iOS Apple

Apple enhances security features in iCloud

Maxwell R. posted by Maxwell R.   /  Sep 05, 2014, 8:25 PM
Apple enhances security features in iCloud
With just days to go before the highly anticipated iPhone 6 announcement, Apple has carefully threaded the needle in its public responses to compromised celebrity accounts, resulting in a deluge of stolen photos being distributed all over the internet.

Apple has stated that its iCloud servers were not compromised, but it has indicated that some accounts may have not been adequately protected, such as, weak passwords and easy security questions. CEO Tim Cook further widened the blame blanket that some account holders might have fallen for a phishing scam.

Since the story broke over the weekend, Apple patched a clear exploit in iCloud which allowed unlimited log-in attempts, a perfect target for a brute force user ID and password combination attack. Apple has not stated, and probably will not, if some of the compromised accounts were accessed in this manner.

While two-factor authentication might have provided some extra security, Apple admits that the majority of its customers do not use it. So, awareness on that piece, among other steps, are part of the enhancements Apple plans to roll out in assisting customers protecting their data.

In addition to more aggressively promotion two-factor authentication, Apple will also start alerting customers via email and iMessage when iCloud is asked to restore data to a new device. Also, alerts will be sent when the user tries to log in from a new device for the first time. Even then, these notifications are arguably after-the-fact events, so the responsibility still lies with the user.

Some of these measures may seem like “Cybersecurity 101,” but we can all relate when such steps ultimately impede the user experience to the point where a customer simply will not use a given feature. Apple is working with the FBI, which is investigating the incident which saw more than 100 iCloud accounts get side-stepped.

These are good first steps for Apple to take, but it will also need to find a way to adequately inform its customers through the user experience about how its cloud services work, what the risks and benefits are, and how to best protect data, pictures, and videos backed up to iCloud.  This may be an opportunity to evolve the legalese from a "too long, didn't read" click through, and incorporate something more engaging.

For now, the newly announced measures will go into effect over the next two weeks.

sources: The Wall Street Journal and CBS News

FEATURED VIDEO

Options

36 Comments

GreekGeek
Reply

1. GreekGeek

Posts: 1276; Member since: Mar 22, 2014

Yeah yeah yeah.......whatever Damage has been done, everybody's kinda paranoid right now

posted on Sep 05, 2014, 8:29 PM

vincelongman
Reply

5. vincelongman

Posts: 5653; Member since: Feb 10, 2013

What if only non famous people were involved? The media probably wouldnt have given it much coverage, so Apple might not have done anything about it

posted on Sep 05, 2014, 8:38 PM

GreekGeek
Reply

7. GreekGeek

Posts: 1276; Member since: Mar 22, 2014

There is a ''trading ring'' going on out there, Non-celebs = No Value. They basically trade these photos in exchange for another photo, cash or bitcoin. Why would they even bother hacking a Non-Celeb? Well unless he/she is rich of course, obviously for ransom/blackmail purposes

posted on Sep 05, 2014, 8:43 PM

vincelongman
Reply

8. vincelongman

Posts: 5653; Member since: Feb 10, 2013

I know But it still shows a double standard for famous vs non famous people

posted on Sep 05, 2014, 8:59 PM

wilsong17 unregistered
Reply

35. wilsong17 unregistered

Wrong how many government agent use the icloud

posted on Sep 06, 2014, 11:47 PM

dmakun
Reply

2. dmakun

Posts: 382; Member since: Jun 06, 2011

Medicine after death perhaps?

posted on Sep 05, 2014, 8:32 PM

nlbates66
Reply

3. nlbates66

Posts: 328; Member since: Aug 15, 2012

they really should have stopped allowing infinite retrys on their password system yonks ago.

posted on Sep 05, 2014, 8:34 PM

GreekGeek
Reply

4. GreekGeek

Posts: 1276; Member since: Mar 22, 2014

Tinfoil maisters, could it be that various Android OEMs and GOOGLE has funded this hacking? I mean, more than a week to go before the iPhone 6 unveiling and we have this really nasty scandal that doesn't favor Apple at all.

posted on Sep 05, 2014, 8:37 PM

vincelongman
Reply

6. vincelongman

Posts: 5653; Member since: Feb 10, 2013

I doubt it, some of the celebs had Androids as well I remember one of them had a Galaxy S5 (but she claimed her leaks were fake) And it wasn't actually a security beach, more the hacker took advantage of the celebs poor passwords and security questions And DropBox was hacked as well

posted on Sep 05, 2014, 8:40 PM

0xFFFF
Reply

9. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

If it is in the cloud, it is being bought and sold right now. Every single bit of data.

posted on Sep 05, 2014, 9:36 PM

meanestgenius
Reply

10. meanestgenius

Posts: 21600; Member since: May 28, 2014

So, Apple says their iCloud servers were not compromised, yet they issue "security enhancement features" to it? Liars, much? Apple and security DO NOT go hand in hand.

posted on Sep 05, 2014, 9:50 PM

0xFFFF
Reply

11. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

Apple is always full-of-shït when it comes to security. They purposefully put in all sorts of backdoor APIs because they share/sell all their data. Of course iFans will deny this, but the truth is the truth. "No, the analogy you propose is completely wrong. A better one is you having a door to your home that the manufacturer told you it’s safe to use, but somehow that door still resides inside the manufacturer’s compound and you enter your home through there everyday – and someone shows up with a gazillion keys and starts trying them one by one (the bruteforcing, if I’m being too subtle), but you can’t stop them as you don’t really own or control the door and even if you knew how, you still couldn’t really assess the real security of the system. And then the manufacturer comes out and says that even through your door was inside their compound beyond their systems, it’s still your fault since you didn’t order a better key that wouldn’t slowed down (not stop) the thief even though they could have (or at least should have) stopped the guy with many keys from keep trying to unlock your door." http://uncrunched.com/2014/09/02/apple-is-screwed-frappening/

posted on Sep 05, 2014, 10:18 PM

meanestgenius
Reply

12. meanestgenius

Posts: 21600; Member since: May 28, 2014

SMH...Apple really is full of sh!t when it comes to security....

posted on Sep 05, 2014, 10:22 PM

Mxyzptlk unregistered
Reply

13. Mxyzptlk unregistered

Just like your comment

posted on Sep 05, 2014, 10:47 PM

0xFFFF
Reply

14. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

"Of course iFans will deny this, but the truth is the truth."

posted on Sep 05, 2014, 10:51 PM

meanestgenius
Reply

16. meanestgenius

Posts: 21600; Member since: May 28, 2014

Just like you, ifanboy troll. You mad? Did I hit a nerve? Truth hurts, doesn't it troll?

posted on Sep 05, 2014, 11:09 PM

Leo_MC
Reply

23. Leo_MC

Posts: 6935; Member since: Dec 02, 2011

The measures are for the users, not for the servers.

posted on Sep 06, 2014, 5:09 AM

meanestgenius
Reply

24. meanestgenius

Posts: 21600; Member since: May 28, 2014

I don't care what it's for. It's all BS. Apple will never implement security measures that truly protect their users as they sell off your information to the highest bidder and build back doors into their products for the NSA.

posted on Sep 06, 2014, 5:28 AM

Leo_MC
Reply

25. Leo_MC

Posts: 6935; Member since: Dec 02, 2011

Where can I bid for that information?

posted on Sep 06, 2014, 7:32 AM

meanestgenius
Reply

26. meanestgenius

Posts: 21600; Member since: May 28, 2014

Look for yourself.

posted on Sep 06, 2014, 8:13 AM

blazee
Reply

30. blazee

Posts: 414; Member since: Jan 02, 2012

Sounds like you made all that up

posted on Sep 06, 2014, 1:44 PM

0xFFFF
Reply

32. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

If you actually do the searches, you will find that what meanestgenius said is true. Nobody wants to post the links using a non-anon account, because that puts you a little higher up on the NSA's sh1t list.

posted on Sep 06, 2014, 4:52 PM

meanestgenius
Reply

33. meanestgenius

Posts: 21600; Member since: May 28, 2014

Sounds like you don't know what you're talking about.

posted on Sep 06, 2014, 5:22 PM

Droid_X_Doug
Reply

15. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

There is a reason the NSA referred to iToys as Zombies. Or, was it iZombies?

posted on Sep 05, 2014, 11:06 PM

dspkblympkbl
Reply

18. dspkblympkbl

Posts: 51; Member since: May 23, 2013

I never trusted icloud from the start, I had an incident where I couldn't sent stuff down from icloud to my ipad...I was like "hm...this smells funny" And to this day, it remains the case. You have to reset the ipad and restore from icloud to get your stuff...not very user friendly. Then again, it's a free service from apple...

posted on Sep 06, 2014, 1:21 AM

hossamaltarawneh
Reply

21. hossamaltarawneh

Posts: 36; Member since: Oct 18, 2013

Just call BlackBerry they will fix it :)

posted on Sep 06, 2014, 3:46 AM

meanestgenius
Reply

22. meanestgenius

Posts: 21600; Member since: May 28, 2014

Indeed they will! Tim Cook needs to get on the phone with John Chen immediately to request the services of BlackBerry to secure their constantly-breached iProducts!

posted on Sep 06, 2014, 4:29 AM

Sam4Note
Reply

27. Sam4Note

Posts: 8; Member since: Sep 04, 2014

Isn't BB another American company? Aren't all major companies and corporations in America in cahoots with the NSA and stuff? I'm just speculating but it seems plausible

posted on Sep 06, 2014, 8:56 AM

meanestgenius
Reply

28. meanestgenius

Posts: 21600; Member since: May 28, 2014

What? BlackBerry is a CANADIAN company. A little research will defeat speculation every time. By the way, EVERYONE in tech, media, even the common man on the street knows that BlackBerry is a CANADIAN company. Where have you been living all of this time?

posted on Sep 06, 2014, 11:23 AM

Sam4Note
Reply

31. Sam4Note

Posts: 8; Member since: Sep 04, 2014

"Canada Country Canada is a country in North America consisting of ten provinces and three territories. Located in the northern part of the continent, it extends from the Atlantic to the Pacific and northward into the Arctic Ocean." Wikipedia North America isn't America? I'm confused....

posted on Sep 06, 2014, 2:16 PM

view all comments
Want to comment? Please Log in or sign up.

Featured stories

Apple-iPhone-11-Max-design-camera-dummy-unit
Here's what the iPhone 11 Max will probably look like
Note-10-Exynos-9825-Snapdragon-855-Plus-top-benchmarks
Note 10 may be the fastest Android alive as new Exynos 9825 and Snapdragon 855+ benchmarks leak
What-is-Note-10-Sound-on-Display-soundcasting-all-screen-design-technology-explained
Here's how Note 10 may use Sound on Display tech to get an 'all-screen' design
iPad-2019-price-deal-which-to-buy
iPads 2019 buying guide: choose the best iPad for you
samsung-galaxy-note-10-release-date-august-23-korea-report
Samsung Galaxy Note 10 release date may have been revealed
samsung-should-not-kill-the-s-pen
Rebuttal: No, Samsung should absolutely not ditch the S Pen
2020-iPhones-under-display-camera-design
Notches are silly, 2020 iPhones ironic, and the front camera hiding trend is all wrong
Sprint-5G-network-Chicago-launch
Sprint expands its 5G network to one more city in the US

Popular stories

best-buy-samsung-galaxy-s10-family-deals-massive-discounts-carrier-activation
Best Buy is now offering discounts of between $400 and $500 on the entire Galaxy S10 family
best-buy-massive-sale-moto-g7-family-moto-z3-play-more
Best Buy is running a massive sale on Moto G7 phones, the Moto Z3 Play, and more
amazon-prime-day-deals-google-pixel-3-3-xl-3a-xl-revealed
Amazon Prime Day deals on Google Pixel 3, 3 XL, and 3a XL revealed but not available yet
Google-Pixel-4-XL-Hole-on-the-front-raises-questions
Google Pixel 4 XL will come with a mysterious new sensor: what is it?
Update-bricks-Verizon-Galaxy-S10-units
Samsung says there is only one fix for Verizon Galaxy S10 units bricked by the latest update
woot-deals-google-pixel-3-pixel-2-original-pixel-refurbished-warranty
Woot is deeply discounting every high-end Google Pixel phone ever released (refurbished)
Parts-for-OnePlus-7-Pro-cost-324-dollars
Leaked data reveals how much the parts inside the 6GB OnePlus 7 Pro cost
moto-g6-us-unlocked-official-android-9-0-pie-update-rollout
Official Android Pie update widely released for US unlocked Moto G6, this time for real

Hot phones

Latest Stories

View more
This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.