Apple knew about the iCloud security flaw 6 months prior the nude celebrity photo leak


The media buzz around the recent celebrity photo hack has begun to calm down over the past weeks, but a new wave of accusations have just poured more oil into the dying fire, which will surely bring it back to life pretty quickly. As you surely remember, a security flaw, most probably in the Find My iPhone security feature, allowed a certain cracker to leak numerous nude photos of a whole galaxy of celebrities to the world wide web.

Apple's CEO, Tim Cook, later addressed Apple's users about the existing security issues that led to the unfortunate hack, but could have Cupertino acted earlier and circumvented the breach? Recent accusations say so.

Just today, Ibrahim Balic, a security expert, revealed that he had found the existing loophole more than 6 months ago, back in March. Allegedly, he successfully tested around 20,000 passwords against certain Apple accounts, brute-forcingly guessing the correct ones. Being the good-willed security pundit he is, Balic quickly reached up to Apple and reported his discovery.

At first, Cupertino's security team collaborated with the expert on ironing out the weakness, but after a month or so, its threat level got decreased and any further work seemingly stopped. "Do you believe that you have a method for accessing an account in a reasonably short amount of time?", one of the security eventually addressed Belic with disbelief.

As a prove for his accusations, Balic provided screenshots about his correspondence with Apple. You can check them out right below. Meanwhile, another security weakness was allegedly discovered on iOS devices - it allows built-in app browsers to keylog your login credentials. Mind your security.


source: The Daily Dot via AppleInsider

FEATURED VIDEO

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless