Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Apple Just Patched A Security Flaw In iCloud
Business Insider ^ | September 1, 2014 | James Cook

Posted on 09/01/2014 8:12:52 AM PDT by ConservativeMind

Engadget reports that Apple has fixed a major bug in its Find My iPhone software that allowed hackers to gain access to iCloud accounts. The fix comes just hours after a hacker leaked hundreds of nude celebrity photos on 4chan in return for Bitcoin donations.

Apple's Find My iPhone login page was discovered to have been vulnerable to so-called "brute force" hacks. Hackers are usually locked out of sites if they try to gain access using multiple passwords, but it was discovered that the Find My iPhone API allows users to repeatedly try different passwords. Security researcher Alexey Troshichev revealed that it's possible to combine this exploit with a list of common passwords in order to make a tool that can gain access to iCloud accounts.

(Excerpt) Read more at businessinsider.com ...


TOPICS: Crime/Corruption; Culture/Society
KEYWORDS: hackers; icloud; iphone; maccult
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-72 next last
Full Title: "Apple Just Patched A Security Flaw In iCloud That Could've Been Used To Hack Celebrity Accounts"

Sadly, it's not known if this is what was used.

Apple is going to have a huge black eye for a long while from this. I wonder what the settlements will cost with all the actresses.

1 posted on 09/01/2014 8:12:52 AM PDT by ConservativeMind
[ Post Reply | Private Reply | View Replies]

To: ConservativeMind

I’ll, of course, have to see the photos in question in order to determine the severity of the breech.


2 posted on 09/01/2014 8:14:50 AM PDT by Puppage (You may disagree with what I have to say, but I shall defend to your death my right to say it)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #3 Removed by Moderator

To: ConservativeMind

I can’t believe they didn’t have some kind of lockout policy. Even a ten-try maximum would be effective against brute-force; you could also establish a modest lockout duration so legitimate users could try again after a set amount of time.


4 posted on 09/01/2014 8:16:32 AM PDT by Mr Ramsbotham (Laws against sodomy are honored in the breech.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ConservativeMind

I got an iphone last week. Coincidentally they pushed me a message that I should back it up to iCloud on friday, just before this hit.


5 posted on 09/01/2014 8:19:10 AM PDT by DManA
[ Post Reply | Private Reply | To 1 | View Replies]

To: ConservativeMind
So, why do celebrities have nude photos of themselves posted to the cloud anyway?

Bob Barker and George Clooney can keep it to themselves.

6 posted on 09/01/2014 8:19:29 AM PDT by Izzy Dunne (Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

ping


7 posted on 09/01/2014 8:21:10 AM PDT by Perdogg (I'm on a no Carb diet- NO Christie Ayotte Romney or Bush)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Izzy Dunne

Apparently Justin Verlander cannot.


8 posted on 09/01/2014 8:21:40 AM PDT by Perdogg (I'm on a no Carb diet- NO Christie Ayotte Romney or Bush)
[ Post Reply | Private Reply | To 6 | View Replies]

Comment #9 Removed by Moderator

To: ConservativeMind

bkm


10 posted on 09/01/2014 8:24:23 AM PDT by no-to-illegals (Scrutinize our government and Secure the Blessing of Freedom and Justice)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Mr Ramsbotham

Apple has a “ten try” option for our phones to force erasure in the wrong hands, if my memory is correct. But it is optional per phone and does not begin to cover security on APIs and other environmets like iCloud.

These ladies will be dealing with the fallout the rest of their lives. The pics were meant for a specific person. As iPhones default to uploading to the free 5 GB drive space (encouraging us to purchase more to cover our growning data), these women probably didn’t think there was even a concern.

Apple is looking really bad, now. We will still buy the new iPhone 6s, but we will also continue to keep iCloud off.


11 posted on 09/01/2014 8:24:35 AM PDT by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticide, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 4 | View Replies]

To: ConservativeMind

My new ipad has icloud as my new email address but I don’t have any naked pictures on it. No pictures at all. What else could happen?


12 posted on 09/01/2014 8:28:18 AM PDT by Ditter
[ Post Reply | Private Reply | To 1 | View Replies]

To: ConservativeMind

There are much better phones out there. Apple has never taken security protocols seriously, so why buy their products?


13 posted on 09/01/2014 8:29:26 AM PDT by Kirkwood (Zombie Hunter)
[ Post Reply | Private Reply | To 11 | View Replies]

To: Ditter

Your phone contacts, address, notes, email, Passbook credit cards, etc get backed up.

This post will help you understand more:
http://www.freerepublic.com/focus/f-news/3199158/posts?page=44#44


14 posted on 09/01/2014 8:35:15 AM PDT by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticide, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 12 | View Replies]

To: Kirkwood

No, there are not any better phones out there. Apple is the top.


15 posted on 09/01/2014 8:35:49 AM PDT by Pikachu_Dad (Impeach Sen Quinn)
[ Post Reply | Private Reply | To 13 | View Replies]

To: ConservativeMind

I don’t bank, shop or pay bills on line. Personal emails, forwarded jokes and Free Republic, Drudge and occasionally DU. that’s all I do!


16 posted on 09/01/2014 8:39:31 AM PDT by Ditter
[ Post Reply | Private Reply | To 14 | View Replies]

To: Puppage
I’ll, of course, have to see the photos in question in order to determine the severity of the breech.

In Kate Upton's case, the breech was pretty severe. In the cases of Jennifer Lawrence, Ariana Grande and Victoria Justice, the breech was tasteful, not too over the top, but embarrassing nonetheless.

17 posted on 09/01/2014 8:41:55 AM PDT by Drew68
[ Post Reply | Private Reply | To 2 | View Replies]

To: Pikachu_Dad; Kirkwood
No, there are not any better phones out there. Apple is the top.
After 7 years w/ a dinosaur cellphone, I bought a Samsung Galaxy 4 just last week.
I'm still sliding up the learning curve but so far, I'm really impressed.
How is an Apple better?
18 posted on 09/01/2014 8:42:23 AM PDT by oh8eleven (RVN '67-'68)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Kirkwood
"Apple has never taken security protocols seriously, so why buy their products?"

Apple will receive sympathy from the media as the victim here. And the stupid stars that took the selfies will not blame Apple - even if Apple is found to be renting its cloud storage from the NSA data warehouse.
19 posted on 09/01/2014 8:42:47 AM PDT by Citizen Zed ("Freedom costs a buck o five" - Gary Johnston, TAWP)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Izzy Dunne

They probably didn’t overtly think that the automatic backup Apple does would be insecure. The phone has a fingerprint reader, which will “ensure” only you can make payments, when that is unveiled this month.

Each lady is thinking:
“If I don’t specifically share my pictures, why did Apple let them be taken?”


20 posted on 09/01/2014 8:43:15 AM PDT by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticide, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 6 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-72 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson