Support NeoGAF

[BeforeU]

It's a weakness in the "Find my iPhone" API which does not have protection against brute force:

http://thenextweb.com/apple/2014/09...aw-that-led-to-celebrity-photos-being-leaked/

hollyshit, is this gonna be a big thing this week?

 

[D4Danger]

holy shit, Apple, what are you doing? their security is a joke.

 

[Jedeye Sniv]

Who the fuck would record something like that lol fortunately I haven't seen it.

Yet

 

[Gordon Shumway]

Who the fuck would record something like that lol fortunately I haven't seen it.

Yet

LOL

 

[Napoleonthechimp]

Why's that? Some of her model pics were already showing a bit more than is usual. Are the pictures that bad?

If they were slightly worse then I'd be able to see directly into her internal organs.

 

[Black Stabbath]

Apple could go bankrupt from all the incoming lawsuits

 

[JohnDoe]

It's a weakness in the "Find my iPhone" API which does not have protection against brute force:

http://thenextweb.com/apple/2014/09...aw-that-led-to-celebrity-photos-being-leaked/

wtf are you doing Apple....

 

[Bomber Bob]

lol apple, what a joke

 

[Enco]

hollyshit, is this gonna be a big thing this week?

Says it has been patched.

 

[mltplkxr]

People need to be made aware of the risks of putting private pictures online, like we are made aware of the necessity to wear sunscreen, to brush our teeth, to eat well, etc. Nothing will change until pics of politicians are leaked.

Also, I'm getting old because I'm more interested in the leaks to see the houses rather than the Ts & As. Architecture porn is where I'm at.

 

[samus i am]

This would have never happened to Blackberry

 

[Spiderjericho]

This would have never happened to Blackberry

Lol.

 

[MoodyFog]

No celebrity uses BlackBerry so I guess we'll never know

 

[dbztrk]

I'm upset that we never get any male celebrity nude leaks. I would love to see Sebastian Stan nudes.

 

[Brianimaniac]

This would have never happened to Blackberry

Because it's crusty old dudes using those and no one wants to see those leaks.

 

[BeforeU]

Says it has been patched.

lol but what about the damage that has already been done because of that? It has been patched NOW. So I think this is still gonna get more traction this week.

 

[akira28]

might be a good time to get into the infosec business.

vv: stop dehumanizing him

 

[Kinyou]

If they were slightly worse then I'd be able to see directly into her internal organs.

 

[pestul]

This makes me think I should probably stop uploading my security camera feeds to OneDrive.. I'm definitely nude on several of the late evening ones.

 

[Higgins113]

This is why you shouldn't click on the naked photos of Jennifer Lawrence



Great article, brings up 3 points that I feel definitely needs to be addressed in lieu of some of the responses and reactions I'm seeing.

"an egregious act of psychic violence which constitutes a form of assault."

What the hell is psychic violence?

 

[Jedeye Sniv]

This makes me think I should probably stop uploading my security camera feeds to OneDrive.. I'm definitely nude on several of the late evening ones.

Yeah but no-one gives two fucks about your spotty ass

 

[Opus Angelorum]

Yeah but no-one gives two fucks about your spotty ass.

Damn.

 

[twinturbo2]

no one cares about your naked photos bro.

if my phone ever gets hacked, oh well. enjoy the show

I have dog photos. I'm good.

 

[akira28]

Damn.

Tru dough

 

[BeforeU]

This makes me think I should probably stop uploading my security camera feeds to OneDrive.. I'm definitely nude on several of the late evening ones.

Microsoft has been great with their security stuff. I have seen this shit happen with iCloud and DropBox and not once with OneDrive.

 

[Bomber Bob]

This would have never happened to Blackberry

That's because nobody uses BB anymore

 

[Opus Angelorum]

That's because nobody uses BB anymore

Security through obscurity.

 

[BeforeU]

That's because nobody uses BB anymore

Now you can make that argument, but what about pre-iPhone age? BB is what most people used. And we never saw shit like this happen back then.

 

[jts]

Now you can make that argument, but what about pre-iPhone age? BB is what most people used. And we never saw shit like this happen back then.

There was not much of a cloud before 2007, innit.

 

[Coolwhip]

Knowing thousands of gross nerds are fapping to your nude pics must suck.

 

[Mindwipe]

might be a good time to get into the infosec business.

vv: stop dehumanizing him

If you're a Holywood agent it would be a very good week to get some infosec knowledge in house and advertise that as part of your services.

 

[helloresolven]

Feel bad for the Apple engineers / managers who implemented that Find My iPhone... today must suck for them.

 

[Tobor]

Now you can make that argument, but what about pre-iPhone age? BB is what most people used. And we never saw shit like this happen back then.

Blackberry didn't store photos in the cloud. You know who did? Sidekick, and that shit leaked. There were absolutely nude leaks from celebs with bad passwords back then.

 

[Mindwipe]

It's a weakness in the "Find my iPhone" API which does not have protection against brute force:

http://thenextweb.com/apple/2014/09...aw-that-led-to-celebrity-photos-being-leaked/

Holy shit if it's that. That's literally a doomsday scenario for Apple.

 

[Frustrated_me]

So Apple didn't implement brute force protection on find my iPhone feature? Holy shit.

This is a multi billion dollar corporation and it didn't find the resources to implement this security feature? Jesus.

 

[jts]

Knowing thousands of gross nerds are fapping to your nude pics must suck.

I hope the find some small consolation in sharing their misery among other celebs, and not having the spotlight pointed solely at any of them.

 

[kingslunk]

Knowing thousands of gross nerds are fapping to your nude pics must suck.

So everyone who faps to those pictures are gross nerds? What?

 

[Bomber Bob]

And we never saw shit like this happen back then.

BB didn't stored your pics online.

 

[Coolwhip]

So everyone who faps to those pictures are gross nerds? What?

I didn't say that.

 

[Tobor]

Holy shit if it's that. That's literally a doomsday scenario for Apple.

Lol. They'll take a PR hit, but come on. You guys are so overdramatic.

 

[Kinyou]

I hope the find some small consolation in sharing their misery among other celebs, and not having the spotlight pointed solely at any of them.

Or that people were fapping to their normal pictures already

 

[akira28]

Knowing thousands of gross nerds are fapping to your nude pics must suck.

I'd probably find some way to use that to boost my ego. Somehow.

 

[Keri]

So everyone who faps to those pictures are gross nerds? What?

At the very least, they're gross.

 

[jts]

So Apple didn't implement brute force protection on find my iPhone feature? Holy shit.

This is a multi billion dollar corporation and it didn't find the resources to implement this security feature? Jesus.

It's not a matter of resources but rather a disgraceful oversight, not uncommon when you manage tens of interfaces for a single login.

 

[Oersted]

So Apple didn't implement brute force protection on find my iPhone feature? Holy shit.

This is a multi billion dollar corporation and it didn't find the resources to implement this security feature? Jesus.

You mostly become a multi billion dollar company trough saving costs on the back of customers/employees/environment. Point in case, Apple.

 

[ersocaster]

It's a weakness in the "Find my iPhone" API which does not have protection against brute force:

http://thenextweb.com/apple/2014/09...aw-that-led-to-celebrity-photos-being-leaked/

This shouldn't be possible. Doesn't Apple use OAuth? In OAuth you never send the password directly.

 

[rezuth]

It's a weakness in the "Find my iPhone" API which does not have protection against brute force:

http://thenextweb.com/apple/2014/09...aw-that-led-to-celebrity-photos-being-leaked/

I think most security people has ruled it as very unlikely due to the short time it was online and the sheer amount of work that had to be done. The fact is given the network delay they simply shouldn't have enough time to guess the passwords.

 

[numble]

You mostly become a multi billion dollar company trough saving costs on the back of customers/employees/environment. Point in case, Apple.

This is not really a cost. This is like the heartbleed bug.

 

[jts]

You mostly become a multi billion dollar company trough saving costs on the back of customers/employees/environment. Point in case, Apple.

Or... you become a multi billion dollar by selling record breaking numbers of high ASP devices year in year out, on the back of impeccable brand image. Apple won't cheap out on something that can bite back as harsh as this does.

 

[Mindwipe]

Lol. They'll take a PR hit, but come on. You guys are so overdramatic.

I don't mean "Apple will go bankrupt", but Apple will have a threat register somewhere, and "significant iCloud data leak affecting high profile individuals attracting widespread mainstream press coverage that is due to Apple negligence" will be near the top of that list, and therefore would be one of their "doomsday scenarios" because it is one of the worst things that could plausibly happen to them.