The leaked personal images of more than 100 female celebrities, both nude and not, have IT experts investigating and debating potential iCloud security flaws. However, for those of us who don’t grasp technology intuitively, the questions remain: how could this happen, and might it happen to me? Here are a few responses:
Who Was Affected?
On the website 4Chan, an unidentified user shared photographs of celebrities including Jennifer Lawrence from The Hunger Games and model Kate Upton. According to the hacker, there could be more than 100 celebrity posts in total. Lawrence and Upton were among the celebs who confirmed the photos’ legitimacy. Others, such as Nickelodeon’s Victoria Justice, believed the images were fakes.
How Did The Hackers Do It?
According to one idea, hackers exploited a flaw in Apple’s iCloud “Find My iPhone” service, which allows customers to track down lost or stolen phones via the cloud. Apple’s devices are usually protected from so-called “brute force” algorithms, which guess various passwords for a given username until it finds one that matches.
However, according to different tech websites, Apple’s Find My iPhone service failed to do so for whatever reason. According to TheNextWeb, hackers discovered the flaw and utilized a brute force tool called “brute” to acquire access to celebrities’ passwords and, as a result, the images saved in their iCloud accounts.
However, several technologists are doubtful of this theory. The majority of hacks are carried out using more easy techniques to gather a user’s personal data, such as a misplaced cell phone belonging to one of the celebrities. There’s also evidence that some of the images were taken on devices that didn’t backup to iCloud, such as Android phones.
So, What Does Apple Have To Say About It All?
Re/code was told by an Apple official that the company is “currently researching” the problem, but given few further specifics. Just hours after the first hack, the company apparently released a security update to eliminate the chance of a brute force service having access to passwords via Find My iPhone.
Could This Happen To Me?
If the hackers used a brute force method on the iCloud and Apple has yet to address the issue, then sure, it might happen to you. So long as the hacker has your username, brute force methods can be used. This strategy, however, does not collect large volumes of data for a large number of people. Hackers would need a specific motive to target you.
Staying off the internet is the only way to properly safeguard oneself. However, if you want to stay in the twenty-first century, use two-step verification. Apple’s iCloud is only one of several services where you may configure your account to prompt you with two tailored questions before granting access. This makes it far more difficult for hackers to gain access to areas where you don’t want them. Also, perhaps think twice about posting those naked photos?
The suspected role of code-hosting service GitHub in data theft was misidentified in the original version of this story. Hackers are said to have exploited a code that was posted on the site.