from the hunter2 dept.
Hacker sentenced to prison for role in Jennifer Lawrence nude photo theft
A hacker was sentenced to eight months in prison on Wednesday for a scheme that exposed intimate photos of the actor Jennifer Lawrence and other celebrities.
George Garofano, 26, was accused of illegally hacking the private Apple iCloud accounts of 240 people, including Hollywood stars as well as average internet users, allowing their nude photos and private information to be spread around the internet.
He was one of four people charged in the 2014 hacking scandal, in which private photos of Lawrence, Kate Upton, Kirsten Dunst and others were published online. Lawrence said at the time the invasion was equivalent to a sex crime, and called for tougher laws.
A federal judge at a US district court in Bridgeport, Connecticut, ordered Garofano to serve the prison term followed by three years of supervised release.
iCloud leaks of celebrity photos, aka "The Fappening".
Previously: Celebrity Nude Photographs - and Possibly The Flaw that Allowed Them to be Accessed
4chan Introduces DMCA Policy
Reddit Bans Page Where Celebrity Nude Photos were Shared
Related Stories
PapayaSF and AnonTechie write in with 2 stories which seem to be linked. The first is the leak of nude and personal photographs of celebrities, and the second is perhaps the flaw that allowed someone to access the photographs.
Stars Exposed in Massive Nude Photo Leak
Nude celebrities, bitcoins, and Apple: it's a story seemingly designed to stir up the entire internet. Scores of private photos of celebrities such as Jennifer Lawrence, Kate Upton, Selena Gomez, Ariana Grande, Kirsten Dunst, and Mary Elizabeth Winstead have been leaked (allegedly from Apple's iCloud), and posted on 4chan in exchange for bitcoins. A list of 100+ names has appeared, but pictures have not yet appeared for many names on the list (including Kate Bosworth, Kim Kardashian, Rihanna, and Kaley Cuoco). Victoria Justice claims the photos of her are fake. Twitter accounts are being shut down. The story is still developing, so grab your popcorn.
This could be the Apple iCloud flaw that led to celebrity photos being leaked.
An alleged breach in Apple’s iCloud service may be to blame for countless leaks of private celebrity photos this week.
On Monday, a Python script emerged on Github (which we’re not linking to as there is evidence a fix by Apple is not fully rolled out) that appears to have allowed malicious users to ‘brute force’ a target account’s password on Apple’s iCloud, thanks to a vulnerability in the Find my iPhone service. Brute force attacks are where a malicious user uses a script to repeatedly guess passwords to attempt to discover the correct one.
The vulnerability allegedly discovered in the Find my iPhone service appears to have allowed attackers to use this method to guess passwords repeatedly without any sort of lockout or alert to the target. Once the password has been eventually matched, the attacker can then use it to access other iCloud functions freely.
http://thenextweb.com/apple/2014/09/01/this-could-be-the-apple-icloud-flaw-that-led-to-celebrity-photos-being-leaked/
http://www.independent.co.uk/life-style/gadgets-and-tech/is-apples-icloud-safe-after-leak-of-jennifer-lawrence-and-other-celebrities-nude-photos-9703142.html
TorrentFreak reports:
After doing without an element needed for safe harbor protection, 4chan has just introduced an official DMCA policy. The decision comes in the wake of the celebrity photo leak known as The Fappening and 4chan users' connections to it. In the meantime, the leaked image library has clocked a million torrent downloads.
While most US-based user-generated content websites should not entertain operating without safe harbor, the way 4chan is set up provides a unique scenario in respect of infringing content being posted by its users.
“Threads expire and are pruned by 4chan’s software at a relatively high rate. Since most boards are limited to eleven or sixteen pages, content is usually available for only a few hours or days before it is removed,” the site’s FAQ explains.
Reddit has closed the board that became a hub for the leaked nude photos of Jennifer Lawrence, Kate Upton and other celebrities.
The massive celebrity photo leak originated on image-sharing site 4chan, but a Reddit page called “r/thefappening” quickly became a heavily trafficked page where users were sharing links to the stolen pictures.
Reddit CEO Yishan Wong, in a post entitled “Every Man is Responsible for His Own Soul” on the Reddit blog, explained the site’s reasoning.
[…]
Reddit systems administrator Jason Harvey, also known by his Reddit username alienth, gave further explanation of the decision, along with providing a rundown of what happened after the massive leak. “The situation we had in our hands was the following: These subreddits were of course the focal point for the sharing of these stolen photos,” Harvey wrote. “The images which were DMCAd were continually being reposted constantly on the subreddit. We would takedown images (thumbnails) in response to those DMCAs, but it quickly devolved into a game of whack-a-mole. We’d execute a takedown, someone would adjust, reupload, and then repeat. This same practice was occurring with the underage photos, requiring our constant intervention.” “It became obvious that we were either going to have to watch these subreddits constantly, or shut them down. We chose the latter. It’s obviously not going to solve the problem entirely, but it will at least mitigate the constant issues we were facing. This was an extreme circumstance, and we used the best judgement we could in response.”
What do SN denizens make of all this?
(Score: 0) by Anonymous Coward on Sunday September 02, @12:46PM (1 child)
Don't upload nude photos of yourself the internet, and nude photos of yourself won't be shared with the internet.
OTOH hackers can really suck.
(Score: 2) by takyon on Sunday September 02, @01:01PM
You had it right in the first line. There's several billion people on the planet, and a lot of bots. Valuable insecure systems will be hacked eventually, especially if social engineering is all it takes. Do these four "hackers" suck, or are they just inevitable?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]