A major setback to Apple’s reputation came about this week when hundreds of nude photographs of celebrities were leaked from iCloud and posted on 4chan (an image sharing forum). This news made the bulletin as it involved celebrities like Jennifer Lawrence, Ariana Grande and the FBI is investigating this matter. The news has been attracting mixed reactions over the social media forums, few blaming the celebrities for taking their compromising pictures and others blaming the poor data security of iCloud, a cloud computing service from Apple Inc. to store pictures, music and data.
Apple set about engineers to detect the cause and patch the gap in its security and denied that its security measures were faulty, as only a few celebrity accounts were targeted. The discovery made in the investigations suggests that the hackers used user names, passwords and mainly information for security questions to unlock their accounts. Unlike other services which lock you out after a few trials with an incorrect password, Apple’s “Find My iPhone” feature allowed hackers to make unlimited trials with password using “Brute-Force attack” concept.
What provoked more speculation was the fact that, a day before this leak, a code for Apple’s brute-force technique was uploaded on GitHub, a web hosting site. Apple has however fixed this problem and claims that no breach has occurred in Apple’s “iCloud” or “Find My iPhone”. To avoid such attacks Apple advices employing a strong password with two-step verification.
It is not confirmed if Apple’s security flaw was the reason for the leak of celebrity photographs. Being a true Apple fan, all I can wish for is that they come clean of this accusation. The high profile involvement and the media interest have gone on to create a black mark on Apple. Especially with the official launch of iPhone 6 and its first smart watch due shortly, it makes you wonder if this scandal was actually strategized.
Related: Cloud and its battles
Prevent yourself from Data Thefts
Data on the cloud is usually on higher risks of being stolen. Relating to the current situation it would be advisable not to store extremely private information on cloud, especially without ensuring proper protection of your account. Avoiding common passwords and setting up a two-step verification procedure is the way to go.
Cloud systems make managing your information simpler and easier, but they have drawbacks too. It may be inconvenient to put in extra steps of care but ultimately a little bit of attention goes a long way.