This weekend, and specifically today, the network was abuzz with the affair of stolen images of celebrities that appeared in erotic poses or with partial or full nudity. The truth is that the hacker who took them seemed to have sneaked into the accounts of these users through iCloud, who were generally well-known celebrities, and put a price on these images through various web pages. Then Twitter took action blocking the accounts that were re-publishing them to stop the virus. Apple for the moment still does not comment on the matter.
However, theories of how the error occurred continue to form on the internet. In this case, there are those who think that everything could be a failure in Find My Phone. Precisely the utility that allows us to track a lost or stolen terminal could contain an error in which brute force access is allowed to test different passwords until the correct one is found without the user being notified or the system applying any type of lock. And this could be the route used by this developer who claims to have images of up to 60 celebrities in his possession.
However, said access to Find my iPhone It would only be the means to gain access to iCloud, from where you could download these images that as we have seen on the network may be years old, but whose owners at some point went up to the cloud. Apple neither denies nor confirms this information, but a patch has been produced in the iCloud service today, which could confirm what this developer says in his theory.
Whether or not it was a failure in Find my iPhone which coincided with a problem in iCloud, Apple should consider that this type of thing cannot happen, since in addition to exposing the privacy of those affected, the brand itself is exposed to not being trusted.
Apple is not going to pronounce itself a week after presenting a new product. Accepting that mistake just before releasing your flagship product would be committing suicide.
And my opinion is that this, if true, is a bungling of the good. A lifetime is set between erroneous passwords, in the style of 10 seconds every 3 failures, to avoid brute force attacks. A modern computer is capable of testing a huge number of attempts per second, but if you do not set any lock with a time factor, the key will be decrypted in a matter of, worth the redundancy, time.
"A modern computer is capable of testing a huge number of attempts per second"
The time it takes has nothing to do with having a powerful pc, the server has to receive the possible password, process it, and send you the wrong pass.
To which those of Apple are not going to respond, they have already done so
http://www.macrumors.com/2014/09/01/apple-investigating-celebrity-hacking/
If for you to say: we are investigating, is to pronounce ...
What they have to do is accept the error and fix it, which is not a perfect system at all, you just have to see that in each version security flaws are exploited to jailbreak.
You need a powerful pc equal to brute force attacks. Even if you have to validate the server. If you access through the console, it is quite speedy, unlike from the browser.
Well despite everything, the photos are very good hahaha. But too bad for the people affected.
"This weekend and specifically today." Today is the first of September and it is not a weekend.