Renault Test Run

The car may be old but its the performance of the driver that's the story here. Robert Kubica returned to F1, after a fashion, earlier this week with an extensive test run in a 2012 Lotus Renault F1 car at Valencia.
The age of the car and the circuit were likely determined by F1's current rules which ban testing, but the reason for Kubica being in the car is far more interesting. Considered by many to be a potential World Champion and certainly one of the fastest drivers of his generation, Kubica's F1 career seemed to be over after a 2011 crash whilst driving in the Rally of Andora. His Skoda Fabia was penetrated by a guardrail in the high speed accident partially severing his right arm.
Up until last year Kubica has been competing in rallying, with the expectation that the limited movement in his repaired arm would prohibit a return to single seater racing.
So this week's test is both interesting and confusing. Interesting because Kubica completed 115 laps of the ret…

Panos Panay's Defence Of Microsoft Surface Hardware Sounds Eerily Familiar

This weekend I went out with my ten year old daughter to select a laptop for her school year beginning in January. The schools requirements are quite specific, requiring a Windows 10 device, with a preference for a touchscreen and a stylus. She chose a Surface Pro, after trying a large number of different options. Having seen the way I use my own Surface Pro - and tried it herself there was only ever going to be two options - and the other was a Surface Laptop.
I tell you this so that you understand I am a buyer of Microsoft's products through choice, not compulsion. I'm on my third Surface device now. 
So when Panos Panay dismissed reports of the death of the Surface hardware line, I was very interested to see exactly how strong these denials were. Especially how they reflect what has gone before. To whit: Windows 10 Mobile.
Panay claimed that Microsoft is in hardware for the long haul. Almost exactly mirroring the words of Terry Myerson, when he claimed Windows Mobile was g…

WhartonBrooks Indiegogo Windows 10 Mobile Even More Doomed To Failure Than Usual

WhartonBrooks is currently crowd-funding its latest Windows Mobile smartphone on Indiegogo. If crowdfunding isn't already a bad enough idea, a company trying to crowdfund a Windows Mobile device should be warning enough for you.
Not that anyone seems to be taking the project too seriously. With a few weeks left to run the campaign has managed to ensnare just 2% of its $1.1m target.
If you want a better indication of how few Window Mobile loyalists remain I doubt there is one. Of 3,900 Windows Phone enthusiasts Wharton Brooks was seeking for its new phone, it has managed to entice just 50.
Windows for Phones is dead, even if the corpse hasn't stopped twitching yet.