Galifrey

iTrader: (3)

Did all these leaked pics really come from icloud?

The vids are all .mov format which tends to indicate they were filmed on idevices.

If so it is a serious breach of security and confirms my fears about cloud storage in general.

pimmo2000

iTrader: (6)

According to Apple, no. It's down to users being fools.

bigtel

Seems a bit fishy to me that the film 'Sex Tape' comes out this week about the cloud!

Alan Jeffery

I fear mine's been hacked as well. So far, nobody has asked me about any sex tapes! I wonder why not?

Galifrey

iTrader: (3)

I have no doubt it was down to poor passwords etc, however, the question was did they all come from iCloud.

I really don't like the idea of Cloud storage from any provider so not anti Apple on this. Putting all my files in the hands of a 3rd party is just asking for trouble imho.

Markus

There was, fairly recently, a very large number - 1.2b - of passwords grabbed by some Russian hackers (have a read here.)

Earlier this week the domain hosting firm namecheap apparently saw a massive increase in attacks and they believe it could be as a result of the same hackers using the cache of passwords they stole (more info here)

I would not be at all shocked if the celeb picture thing is also related to this, the timing does seem very coincidental.

As for wether iCloud was breached, Apple says no, which of course they would, but they did admit that Find My iPhone (fairly sure it was that) wasn't disabling accounts after five invalid access attempts, something they have changed.

I suspect that there isn't a breach per-se, more like brute force on many accounts using this massive password list, and those accounts likely had weak passwords and / or did not have two factor authentication enabled.

I also think that if the files did come from iCloud, it's likely the celebs thought the pictures had been deleted, when in fact they had not, for example, they deleted the pictures from the phone, but did not realize they had been synced to their iCloud account, and so were still there, just not on the phone.
It has been said that the instructions on how iCloud works, what is stored where and when, and how to really delete items from devices and your iCloud account are somewhat vague or not intuitive, so some better documentation wouldn't go amiss.

New_scooby_04

iTrader: (4)

^^^ This ^^^^

One of the reasons I steer clear of Apple is the ambiguity about what ends up where. Seems that the default is to back it up on the cloud, which results in things being placed remotely that one might not want remotely.

As for the password thing, people often don't help themselves by creating a sufficiently secure password or engaging in practices that undermine their security. However, lets face it: If someone wants to get into your account badly enough; they'll do it! I think the real solution is don't put anything on-line that you wouldn't want shared! The onus is now on companies like Apple to assist customers in making informed choices in this respect.

Ns04

JackClark

That's a common misconception.

Beef

Same on Android too:

https://i.imgur.com/FtgxjFK.png

This is likely to be a combination of targeted "hacking" and poor user security.

I reckon there's a good living to be had in giving celebrities personal security lessons.

JackClark

If you really want to target someone, it's all too simple. The last couple of years have been positive with widespread adoption of https and to a lesser degree two-factor authentication.

Who remembers Firesheep? Those were shocking times.