Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Apple Just Patched A Security Flaw In iCloud
Business Insider ^ | September 1, 2014 | James Cook

Posted on 09/01/2014 8:12:52 AM PDT by ConservativeMind

Engadget reports that Apple has fixed a major bug in its Find My iPhone software that allowed hackers to gain access to iCloud accounts. The fix comes just hours after a hacker leaked hundreds of nude celebrity photos on 4chan in return for Bitcoin donations.

Apple's Find My iPhone login page was discovered to have been vulnerable to so-called "brute force" hacks. Hackers are usually locked out of sites if they try to gain access using multiple passwords, but it was discovered that the Find My iPhone API allows users to repeatedly try different passwords. Security researcher Alexey Troshichev revealed that it's possible to combine this exploit with a list of common passwords in order to make a tool that can gain access to iCloud accounts.

(Excerpt) Read more at businessinsider.com ...


TOPICS: Crime/Corruption; Culture/Society
KEYWORDS: hackers; icloud; iphone; maccult
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-72 last
To: Kirkwood
Apple never cornered the market on phones even though they want people to believe they did.

No, Kirkwood, they don't even want to "corner the market on phones." They don't even compete in the low end of the cellular phone market. They've never even implied they've gone after "market share," because Apple is far happier taking home the lion's share of ALL cellular phone manufacturing profits! Jay Yarrow reports in the February 14, 2014, Business Insider:

Analyst Tavis McCourt at Raymond James estimates Apple has 87.4% of smartphone profits. (that's worldwide profits, Kirkwood — Swordmaker)

The next closest is Samsung, with 32.2% of smartphone profits.

Yes, those numbers add up to over 100%. (119.6%—S) That's because everyone else is losing money, and so McCourt gives the rest of the world's phone makers negative profit share. — Apple Collects 87% Of All The Profits In The Smartphone Handset Industry

I should point out that McCourt is not the only analyst who has come to this astonishing conclusion. . . every conclusion from analysts who follow the cellular phone market's financial figures are in the same ballpark.

On the other Market Share hand, in the United States, Apple iPhones were the top selling brand, bar none, with 41.9% of the market last quarter, followed by Samsung at 27.8%, LG with 6.5%, then Motorola at 6.3%, and HTC at 5.1%. Yes, I know those total 45.7% which is more than Apple's 41.9%, but Apple is still the number one top selling brand in the US, regardless of irrelevancies like operating systems.

Incidentally, Kirkwood, in the same period Apple took home 53% of the worldwide personal computer market profits.

That's one of the reasons Apple Inc stock is selling for $102.50 per share ($717.50 pre split adjusted) an all time high!) and it's market cap value is $613.8 Billion, 44.7% higher than the market cap of Exxon Mobile, the second most valuable publicly traded company in the world.

61 posted on 09/01/2014 8:46:59 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 26 | View Replies]

To: oh8eleven
I forgot a category.

Accessories: There is simply no comparison in the sheer number and scope of accessories and devices that can interface with Apple devices compared with the very small numbers made for the various Android devices. These iOS accessories run from cases, audio system, FLIR cameras, professional level medical devices, and all the way to automobiles and smart houses.

62 posted on 09/01/2014 8:55:40 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 56 | View Replies]

To: ConservativeMind

More reports on analysis of the picture sources say that a lot have “Tumblr” watermarks on them, for whatever that’s worth. Others show Android phones in the selfies as well as Apple phones. Data that shows varied sourcing. Apple has announced they are “Actively investigating IF the data could have originated from breeches of Apple customer accounts.”


63 posted on 09/01/2014 9:18:23 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

It could be Apple’s use of Amazon cloud space. It could be the NSA losing it’s secret access codes.


64 posted on 09/02/2014 12:12:47 AM PDT by Citizen Zed ("Freedom costs a buck o five" - Gary Johnston, TAWP)
[ Post Reply | Private Reply | To 57 | View Replies]

To: Citizen Zed
It could be Apple’s use of Amazon cloud space. It could be the NSA losing it’s secret access codes.

Apple states on their website that any iCloud personal data on third party storage such as you've mentioned on Amazon's servers is first individually 128bit encrypted, then anonymized, group block compressed in 256bit hexadecimal encryption with no decipherable identity markers, before being placed on any non-Apple servers, so that's not even possible. While the NSA may have access to Amazon's servers, the Apple data is too anonymous and encrypted to use. That data has to be retrieved from the 3rd party back to Apple and deciphered there before being returned to the user.

65 posted on 09/02/2014 2:03:35 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 64 | View Replies]

To: ConservativeMind
The Washington Post just put up this interesting theory by Dan Kaminsky of WhiteOps.com:

A theory offered on Twitter by security expert Dan Kaminsky, chief scientist at WhiteOps.com, is that someone who was collecting a cache of the celebrity nudes may have been hacked by the person or people who spread the images online over the weekend. If the photos were collected by a person from different sources over a long period of time, it could explain why some of the images appear to be genuine and others are allegedly fake.
That would explain the melange of photo types.
66 posted on 09/02/2014 2:44:10 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
You're likely to blow through 500MB of data very quickly.
No, not really. First off, with the additional free 500MB, my total will be 1GB. Second, I've turned off my 4G and only use Wi-Fi.
Third, I'm retired and near a PC 95% of the day ... plus I don't have the on-line habits of today's kids.
67 posted on 09/02/2014 5:33:06 AM PDT by oh8eleven (RVN '67-'68)
[ Post Reply | Private Reply | To 50 | View Replies]

To: Swordmaker
"Apple Just Patched A Security Flaw In iCloud"

Did they or did they not just patch a security flaw that they claimed did not exist? How can you be sure there are no more flaws? Apple must allow the NSA wiretapping access via the PRISM program - this is the biggest inherent security flaw, as the NSA has prooven that access to their secret methods has been compromised. Everything stored locally or communicated remotely is so-called metadata. I don't believe Apple, as they have a history of security flaws on their overpriced and overhyped devices: Unencrypted email attachments. Using a "connected" computer to do a system restore via iTunes. Unencrypted USB cable communication. Issues with Bluetooth devices. Trusting every app you buy through their portal. And doing it all without allowing a third party security solution to protect you.
68 posted on 09/02/2014 7:25:52 AM PDT by Citizen Zed ("Freedom costs a buck o five" - Gary Johnston, TAWP)
[ Post Reply | Private Reply | To 65 | View Replies]

To: Kirkwood
"There are much better phones out there."

Not according to customer satisfaction surveys...

"Apple has never taken security protocols seriously, so why buy their products?"

That is absolutely false. In fact, Apple is going the route of making privacy and security a selling point of their products, the opposite of Google who leverages your private data for sales purposes.

If the breach was in fact due to an Apple software flaw, it would be an isolated incident. Every company has them.

On the other hand, with Google you get ubiquitous app security problems.

69 posted on 09/02/2014 10:08:51 AM PDT by PreciousLiberty
[ Post Reply | Private Reply | To 13 | View Replies]

To: Pikachu_Dad
"I have lots of friends who have tried the Samsung options. Not impressed."

Yes, in fact Apple is seeing a lot of iPhone crossover from Android users.

That should explode when the larger iPhone 6 models arrive. One week to go before the announcement... I'll be going to the 5.5" version when it's available.

70 posted on 09/02/2014 10:18:48 AM PDT by PreciousLiberty
[ Post Reply | Private Reply | To 58 | View Replies]

To: Citizen Zed
Did they or did they not just patch a security flaw that they claimed did not exist? How can you be sure there are no more flaws? Apple must allow the NSA wiretapping access via the PRISM program - this is the biggest inherent security flaw, as the NSA has prooven that access to their secret methods has been compromised. Everything stored locally or communicated remotely is so-called metadata. I don't believe Apple, as they have a history of security flaws on their overpriced and overhyped devices: Unencrypted email attachments. Using a "connected" computer to do a system restore via iTunes. Unencrypted USB cable communication. Issues with Bluetooth devices. Trusting every app you buy through their portal. And doing it all without allowing a third party security solution to protect you.

What a load of FUD, Citizen.

Yes, they did patch a security flaw, every tech company has them.

Apple examined the accounts of every compromised celebrity and found that every single one was compromised in the old fashioned way. . . By the attacker guessing their very weak security question answers and simply resetting their passwords. They didn't use Apple's recommended two-factor security.

Apple has NOT signed on with PRISM. When it was revealed, Apple refused to participate and has continued to refuse. There is no "must." Please show those "security flaws" in UNIX, the most secure OS in use today. Apple OSX is one of the four POSIX compliant, certified UNIX trademarked operating systems allowed to be sold under trademark. Apple email attachments are encrypted with the email. I don't know where you are getting your mis-information, but that's what it is. You obviously don't know what you are talking about.

We Mac users will use a third-party security solution to protect us when there is an observed need. In 15 years there has been not one viable virus in the wild for Apple OSX. There are only seven known Trojan families, with about sixty variations, every one of which the OS will identify and block download, installation, or first run.

Frankly, you are ignorant about Apple products and swallow the FUD, hook, line, and sinker.

71 posted on 09/02/2014 7:02:42 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 68 | View Replies]

To: oh8eleven
No, not really. First off, with the additional free 500MB, my total will be 1GB. Second, I've turned off my 4G and only use Wi-Fi. Third, I'm retired and near a PC 95% of the day ... plus I don't have the on-line habits of today's kids.

Ok. You implied your plan was only 500MB. . . but you should be fine with 1GGB so long as it's not shared with another phone and you'd be OK even on 4G. Just don't watch any HIDEF movies and keep the YouTube addiction down.

72 posted on 09/02/2014 7:13:26 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 67 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-72 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson