TechSpot

Tim Cook says Apple will improve iCloud security following photo hacks

By Scorpus
Sep 5, 2014
Post New Reply
  1. In an interview with The Wall Street Journal, Tim Cook has promised to improve the security of iCloud following the celebrity photo hacks that have made headlines throughout this week.

    Read more
     
  2. 9Nails

    9Nails TechSpot Paladin Posts: 975   +87

    Maybe I'm just jaded with Apple, but I read this as a reaction to the stock market drop of more than $4, and not as a "we care about your security" message.
     
  3. I dislike Apple to the highest level but come on, people need to wake the hell up about security. If you are a celebrity and you use a weak password and the security questions you put in are available in your bio or your web page then dont cry when someone hack your account. And why the hell do you put nude photos of yourself in the cloud??? Some people have no clue.
     
  4. davislane1

    davislane1 TS Guru Posts: 1,338   +493

    Unlikely. A minor short-term drop like that is meaningless both from a business and investing standpoint. As a matter of fact, $99.41-$96.80 is a daily demand level on AAPL. If anything, the drop has given Apple traders a reason to buy in/add on to their positions.

    Cook is simply complying with the requirements of his job. Apple's service was breached by a brute force attack. Meaning, Apple didn't do its job properly. He has to apologize and restore confidence in their product. It's straight PR, unrelated to their stock performance.
     
  5. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,556   +301

    Is that true, really? I know there was that FindMyiPhone exploit that was patched, but I haven't seen anything to suggest that is how it happened. Cook's response also indicates that wasn't involved in this. What was involved was using publicly available information to get into accounts by answering security questions correctly.
     
  6. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 3,087   +747

    But why waste money on beefing up security if they weren't hacked? Isn't profit sharing much more important to the big wigs? All big corporations are tarred with the same brush, they all tell you they take customer data security very, very seriously but yet they all sit on their fingers until they're well and truly hacked and have to offer red faced apologies before they act.
     
  7. davislane1

    davislane1 TS Guru Posts: 1,338   +493

    The exploit took advantage of a lack of brute force protection on Apple's end. As you know, you only get so many attempts on most security systems before you are locked out and required to verify your identity. Apparently, Apple's system either lacked this feature or did not implement it effectively. This enabled the "hackers" to use the data they obtained on a trial and error basis, until they discovered the correct security entries.
     
  8. captaincranky

    captaincranky TechSpot Addict Posts: 10,735   +894

    You go there Timbo! Lock that gate after everybody's horse has been stolen...:oops:
     
  9. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,556   +301

    @Skidmarksdeluxe They fixed the not locking out an account after multiple attempts and apparently that was found and fixed within 40 hours of this incident. If you want to stay as cynical as you are, you can still do that because I don't think spending 40 hours patching up something and then pledging to push harder for users to use 2-step authentication is really much of a cost issue.

    I agree there, however I was under the understanding from reading about this all over, that there wasn't much trial and error. It was answering security questions for the accounts, and when you are a celebrity, the types of questions that are used in security questions have searchable answers. It was more of a celebrity research project than a 'dictionary' type brute force.
     
  10. captaincranky

    captaincranky TechSpot Addict Posts: 10,735   +894

    OK, if the simplest forum on the web, has had the lockout feature for years, why shouldn't cynicism reign? This forum will lock you out after 3 (?) attempts. Another forum I belong locks the account, then sends an email to warn you your account has had a hacking attempt made on it. My bank, my credit card companies, all have the lockout feature, and have had it for years.

    You really should dial back you role as Techspot's chief Apple apologist, if only just a twitch.

    Take me back to the days when men were men, celebrity "hacks" were feature length, and then put out on VHS tapes. (Tommy Lee Jones and Pam Anderson, "A Night in Paris", (Hilton, that is)):cool:
     
    Last edited: Sep 5, 2014
  11. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,556   +301

    I ignore 95% of skid's remarks. He bashes Apple in threads that aren't even related to Apple. I'll be taking the weekend off, but for different reasons, have a ball.

    Perhaps you see me as an 'apologist', I try (sometimes unsuccessfully) to just state the facts and leave everything else out. So many times people don't read the article, or just go off the headline and the intro sentence. A lot of that is due to how journalism now is click-bait. As a result, and this being such a PC centric forum, you get a lot of people spouting stuff that simply isn't true.
     
    davislane1 likes this.
     
  12. davislane1

    davislane1 TS Guru Posts: 1,338   +493

    That's accurate to what I've read, but, given the scope of the exploit (100+ actresses/celebrities), I suspect there was at least some use of a traditional dictionary type attack. As desperate as some guys can be, I have a hard time believing someone would research 100+ celebs just for nudes. Though, this assumes 1) there were few agents and 2) the attacker wasn't paid.
     
  13. captaincranky

    captaincranky TechSpot Addict Posts: 10,735   +894

    Speaking for myself I don't bash Apple on their product, be more on their fan base. In this case, if every iPhone user was susceptible to a brute force attack, then Apple could stand a bit of, "constructive criticism".

    Besides, I've taken to loathing the CEOs of large companies, more than the companies themselves.

    For example, every time Tim Cooke, the Amazon CEO, or anyone from department heads on up at M$, open their mouths, my loathing begins.

    When Ballmer was still around, I used to pray for old age to steal my hearing.
     
  14. davislane1

    davislane1 TS Guru Posts: 1,338   +493

    You're a scorned former executive, aren't you? I always suspected corporate ran in your blood.
     
  15. hahahanoobs

    hahahanoobs TS Booster Posts: 971   +97

    I read that there was no limit to how many attempts you had at entering your un and pw. That's not right at all if true.
     
  16. Jack Meoffski

    Jack Meoffski TS Rookie

    It's called rate limiting and its sounds like you have no clue what it is and how it applies to network security lol.
     
  17. captaincranky

    captaincranky TechSpot Addict Posts: 10,735   +894

    Not in the least. I think CEOs are just a bunch of inbred show ponies, who only open their mouths to change hooves.
     
  18. Egon Spengler

    Egon Spengler TS Rookie Posts: 19

    Just a hint to the celebrities. When they ask for your mother's middle name, you don't have to tell the truth. My mothers middle name is &64tghk just for the record.
     
  19. Snowden

    Snowden TS Rookie Posts: 52   +21

    "And in latest news, Tim Cook switched to Windows Phone for better security and protection of his data."
     
  20. captaincranky

    captaincranky TechSpot Addict Posts: 10,735   +894

    What I still can't get my head around, is why people that work around the finest studio cameras for a living, take and store nudes of themselves on some dumb iPhone in the first place. Maybe so they can get hacked, "accidentally on purpose"?
     
  21. davislane1

    davislane1 TS Guru Posts: 1,338   +493

    Beauty is generally inversely proportional to intelligence (raw and practical). You know this. They probably thought the stuff was secure simply because the label says so, not bothering to check the legal contract that refutes it.

    That's what happens when you don't let your agent handle your gadgetry. Oversights are a *****. Or, in Kate Upton's case, probably not as fake as she would have people believe.
     
  22. Snowden

    Snowden TS Rookie Posts: 52   +21

    Agree, though many celebrities have done it on purpose such as Paris Hilton etc. Apparently letting people see your ugly pink bits or with white spray all over your face is a good career move.

    What I find even harder to figure out is that anyone finds Rihanna attractive, as to me she looks like a deformed monkey on crack. An oh, that forehead....
     
  23. captaincranky

    captaincranky TechSpot Addict Posts: 10,735   +894

    Perhaps, but you can't say Paris Hilton actually ever had a "career". Basically a flat a**ed Kim Kardashian with a much, much, richer father.
    And speaking of the transient, rather fleeting nature of beauty, I kinda think Kate Upton, is the next Anna Nicole Smith on the hoof. She'll be modeling plus sizes before you know it. In the blink of an eye-xtra milkshake or two.
     
    Last edited: Sep 6, 2014


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.