Michal Ždanský After several days of Apple's internal investigation, the company issued a statement regarding hacking iCloud accounts of some celebrities, whose delicate photos leaked to the public. According to Apple, the photos were not leaked by hacking iCloud and Find My iPhone services, as the way the hackers obtained the photos, the California company's engineers determined a targeted attack on usernames, passwords and security questions. However, they did not comment on how the iCloud photos were obtained.
According to Wired, the passwords were cracked using forensic software used by government agencies. On the Bulletin Board Anon-IB, where several celebrity photos appeared, some members openly discussed using the software on behalf of ElcomSoft Phone Password Breaker. This allows you to enter the obtained usernames and passwords to retrieve the entire backup files from the iPhone and iPad. According to a security expert interviewed by Wired, the metadata from the photos matches the use of the said software.
The hackers only had to obtain usernames (Apple ID) and passwords, which they achieved probably thanks to the previously mentioned method using the program iBrute along with the Find My iPhone vulnerability, which allowed attackers to guess the password without a limit on the number of attempts. Apple patched the vulnerability soon after it was discovered. The fact that the victims of the hacker attack did not use two-step verification, which requires entering a code sent to the phone, also played a big role. It should be noted that two-step verification does not apply to iCloud backup and Photo Stream services, however, they would make it much more difficult to obtain username passwords in the first place.
However, even with two-step verification, iCloud is not ideally protected. As discovered by Michael Rose of the server TUAW, when synchronizing Photo Stream, Safari backup, and email messages to a new Apple computer, there is no warning to the user that data has been accessed from the new computer. Only with the knowledge of the Apple ID and password was it possible to download the mentioned content without the user's knowledge. As you can see, Apple's cloud services still have some cracks, even if the user is protected by two-step verification, which, by the way, is still not available in, for example, the Czech Republic or Slovakia. After all, after this affair, Apple's shares fell by four percent.
You wouldn't believe how a couple of celebrities with a dementedly simple password and porn photos on their phone can move the shares of such a large company :)
They have an integral part in the fact that the users lost their data and quite a bit of privacy, so in this case it is perfectly normal for the shares to fall. At least it's learning to pay attention to security and we users will at least seem to be fine ;-).
So, passwords were cracked using the iBrute program, which uses a trial/error method to try all frequently used passwords according to some dictionary. The weakness was that the victims had a dictionary or weak password and Apple did not block this method (eg by limiting the number of failed attempts per minute) in Find My Phone (now fixed). Once they had the passwords, they could do whatever they wanted. But in order not to disclose information about the registration of another device with the same Apple ID, they downloaded a complete backup of the iPhone from iCloud using the EPPB program and extracted photos from the backup using that program. Conclusion - a good password is simply a must.
I wouldn't be surprised if it was also a paid move. throwing as much dirt as possible on the Apple giant a few days before the introduction of super new things. It is also one of the possible scenarios of how it could have been. In order for a person to get excited about stocks today, all you have to do is realize how sensitive it is. But the one who is the best will always be thrown a spin, it won't change.
They have an integral part in the fact that the users lost their data and quite a bit of privacy, so in this case it is perfectly normal for the shares to fall. At least it's learning to pay attention to security and we users will at least seem to be fine ;-).
Sure, Apple never pays for anything. Stop defending the council at all costs. It's already embarrassing. They just shared it
Just today I received an email from "checkauth@apple.com". It looks exactly like Apple, and it says that an application that I don't even use has been downloaded from my account. When I went to change my password, it redirected me to a page that just looks like Apple.com, but the URL address is clearly different.