Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reported iCloud Hack Leaks Hundreds of Private Celebrity Photos

Posted by samzenpus on from the gates-are-open dept.

swinferno writes with news about the leak of hundreds of private celebrity photos over the weekend. Hundreds of revealing pictures of female celebrities were leaked overnight after being stolen from their private collections. Hunger Games actress Jennifer Lawrence, Kirsten Dunst, and pop star Ariana Grande were among the celebrities apparently shown in the pictures, which were posted on infamous web forum 4chan. It's unclear how the images were obtained, but anonymous 4chan users said that they were taken from celebrities' iCloud accounts. The accounts are designed to allow iPhone, iPad, and Mac users to synchronize images, settings, calendar information, and other data between devices, but the service has been criticized for being unreliable and confusing. Earlier this year, Jennifer Lawrence herself complained about the service in an interview with MTV.

15 of 336 comments (clear)

  1. Where are these photos? by Anonymous Coward · · Score: 5, Insightful

    Where are these photos you speak of?

    I guess the internets are dead.

    1. Re:Where are these photos? by WhoBeDaPlaya · · Score: 5, Informative

      Reddit : /r/TheFappening http://www.reddit.com/r/TheFap...

    2. Re:Where are these photos? by bluec · · Score: 5, Informative

      Not strictly true, this only happens if a) you sign in to icloud through system preferences or during the mac setup assistant and b) use iPhoto (and possibly iTunes) for your photo management. Apple haven't quite, yet, made it compulsory to use all their crapware if you want to use a mac.

    3. Re:Where are these photos? by SternisheFan · · Score: 5, Informative
      A brute-force program to hack AppleID passwords was recently uploaded to the software-hosting GitHub. The program, appropriately called iBrute, is designed to flood AppleID logons with possible password combinations. The assumption is that the hacker would know the username, often derived from an email address.

      Shortly before the stolen images were announced, the owner of iBrute announced the vulnerability — Find My iPhone did not deny access to brute force methods of figuring out a password. Early this morning, the same iBrute owner announced that the vulnerability has been closed, although there has not yet been confirmation from Apple.

      iBrute is now reportedly locked out. But there is also speculation that the Find My iPhone hack was not solely to blame for all the apparently stolen files. For instance, someone could trick a celebrity user — or the celebrity’s assistant — into revealing enough information to gain access to iCloud backups. Additionally, it’s possible other online services were involved, since some of the images reportedly show celebrities using Android mobile devices.

      http://venturebeat.com/2014/09...

    4. Re:Where are these photos? by TWX · · Score: 5, Insightful

      Or if they shared the photos with a paramour or significant other, if that person saved them on a Mac...

      What it comes down to is, if you don't want naked pictures of yourself to end up for all the world to see, don't take naked pictures of yourself. Famous or not, just don't do it.

      Yes, it's wrong for someone to seek to steal your nude photos, but pragmatically people want to satisfy their prurient interests. If you're famous and if your beauty was in large-part responsible for getting you there, you've created incentive for those fans to want to see more. That's why programs like Entertainment Tonight, Extra, and TMZ can make a living, because people want to satisfy their prurient interests with you. Some like Paris Hilton and Mrs. Kanye West and the rest of the Kardashian family have managed to exploit that successfully in the past, and others like Miley Cyrus are trying very hard to exploit that now, and unfortunately their antics have helped to make it acceptable, to an extent, for this invasive phenomenon to stand.

      Once the genie's out of the bottle it's over. Apparently Lawrence's lawyers are threatening to sue or refer for criminal prosecution anyone that shares the photos of her. I very much doubt they'll have a lot of luck though, even if the original source of the leak is found. If anything they're just going to make it worse via Streisand Effect.

      And for those that say I'm blaming the victim, yes, I am blaming the victim. I'm also blaming the leaker and the culture of invasiveness that makes these leaks so incredibly desired, but I am blaming the victim. Would you go walking through a part of town known for muggings during the time of day or night when those muggings are most likely to happen? Yeah, it's wrong for the mugger to attack you, but armed with the knowledge that you're placing yourself in undue risk you'd generally avoid doing that because the only behavior that you can control is your own. Same thing applies here. It's 100% wrong for someone to fraudulently obtain access to your account and your cache of nude photos of yourself, but you know that if others know they exist they'll certainly try, or if you're famous you know that they'll try just to see if they exist in the first place, so despite the very much known risk you've put yourself in a position to become a victim. Don't do that.

      --
      Do not look into laser with remaining eye.
    5. Re:Where are these photos? by Khyber · · Score: 5, Informative

      "Since when has Apple prided itself or even claimed strict security? "

      Uhh, remember the Macs don't get viruses campaign?

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    6. Re:Where are these photos? by 2ms · · Score: 5, Informative

      What a bunch of nonsense. How do they "really really really" push iPhoto on Macs? It's there and it launches if you don't have photo imports associated with another app instead. I guess you would prefer that Macs come unable to handle photos out of the box?

    7. Re:Where are these photos? by AmiMoJo · · Score: 5, Insightful

      If someone put their money in a reputable bank and it was stolen, would you blame them? The photos were in password protected accounts from a reputable company that claimed to be secure. There were no "your photos may be hacked" warnings. While it may seem obvious to people like us that the risk is there, most people don't think that way and can't really be blamed for not doing so. How is a password for iCloud any different from the password for your online banking or PIN number for the average person?

      They evaluated the risks with the information they had, and Apple failed them. If Apple were a bank they would be entirely liable for any financial loss, no question.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    8. Re:Where are these photos? by Bite+The+Pillow · · Score: 5, Insightful

      I buy a phone, and I'm an idiot. Specifically, I'm a very attractive hollywood star/let.

      I want to share my tits with some person I'm dating. How do I know anything about what you have said? I want my tit pics to go across the water, and only to the person that I sent them to, or allowed to see them.

      Talk to me like I'm an idiot, because by the lists I am an idiot. I'm a very ignorant fool, and I don't understand how the pictures I took, for a specific person, are now appearing for every person on the planet to see.

      What did I do wrong? I took pictures of my vagina. That's on my phone. I texted them to you, and you are on my carrier, which I would expect is private. If you support the non-pprivacy of anything I upload to my phone (which is not an upload), then you are a contrarian and deserve to die.

      I text to a private device, or upload to a private account. How do I share something "by default" that people, right now, are jerking off to, by reports, "repeatedly and thoroughly"? I bought a phone, I texted it to someone I trust, and now my "junk" is everywhere.

      I was prompted for an Apple Id, I guess, but did it tell me that my vagina would be on the internet?

      Did I upload something to the cloud? Because I don't know what a cloud is. I wanted to prove to this really cute and awesome guy that I missed him and wanted him to come back after shooting his movie or show or whatever, I'm not being specific.

      Was it in a ToS agreement that I upload everything to everyone ever? If not, your description of default whatever holds no water. I don't know the defaults. I don't know what I have to turn on or off to enable or disable defaults. I want pictures of my pussy on my pohone, and wherever I send them. That's it.

      Go ahead, and be technically superior. I'm going to need a stupid-user-level explanation of what I missed because I'm dumb.

    9. Re: Where are these photos? by ModernGeek · · Score: 5, Funny

      When will people reach out to the public and let them know the benefits of F/OSS? Had they been running OpenBSD this would have never been an issue as they would have never gotten the camera to mount.

      --
      Sig: I stole this sig.
  2. Re:Here they come... by justaguy516 · · Score: 5, Insightful

    Paraphrasing something I just read somewhere on the Internet:

    When somebody says 'the cloud', mentally replace it by 'somebody else's computer'.

  3. Alleged leaker already named by Anonymous Coward · · Score: 5, Informative

    Pretty good detective work: http://pastebin.com/cwAz9Y2r

  4. Where are these photos? by luca.masters · · Score: 5, Informative

    Slashdot: Where we care about privacy, unless there's a chance to see a naked girl Pro-tip: There are millions of photos of naked women out there that can be viewed wiithout violating anyone's privacy. Go make use of those if you're in so desperate need.

  5. Apple's Culture works against them. by Anonymous Coward · · Score: 5, Interesting

    I worked for Apple for 9 years. I would never use iCloud for anything I needed to keep private.

    Apple's own culture of secrecy works against them. You don't discuss what you are doing outside your immediate team. This means that you often don't know enough about what you are doing to understand where your code will be used. You are working from a design (or an API) specified by another team and you have to assume they have the complete picture. If they don't specify brute force protection for your code you must assume that they have a reason or they are using some other method.

    The internal secrecy also results in multiple implementations of the same function, because each team knows its own code and doesn't see what others have already implemented or are working on. No doubt somebody in the organization thinks that the internal secrecy is worth the cost.

  6. Let me get this straight... by WD · · Score: 5, Insightful

    Somebody:
    1) Takes nude photos of themselves with an internet-connected device.
    2) Has said photos of themselves synchronized with an internet service
    3) Is surprised / outraged that said photos are accessed by somebody on the internet.

    I'm not saying that those people are to blame, but rather that there is a significant disconnect between technology and users' expectations. And the companies involved aren't making things any better with their hand-waving "cloud" mumbo-jumbo.