BladeVenom
Supreme [H]ardness
- Joined
- Jun 29, 2005
- Messages
- 7,707
All the celebrities using iCloud are having their nude photos leaked online.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Which celebrities?
Jennifer Lawrence, Kate Upton, Victoria Justice, Brie Larson, Teresa Palmer, Kristen Dunst, etc.
P. S. the alleged "hacker" is a system network administrator who somehow had email addresses of these celebrities. My guess is he works for someone in the industry who actually do have email accounts of them. It's even possible that these celebrities have an account on the system and use the same password, making it a whole lot easier. The reason why I don't think it's as simple of as a iCloud brute force find my phone exploit is where did he get the logins?
Just going to say it; You sound like an apple fanboi making it appear it was just by chance that this "system network engineer" had these actresses iCloud email addresses.......as if Apple is un-hackable or unobtainable in that regard. This wasn't your run of the mill "hay guiz i found dis emails and it haz pictarz!! wut do?!"
No one is safe if the right people know the right things.
iCloud is no more secure than any other cloud storage that is available to the public, or private for that matter.
Can't wait to see someone hack up Amazon's cloud storage that the government will be using.....
Actually it's pretty easy to blame Apple for this because they had the pictures secured and now they are on internet regardless of how it was done.
Just going to say it; You sound like an apple fanboi making it appear it was just by chance that this "system network engineer" had these actresses iCloud email addresses.......as if Apple is un-hackable or unobtainable in that regard. This wasn't your run of the mill "hay guiz i found dis emails and it haz pictarz!! wut do?!"
No one is safe if the right people know the right things.
iCloud is no more secure than any other cloud storage that is available to the public, or private for that matter.
Can't wait to see someone hack up Amazon's cloud storage that the government will be using.....
Actually it's pretty easy to blame Apple for this because they had the pictures secured and now they are on internet regardless of how it was done.
With no real proof of how this hack was even achieved, I would argue that its actually pretty damn hard to blame apple at this point.
Could this be due to a stupid and preventable security flaw that does make apple to blame? Absolutely yes, but until more details are known you're just jumping the gun.
I wont take on the blame the victim mentality but I do personally consider anything stored on someone else's servers already hacked. This is why I don't store anything of real importance out in "the cloud".
They got into the account without brute forcing their way in, assuming that whoever claim to have hacked it is a group of people, not just one. They got into the account through answering security questions and took them months.
The FBI has also said that another cloud service (without naming which) was also hacked. My guess is DropBox or Google.
Oh so when it leaks out that they had 100,000 guesses before apple patched the account lock bug it's the victim's fault.
Yes, Apple should make sure that brute force isn't an issue. The problem is that a lot of people treated this as some kind of compromise of iCloud itself; it's not, any more than someone figuring out your Gmail password is compromising Google's servers.
It's no doubt embarrassing to Apple if brute force worked, but that's apparently been patched, too... so it amounts to arguing over nothing.
Once again, there was no brute force attack to get the passwords. So you're blaming Apple for this loophole when this loophole wasn't even used...
Jennifer Lawrence, Kate Upton, Victoria Justice, Brie Larson, Teresa Palmer, Kristen Dunst, etc.
Ok, did google searches for all those, seems the only ones that positive results is mostly Jennifer Lawrence.
Why do these people upload nudes into a cloud service that isn't even safe to begin with? Nothing floating in the cloud or internet is ever safe.
7. Apple accounts seem particularly vulnerable because of the recovery process, password requirements and ability to detect if an email address has an associated iCloud account. The recovery process is broken up into steps and will fail at each point. While Apple do not reveal if an email address is a valid iCloud address as part of the recover process, they do reveal if it is valid or not if you attempt to sign up a new account using the same email so verification (or brute force attempts) are simple. The second step is verifying the date of birth and it will pass or fail based on that data alone so can be guessed, while the last step are the two security questions. It would be a good idea for Apple to kill the interface on signup that shows new users if their email account is available to use as an iCloud account or not. It would also be a good idea to make the recovery process one big step where all data is validated at once and the user is not given a specific error message. It would also be wise to attach rate limits and strict lockout on this process on a per-account basis.
Being able to POST an email address to https://appleid.apple.com/account/validation/appleid and getting back a response indicating if it is a valid account or not, with little to no rate limiting, is a bug.
Once again, there was no brute force attack to get the passwords. So you're blaming Apple for this loophole when this loophole wasn't even used...
Ok, did google searches for all those, seems the only ones that positive results is mostly Jennifer Lawrence.
Why do these people upload nudes into a cloud service that isn't even safe to begin with? Nothing floating in the cloud or internet is ever safe.
IT security 101.