|
Nude Photo (iCloud?) hack affecting celebs (Jennifer Lawrence/Kate Upton...) via 4chan (pg. 5)
|
View this Thread in Original format
| DJ RANN |
Yeah, because the pictures were "leaked", weren't they?
Like when someone breaks in to your house by trying every possible key combination on your door lock and takes all your , it's not theft, it's just you leaking you possessions :rolleyes: |
|
|
| Floorfiller |
| honestly these pics just reminded me not to celebrity worship. |
|
|
| r5a |
holy jesus christ. i have no idea how ing ISIS, NSA or any of that bull ends up in a thread like this.
a group/person of hackers pwned apple. leaked a bunch of . happens all the time. the only reason this is a big deal is because the severity of the breach. also notice how apple is trying to downplay it? (oh yeah WE didnt get hacked, rather individual users got hacked. yeah you ing assclowns with your ty api)
there's a big ing difference between a bunch of smart kids causing trouble then a government body tapping/sniffing actively for your traffic. hi NSA!
what concerns me more is a significant ing amount of teir 1/bgp'd providers use Cisco gear. and there's been talk about NSA stealing shipments and dropping chips in Cisco gear. now thats ed up.
it sucks for the people that got hit but what can you do? oh yeah don't store your naked photos on the "cloud." even then you're still not protected. its a risk you take if you take these photos. |
|
|
| Jon_Snow |
| quote: | Originally posted by DJ RANN
Yeah, because the pictures were "leaked", weren't they?
Like when someone breaks in to your house by trying every possible key combination on your door lock and takes all your , it's not theft, it's just you leaking you possessions :rolleyes: |
Now you know how the RIAA feels about you stealing their music. |
|
|
| djnitride |
| quote: | Originally posted by r5a
holy jesus christ. i have no idea how ing ISIS, NSA or any of that bull ends up in a thread like this.
a group/person of hackers pwned apple. leaked a bunch of . happens all the time. the only reason this is a big deal is because the severity of the breach. also notice how apple is trying to downplay it? (oh yeah WE didnt get hacked, rather individual users got hacked. yeah you ing assclowns with your ty api)
there's a big ing difference between a bunch of smart kids causing trouble then a government body tapping/sniffing actively for your traffic. hi NSA!
what concerns me more is a significant ing amount of teir 1/bgp'd providers use Cisco gear. and there's been talk about NSA stealing shipments and dropping chips in Cisco gear. now thats ed up.
it sucks for the people that got hit but what can you do? oh yeah don't store your naked photos on the "cloud." even then you're still not protected. its a risk you take if you take these photos. |
Until people stop using bad passwords and security practices in general nothing will change. Even if their API had rate limiting people still could have guessed their passwords, just slower.
Its like leaving your backdoor open and setting your safe combination to "1111" and expecting robbers to not be able to easily break in and open it...
Yeah, its wrong that they got hacked but they neglected nearly all cyber security best practices. I don't have sympathy for anyone who doesn't take their own security seriously, whether that be physical or digital. |
|
|
| Redd |
| quote: | Originally posted by enydo
It also doesn't make sense to me that people lose their over a small trove of nudes when the internet is literally filled with porn that was put up with some form of consent. Go get your rocks off somewhere else, ffs.
|
Not the same rocks though. |
|
|
| DJ RANN |
| quote: | Originally posted by Jon_Snow
Now you know how the RIAA feels about you stealing their music. |
Yeah because the RIAA owns the content, right? :rolleyes:
(but whatevs as I'm sure you're just trolling anyway).
| quote: | Originally posted by Jon_Snow
Until people stop using bad passwords and security practices in general nothing will change. Even if their API had rate limiting people still could have guessed their passwords, just slower.
Its like leaving your backdoor open and setting your safe combination to "1111" and expecting robbers to not be able to easily break in and open it...
Yeah, its wrong that they got hacked but they neglected nearly all cyber security best practices. I don't have sympathy for anyone who doesn't take their own security seriously, whether that be physical or digital.
|
What the are you on about?
Whether you use a great password or a password, with the methods that were used (and I'll say it again, it wasn't just a easy to access to API) they were going to get the data anyway.
How easy or difficult it was to break in has nothing to do with the point.
Whether someone picks your simple lock or ram-raids your house, the intention is still the same. With these guys in this data sharing ring, they'd be happy to either pick your lock or go get the forklift.
Yes, take your security seriously, and I actually don't have much sympathy for the actual content - if you don't want the chance or a pic with jizz on your face, well, then don't have a picture taken with jizz on your face - but this was bunch of really creepy people endlessly trying to find ways in to someones personal data.
The latest indications are that some of these guys actually did it for monetary gain with is another whole layer of wrong as well. |
|
|
| PaULiN0 |
| quote: | Originally posted by Spacey Orange
So these guys are fapping to jennifer lawrence's saggy now. Oh the en travesty sweet jesus.
 |
That guy with the green shirt's are just as saggy imo. |
|
|
| Redd |
If you take a picture of yourself nude and upload it to whatever cloud, resulting in you getting hacked it's your own fault. So you're saying putting money in the bank isn't safe? I'd love the internet to be as safe as a bank. Really. It's not.
Want to send nude picture to someone? Do it, but don't upload that to a server. If you're ignorant enough to not know what I'm talking about? Well it sucks to be you.
But you're right. Ideally there wouldn't even be anyone watching this. The torrent got 40k seeders on piratebay just about 1 hour after the leak.
Criminuls. |
|
|
| djnitride |
RANN I understand your point but you are misinformed about the actual technical details behind the methods people were using. Using a strong password and hard to guess recovery questions WOULD have stopped brute force attacks against their account. There was no magic exploit. They exploited people who employed poor security practices, plain and simple.
Yes its creepy, but this is a much farther reaching problem in society than just "nude pics"... You can't just look at it from that angle without addressing the root cause of all of this.
People neglect security for far more important things and only address it once hits the fan. |
|
|
| Redd |
| quote: | Originally posted by djnitride
People neglect security for far more important things and only address it once hits the fan. |
and then they blame the people who share it. yeah, cause that's ever gonna stop. |
|
|
| DJ RANN |
| quote: | Originally posted by djnitride
RANN I understand your point but you are misinformed about the actual technical details behind the methods people were using. Using a strong password and hard to guess recovery questions WOULD have stopped brute force attacks against their account. There was no magic exploit. They exploited people who employed poor security practices, plain and simple.
Yes its creepy, but this is a much farther reaching problem in society than just "nude pics"... You can't just look at it from that angle without addressing the root cause of all of this.
People neglect security for far more important things and only address it once hits the fan. |
That would be true if this was solely a brute force attack - it wasn't; it was a group of people sharing various pictures, often working together with little snippets of info to get in to some people's accounts. It has already been confirmed that with at least two of the people, it wasn't even and icloud account that was breached.
Good passwords don't mean anything. A brute force checks millions of combinations of every possible key combination so whether it's simple or has upper and lower case, with special characters, just means it takes the brute force attack slightly longer, but trust me, these guys were at it for months, if not years.
A friend of mine just had her citibank account emptied a week ago; they traced it back to the Quickbooks help service. She was having trouble installing QB on her work PC, so they did the remote access option. It turns out the people that QB contract out their tech support to in Bangkok installed a key logger at the same time, dumped the file later that afternoon and did an international wire transfer to themselves.
When she reported unusual activity to citibank they told her there's no way as they have stringent password security and even use two step verification etc.
But eventually she traced it and as the key logger also included her email credentials when she logged in to her email, they also were able to go through the two step verification process for her password when her citi login detected an IP that was in a different territory.
Simply put, passwords will help but difficult passwords don't mean when you have sophisticated means of acquiring those passwords or credentials.
The biggest flaw was that apple did not have a brute force checker on their API for icloud, and that meant the attack could do on uninterrupted until it yielded access.
But again, that was only way way they got the pictures. Some were phishing attacks and others apparently involved even more nefarious means such as phone hacking and remote access.
As mentioned, previously, I actually know two of the people affected by this and one of them had nothing on their icloud account to get. They are at a loss as to how they got access to old images. |
|
|
|
|
