Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
posted by janrinok on Monday September 01 2014, @06:56PM   Printer-friendly
from the don't-store-personal-photographs-on-an-internet-connected-device dept.

PapayaSF and AnonTechie write in with 2 stories which seem to be linked. The first is the leak of nude and personal photographs of celebrities, and the second is perhaps the flaw that allowed someone to access the photographs.

Stars Exposed in Massive Nude Photo Leak

Nude celebrities, bitcoins, and Apple: it's a story seemingly designed to stir up the entire internet. Scores of private photos of celebrities such as Jennifer Lawrence, Kate Upton, Selena Gomez, Ariana Grande, Kirsten Dunst, and Mary Elizabeth Winstead have been leaked (allegedly from Apple's iCloud), and posted on 4chan in exchange for bitcoins. A list of 100+ names has appeared, but pictures have not yet appeared for many names on the list (including Kate Bosworth, Kim Kardashian, Rihanna, and Kaley Cuoco). Victoria Justice claims the photos of her are fake. Twitter accounts are being shut down. The story is still developing, so grab your popcorn.

This could be the Apple iCloud flaw that led to celebrity photos being leaked.

An alleged breach in Apple’s iCloud service may be to blame for countless leaks of private celebrity photos this week.

On Monday, a Python script emerged on Github (which we’re not linking to as there is evidence a fix by Apple is not fully rolled out) that appears to have allowed malicious users to ‘brute force’ a target account’s password on Apple’s iCloud, thanks to a vulnerability in the Find my iPhone service. Brute force attacks are where a malicious user uses a script to repeatedly guess passwords to attempt to discover the correct one.

The vulnerability allegedly discovered in the Find my iPhone service appears to have allowed attackers to use this method to guess passwords repeatedly without any sort of lockout or alert to the target. Once the password has been eventually matched, the attacker can then use it to access other iCloud functions freely.

http://thenextweb.com/apple/2014/09/01/this-could-be-the-apple-icloud-flaw-that-led-to-celebrity-photos-being-leaked/

http://www.independent.co.uk/life-style/gadgets-and-tech/is-apples-icloud-safe-after-leak-of-jennifer-lawrence-and-other-celebrities-nude-photos-9703142.html

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday September 01 2014, @11:34PM

    by Anonymous Coward on Monday September 01 2014, @11:34PM (#88254)
    i looked. said "meh, average tittys".
    and moved on.

    but most of the internet spent the entire day obsessed with it. will likely go on all week.
  • (Score: 2) by Popeidol on Tuesday September 02 2014, @03:45AM

    by Popeidol (35) on Tuesday September 02 2014, @03:45AM (#88351) Journal

    It'll go on all week because somebody seems to be dripfeeding content, with promises of more in the future.

    Usually that means they're trying to maximise publicity or income. No group has owned up to it yet and there's been no publicised way to get in contact with the owners to offer them money, so we have yet to see whether there's any underlying plan here. I'm interested to see whether they're going to try to sell exclusives to "news" companies, or set up a kickstarter-style effort (every x bitcoin that arrives in this wallet means a new pic!) or whether it's truly just for the lulz.

    How this plays out will probably be a lot more interesting than the pictures themselves.