Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Apple Reportedly Aware of iCloud Flaw Six Months Before Hacking of Celebrity Accounts
Apple knew about an iCloud security flaw six months before it was utilized to hack celebrity accounts on the service, reports The Daily Dot. The company was notified of the exploit by independent security researcher Ibrahim Balic, who shared emails between himself and members of Apple's product security team.
In an email from March 2014, Balic told Apple that he was able to bypass the security of any iCloud account by using a "brute-force" hacking method that was able to try over 20,000 password combinations. Balic recommended to Apple that it should implement a feature in iCloud that prevents log-ins after a set number of failed attempts, and even reported the exploit through Apple's Bug Reporter. Balic was also the developer said to be behind the extended outage of Apple's Dev Center last year.
In May 2014, Apple emailed Balic and questioned the validity of the exploit, stating that it "would take an extraordinarily long time" to find a valid authentication token to get into an iCloud account using the flaw. Balic states that Apple continued to ask him about the exploit and how it would be utilized.
On September 1, 2014, hackers breached the iCloud accounts of many well-known actresses, downloading and leaking private photos and videos. While it was not initially known what caused the breach, The Next Web linked to a Python script on Github that may have been used for the hacking. The script utilized a brute-force like method which allowed hackers to keep guessing passwords without being locked out.
Apple acknowledged later in the day that it was investigating the breach, ultimately leading to comments from CEO Tim Cook along with new security implementations. Those implementations included automatic emails when iCloud accounts are accessed via web browsers, automatic two-factor authentication for iCloud.com, and mandatory app-specific passwords for third-party apps accessing iCloud.
[ 245 comments ]
Top Rated Comments
(View all)
62 months ago
I'm waiting or the not Apple's fault crowd.
I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.
Making excuses for mistakes & sloppy work will not help Apple.
I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.
Making excuses for mistakes & sloppy work will not help Apple.
62 months ago
Wow, more good news for apple. They're really hitting their stride with bad press lately.
Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
62 months ago
Not surprising considering Apple fumbles their core tasks such as putting out maintenance release without properly testing them.
62 months ago
LOL, apple realy is on a roll lately. Leaked pics, great keyonte stream, bend gate, ios8 and 8.0.1.
Bravo, well deserver Thanksgiving break ;).
Bravo, well deserver Thanksgiving break ;).
62 months ago
Surely wouldn't trust them with Apple pay now, imagine your credit card information stolen. :rolleyes:
62 months ago
This was a targeted phishing exercise over the course of months if not years.
Email accounts etc from many different services were hit, there was no 'hacking' that occured.
Could Apple have had alerts in place telling people accounts we're being accessed from the start - for sure. But weak passwords and weak answers to security questions when you're in the public eye won't ever stop someone gaining access to your account.
It's a shame that not only have the victims of the leaks been blamed for ever having personal things - irregardless of where they're shared, but that only Apple seems to be singled out as being 'hacked'. The latest leak of Kim Kardashian (Checked, for science) clearly shows her taking photos on a Blackberry - do Blackberries sync to iCloud? And yet blackberry are very well known for their security chops, but I haven't seen a single article talking about Blackberry being 'hacked'... Why? Because no one really cares about Blackberry, it's not good news to create a story about kicking a dead dog.
Email accounts etc from many different services were hit, there was no 'hacking' that occured.
Could Apple have had alerts in place telling people accounts we're being accessed from the start - for sure. But weak passwords and weak answers to security questions when you're in the public eye won't ever stop someone gaining access to your account.
It's a shame that not only have the victims of the leaks been blamed for ever having personal things - irregardless of where they're shared, but that only Apple seems to be singled out as being 'hacked'. The latest leak of Kim Kardashian (Checked, for science) clearly shows her taking photos on a Blackberry - do Blackberries sync to iCloud? And yet blackberry are very well known for their security chops, but I haven't seen a single article talking about Blackberry being 'hacked'... Why? Because no one really cares about Blackberry, it's not good news to create a story about kicking a dead dog.
62 months ago
Now, the iCloud security issues are indeed worrying if Apple knew about them 6 months before. Most people use rather weak passwords such as Password123, but still that's not excuse for ignoring a reported security flaw..
If your password is Password123, any loss of data is really self inflicted and you have nobody to blame.
62 months ago
Bentgate isn't really an issue, I think... I mean, if you apply lots of pressure to an aluminium phone, it will bend. That's not an issue, it's just physics. It's like all the drop tests: if you drop a glass item on the floor several times, the odds are it will break.
I still fail to see why this is an issue, but then again most people nowadays lack common sense.
It depends how easily it bends. Most phones can be bent when there's enough force and that's acceptable. However, if the phone bends in totally normal use conditions, then that's an issue.
[ Read All Comments ]
Apple today seeded the first beta of an upcoming tvOS 13 software update to its public beta testing group, giving non-developers a chance to try out the new software ahead of its fall public release....
Apple today seeded the fifth beta of an upcoming iOS 12.4 update to developers, two weeks after seeding the fourth iOS 12.4 beta, and over a month after releasing iOS 12.3, a major update that...
Apple today seeded the third beta of an upcoming macOS Mojave 10.14.6 update to developers, two weeks after seeding the second macOS Mojave 10.14.6 beta and more than a month after the release of...
Apple today seeded the fourth beta of an upcoming watchOS 5.3 update to developers, two weeks after releasing the third watchOS 5.3 beta and a month after the launch of watchOS 5.2.1, an update that...
B&H Photo is further discounting a set of previous generation iMacs, providing the lowest ever price for the 21.5-inch model with 8GB RAM and a 1TB Fusion Drive. You can get this model for...
Microsoft plans to launch a small foldable Surface tablet in the first half of 2020, according to Jeff Lin, an analyst at research firm IHS Markit.
Microsoft Surface Go
In an email shared...
Augmented reality game Harry Potter: Wizards Unite got a surprise early release last week in the U.S. and the U.K., and Niantic has now rolled the game out to a global audience.
Early Sunday...
For this week's giveaway, we've teamed up with Tap to give MacRumors readers a chance to win one of the company's wearable keyboards, which Tap believes is the keyboard of the future.
...
