All The Different Ways That 'iCloud' Naked Celebrity Photo Leak Might Have Happened
This is how the hack might have gone down.
All The Different Ways That 'iCloud' Naked Celebrity Photo Leak Might Have Happened
By James Cook – 10 hours ago
Samir Hussein/Getty
After naked photos of around 20 celebrities leaked online last night,
the internet scrambled to try and figure out exactly how the images
became public. In the original 4chan thread where the hacker first
posted the images, the consensus was that Apple's iCloud service was to
blame. But how likely is it that Apple's encrypted cloud service led to
the mass hack, and what are the other ways that the nude photos could
have emerged?
iCloud
The original leaker behind the celebrity photos claimed that they
accessed the images using the iCloud accounts of various celebrities.
It's unlikely that someone has broken into Apple's iCloud service.
Instead the photos most likely emerged due to a type of hacking known as
"social engineering." This exploit works by learning which online
services your target uses, and then compiling as much data on them as
possible before using that data to either spoof access, or to simply use
their email address and a guessed password to log in to their account.- UPDATE: Apple has patched a security flaw in iCloud that could have been used to hack celebrity accounts.
After discovering the iCloud account of a celebrity, it's trivially easy to access their online photo backup through Apple's Photo Stream utility and iCloud photo backups. Analysis of the embedded EXIF data (information about where and how the picture was taken that is frequently appended to digital photo images) included in one of the leaked images shows it was taken a few weeks ago, well within Photo Stream's limit of 30 days before images are deleted. However, actress Mary Elizabeth Winstead claimed on Twitter that the leaked photos of her included in the hack were taken "years ago."
Dropbox or Google Drive Despite the original leaker claiming to have accessed the trove of photos thanks to an iCloud exploit, the range of devices showcased suggests that another service may have been to blame. Various naked celebrities are photographed taking selfies with Android devices and webcams. Leaked videos could not have originated from the iCloud photo backup service. The range of devices and media may mean that another backup service like Dropbox or Google Drive could be the originator of the leaked photos, with both services offering automatic backup tools for photos and videos imported from cellphones.
Snapchat Several of the leaked celebrity photos had text overlaid, which indicates that at least some of the photographs were first sent through Snapchat. While Snapchat has struggled with security issues in the past, it's unlikely that the app was the source of all the nude photos. Rather, it may be that it was either accessed as part of a larger hack, or screenshots of images received through the app were discovered after hacking into a backup service.
A hacked insider Many celebrities don't manage their devices themselves, instead they hand them over to an assistant to do all the boring things like backing up photos or managing iCloud accounts. The sheer number of photos involved in this hack suggests that someone has been saving up naked photos for a while. Other than the celebrities themselves, the only other people with access to these photos would be the "insiders" who help celebrities get around from day to day, such as personal assistants and bodyguards. If a well-connected and scheming personal assistant had their personal backup account hacked, it could result in a trove of photos similar to what we've seen posted online.
A stolen laptop or phone The leaked photos seemingly originate from a variety of different devices, and two of the videos of British actress Jessica Brown Findlay were made to send to a friend. Could the leaked photos come not from an online hack, but from the physical theft of a phone or laptop belonging to a well-connected celebrity who had been hording naked photos of their friends? While it may seem unlikely, there's actually precedent for unfortunate celebrities losing their devices.
In early 2014 it was reported that Lindsay Lohan and her management were doing "whatever it takes" to try and retrieve a stolen laptop that had gone missing during a trip to China. The laptop's hard drive was reported to contain naked photos of the star, as well as private correspondence with other celebrities such as Lady Gaga and Woody Allen. It's unclear whether Lohan's team were successful in reclaiming the laptop, but no leaked photos of the actress have emerged this year.
A hacker collective The original 4chan thread where the leaked photos surfaced included two different users posting new leaks. It's possible, then, that the trove of leaked celebrity photos came from not a single hack, but a group of enterprising hackers pooling their resources to try and earn the biggest reward.
The 4chan user who posted the majority of the photos was soliciting for Bitcoin donations in order to publish more leaked snaps. While one figure of $40,000 was claimed as the total value of donations, Bitcoin transaction records show that he received only 0.25 bitcoin (around $120).
Could the leaked photos result from a collective gang of hackers sharing their photos in one giant leak in order to maximize the amount of money gained? It's certainly possible, many of the photos in the batch were proven as fake, meaning that they likely came from a variety of sources with varying levels of access and credibility.
The Emmy Awards One of the strangest theories surrounding the hack is that a group of celebrities who attended the recent Emmy Awards were somehow hacked using the venue's Wi-Fi connection. The Def Con conference is often touted as an example of the dangers of using venue Wi-Fi for awards or conferences, with the conference operating a "Wall of Sheep" to showcase the various attendees who have been hacked.
More From Business Insider
- Dropbox Challenges Google And Amazon In The Cloud By Slashing Its Prices
- REPORT: The FBI Is Probing Whether Russia Hacked US Banks In Retaliation For Sanctions
- JPMorgan Confirms It's Looking Into Possible Hack
end quote from:
All The Different Ways That 'iCloud' Naked Celebrity Photo Leak Might Have Happened
Here's the problem in ANYTHING in "Icloud". If you actually understood where the ICLOUD is you wouldn't put anything you care about in "Icloud". The reason for this is simple.
ICLOUD if you imagine as a non-programmer is literally like a cloud of information spanning the globe.
Imagine servers all over the world carrying bits and pieces of whatever you put out into the "Cloud". Now, anyone who knows the "Number" of your computer can trace anything that comes from your computer or'Iphone', Ipad, Android anywhere on earth. You only need one person that wants to compile one thing or everyone about you and they, (if they are good with technology) can do this because most information in the Cloud are vulnerable.
So, people selling the icloud are trying to downplay just how "Vulnerable" everything is in the Icloud world wide.
Everything just stored on your hard drive or a removable hard drive for back up instead of in the cloud is only vulnerable if you leave your computer in your browser mode like Windows Explorer or Firefox (I prefer Firefox because of better security). So, the only time I leave one of my computers with Safari or Firefox on is when I'm using them.
My Iphone is supposed to be backed up by Icloud but I don't really like that either. However, it is good to know the most vulnerable piece of equipment online that you will ever own (as of now) is your Iphone or android smartphone. Almost anyone good at technology can literally strip off everything off your Iphone or Android any time they want to. So, putting private things on an Iphone is stupid because it is the most public device (worldwide) that you can presently own.
However, I recently bought an Iphone 5s (why?) because it is the easiest most intuitive device to learn to use effectively.
However, I know it is the most vulnerable device known to man as far as hacking goes, so anything I put there through texts or conversation or anything else I imagine I'm saying in a crowded place like a Restaurant or other public place where people might be listening. Whatever you do with your Iphone or Android you really shouldn't do unless you would do it in a public place and show whatever you are doing to everyone there like in a restaurant or theater or shop or store. If you can't imagine doing this then whatever it is you shouldn't be doing it on your smart phone.
This is what I believe. So, why would I own an Iphone5S? Because it is convenient and because I know what it actually is. It is a public information system in which literally anything I put there or do or say or text there could be compromised worldwide at any given moment or moments.
Later: People talk about how ICloud has an encryption algorithm but when you have thousands to millions of "safe crackers" Internet style spending every minute of the day cracking codes for a living, this is going to be cracked. Any code that can be written can be "hacked" sooner or later either directly or through some kind of "Back Door" that programmers put in for debugging software for easier access.
So, one of the ways people hack is to "pay-off" the programmers for thousands to millions of dollars. And if this happened who would know?
The problem with everything "secret" on the Internet is: "Where there's a will there's a way" eventually.
I would actually worry about Countries who have millions or billions of dollars to "pay-off" programmers or someone like ISIS that might have somewhere between 500 million up to 1 billion dollars for these kinds of purposes. Remember ISIS makes between 3 million to 6 million dollars a day just through extortion and kidnapping westerners and rich middle eastern people.
No comments:
Post a Comment