"Hey Siri" support and possibly wireless charging case alongside AirPower charging mat.
Apple Reportedly Aware of iCloud Flaw Six Months Before Hacking of Celebrity Accounts
Apple knew about an iCloud security flaw six months before it was utilized to hack celebrity accounts on the service, reports The Daily Dot. The company was notified of the exploit by independent security researcher Ibrahim Balic, who shared emails between himself and members of Apple's product security team.
In an email from March 2014, Balic told Apple that he was able to bypass the security of any iCloud account by using a "brute-force" hacking method that was able to try over 20,000 password combinations. Balic recommended to Apple that it should implement a feature in iCloud that prevents log-ins after a set number of failed attempts, and even reported the exploit through Apple's Bug Reporter. Balic was also the developer said to be behind the extended outage of Apple's Dev Center last year.
In May 2014, Apple emailed Balic and questioned the validity of the exploit, stating that it "would take an extraordinarily long time" to find a valid authentication token to get into an iCloud account using the flaw. Balic states that Apple continued to ask him about the exploit and how it would be utilized.
On September 1, 2014, hackers breached the iCloud accounts of many well-known actresses, downloading and leaking private photos and videos. While it was not initially known what caused the breach, The Next Web linked to a Python script on Github that may have been used for the hacking. The script utilized a brute-force like method which allowed hackers to keep guessing passwords without being locked out.
Apple acknowledged later in the day that it was investigating the breach, ultimately leading to comments from CEO Tim Cook along with new security implementations. Those implementations included automatic emails when iCloud accounts are accessed via web browsers, automatic two-factor authentication for iCloud.com, and mandatory app-specific passwords for third-party apps accessing iCloud.
[ 245 comments ]
Top Rated Comments
(View all)
55 months ago
I'm waiting or the not Apple's fault crowd.
I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.
Making excuses for mistakes & sloppy work will not help Apple.
I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.
Making excuses for mistakes & sloppy work will not help Apple.
55 months ago
Wow, more good news for apple. They're really hitting their stride with bad press lately.
Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
55 months ago
Not surprising considering Apple fumbles their core tasks such as putting out maintenance release without properly testing them.
55 months ago
LOL, apple realy is on a roll lately. Leaked pics, great keyonte stream, bend gate, ios8 and 8.0.1.
Bravo, well deserver Thanksgiving break ;).
Bravo, well deserver Thanksgiving break ;).
55 months ago
Surely wouldn't trust them with Apple pay now, imagine your credit card information stolen. :rolleyes:
55 months ago
This was a targeted phishing exercise over the course of months if not years.
Email accounts etc from many different services were hit, there was no 'hacking' that occured.
Could Apple have had alerts in place telling people accounts we're being accessed from the start - for sure. But weak passwords and weak answers to security questions when you're in the public eye won't ever stop someone gaining access to your account.
It's a shame that not only have the victims of the leaks been blamed for ever having personal things - irregardless of where they're shared, but that only Apple seems to be singled out as being 'hacked'. The latest leak of Kim Kardashian (Checked, for science) clearly shows her taking photos on a Blackberry - do Blackberries sync to iCloud? And yet blackberry are very well known for their security chops, but I haven't seen a single article talking about Blackberry being 'hacked'... Why? Because no one really cares about Blackberry, it's not good news to create a story about kicking a dead dog.
Email accounts etc from many different services were hit, there was no 'hacking' that occured.
Could Apple have had alerts in place telling people accounts we're being accessed from the start - for sure. But weak passwords and weak answers to security questions when you're in the public eye won't ever stop someone gaining access to your account.
It's a shame that not only have the victims of the leaks been blamed for ever having personal things - irregardless of where they're shared, but that only Apple seems to be singled out as being 'hacked'. The latest leak of Kim Kardashian (Checked, for science) clearly shows her taking photos on a Blackberry - do Blackberries sync to iCloud? And yet blackberry are very well known for their security chops, but I haven't seen a single article talking about Blackberry being 'hacked'... Why? Because no one really cares about Blackberry, it's not good news to create a story about kicking a dead dog.
55 months ago
Now, the iCloud security issues are indeed worrying if Apple knew about them 6 months before. Most people use rather weak passwords such as Password123, but still that's not excuse for ignoring a reported security flaw..
If your password is Password123, any loss of data is really self inflicted and you have nobody to blame.
55 months ago
Bentgate isn't really an issue, I think... I mean, if you apply lots of pressure to an aluminium phone, it will bend. That's not an issue, it's just physics. It's like all the drop tests: if you drop a glass item on the floor several times, the odds are it will break.
I still fail to see why this is an issue, but then again most people nowadays lack common sense.
It depends how easily it bends. Most phones can be bent when there's enough force and that's acceptable. However, if the phone bends in totally normal use conditions, then that's an issue.
[ Read All Comments ]
The Catalyst Waterproof AirPods Case, designed to protect your AirPods case from liquids, is now available from the Apple online store and Apple retail locations.
Priced at $29.95, the...
Following the release of iOS 12.1.1 on December 5 and iOS 12.1.2 on December 17, Apple has stopped signing iOS 12.1, the previous version of iOS that was available to consumers.
iPhone, iPad,...
Christmas is now one week away, and shipping estimates will only become more of an issue for shoppers the closer the holiday gets. That's when e-mail delivery App Store and iTunes Gift Cards come...
Launch Center Pro, an app that offers quick access shortcuts for everyday tasks, today released a major update that adds quite a bit of new functionality.
Version 3.0 of the app introduces NFC...
As of today, Twitter is introducing a new option that will allow iOS users to easily view their tweets in a chronological order, a feature Twitter users have wanted for quite some time.
The...
Satechi today announced a new stand for the iMac, called the Type-C Aluminum Monitor Stand Hub. The accessory features seven built-in ports and an ergonomic design that the company says is aimed at...
Popular iPhone photo editing app Darkroom is today expanding to the iPad, marking the app's biggest update since its 2015 launch.
Darkroom has been rebuilt from the ground up to add support...
With the latest Apple Pay promotion you can save $20 on a future purchase from Nike, if you spend $100 or more in the Nike iOS app and pay for your order using Apple Pay.
The offer...
