Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Denies Systems Breach In Photo Leak

Posted by Soulskill on from the not-my-fault-i-promise dept.

Hamsterdan notes that Apple has posted an update to its investigation into the recently celebrity photo leak, which was attributed to a breach of iCloud. Apple says the leak was not due to any flaw in iCloud or Find My iPhone, but rather the result of "a targeted attack on user names, passwords and security questions." Despite this, Wired reports that hackers on an anonymous web board have been openly discussing a piece of software designed for use by law enforcement. Whether it was involved in the celebrity attacks or not, it's currently being used to impersonate a user's device in order to download iCloud backups.

"For Apple, the use of government forensic tools by criminal hackers raises questions about how cooperative it may be with Elcomsoft. The Russian company’s tool, as Zdziarski describes it, doesn't depend on any 'backdoor' agreement with Apple and instead required Elcomsoft to fully reverse engineer Apple’s protocol for communicating between iCloud and its iOS devices. But Zdziarski argues that Apple could still have done more to make that reverse engineering more difficult or impossible." Meanwhile, Nik Cubrilovic has waded into the data leak subculture that led to this incident and provides insight into the tech and the thinking behind it.

6 of 311 comments (clear)

  1. Re:This is also how Sarah Palin's email got "hacke by i+kan+reed · · Score: 2, Funny

    Sarah Palin has proven to be good at that.

    BOOM politics slam.

  2. Our dumb users are holding it wrong! by NotDrWho · · Score: 5, Funny

    It's THEIR fault. Apple MAKES NO MISTAKES!!!

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
  3. Re:Seemed pretty obvious this was the case by Anonymous Coward · · Score: 4, Funny

    protect your password manager with a strong password from another password manager to protect!

  4. Re:Of course... by NotDrWho · · Score: 4, Funny

    "Your Holiness, people are accusing our priests of molesting their children!"

    "My son, send out a missive immediately--chastising the parishioners for letting their children seduce our priests."

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
  5. Re:Seemed pretty obvious this was the case by Sique · · Score: 5, Funny

    It's Password Managers all the way down!

    --
    .sig: Sique *sigh*
  6. Re:But how do the hackers get the email addresses? by John3 · · Score: 5, Funny

    I'd imagine once you hack a celebrity email you can then get emails of their friends, and so on. The key is to get the email address of Kevin Bacon and then you're golden.

    --
    "We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan