Jump to content

Jennifer Lawrence, Mary Elizabeth Winstead hacked: How safe are your cloud photos and data? |Note :Don't post links of nude leaked pictures


vvvslaxman

Recommended Posts

How stupid are these celebs? I'd definitely have more sympathy for them if it were some hidden camera photos taken of them by some snooper/creep which were then leaked online, but these are photos they chose to take themselves and then to make matters worse, uploaded it to a network!? Given the sophistication of hackers these days, even data that resides just in the confines of your personal computer is not safe. Once you upload anything to a shared service, however secure that service may claim to be, it is always vulnerable to be hacked into. I can understand if regular folks do stuff like these, but being celebs, these people should be extra paranoid about their privacy and the content they capture and share. Sorry, if you are dumb, you deserve the fate that befalls you.
Completely disagree. Its like saying that victims of bank fraud are the ones to be blamed because they put their money in the bank in the first place. And bank fraud (here I also include leaking of credit/debit card details) from many, many banks in many countries has been happening for far longer than these Cloud leaks but it hasn't stopped people, especially millionaires/billionaires (these are the ones who have the most to loose in case of bank fraud) from putting their money in banks, has it? In case of such leaks the fault lies with the companies, not with the people putting their photos/other stuff online - most people would trust companies like Apple/Microsoft/Google etc to keep their data safe. Heck, companies like Dropbox have that as their entire business - so why shouldn't people trust them? Its the companies which have to make sure that the data, be it from a celebrity or a common person, is safe. And calling someone dumb just because he/she saved their personal photos on their personal account online is quite ridiculous TBH. And one more thing - in some cases the photos had actually been deleted long time back but still the hackers managed to find them somehow - now, who is to blame because the celebrities on their part had deleted the pics.. Actress Mary Elizabeth Winstead also confirmed that nude photos of her were posted online. "To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves," Winstead posted on Twitter. Winstead, who starred in "Final Destination 3" and "Abraham Lincoln: Vampire Hunter," wrote that she thought the images had been destroyed. "Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this," Winstead wrote.
Link to comment
Share on other sites

Completely disagree. Its like saying that victims of bank fraud are the ones to be blamed because they put their money in the bank in the first place. And bank fraud (here I also include leaking of credit/debit card details) from many, many banks in many countries has been happening for far longer than these Cloud leaks but it hasn't stopped people, especially millionaires/billionaires (these are the ones who have the most to loose in case of bank fraud) from putting their money in banks, has it? In case of such leaks the fault lies with the companies, not with the people putting their photos/other stuff online - most people would trust companies like Apple/Microsoft/Google etc to keep their data safe. Heck, companies like Dropbox have that as their entire business - so why shouldn't people trust them? Its the companies which have to make sure that the data, be it from a celebrity or a common person, is safe. And calling someone dumb just because he/she saved their personal photos on their personal account online is quite ridiculous TBH. And one more thing - in some cases the photos had actually been deleted long time back but still the hackers managed to find them somehow - now, who is to blame because the celebrities on their part had deleted the pics.. Actress Mary Elizabeth Winstead also confirmed that nude photos of her were posted online. "To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves," Winstead posted on Twitter. Winstead, who starred in "Final Destination 3" and "Abraham Lincoln: Vampire Hunter," wrote that she thought the images had been destroyed. "Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this," Winstead wrote.
I am with you on that. There is a general tendency to blame the people while ignoring the larger goof up by the IT companies.. It not necessarily have to be nude photos. The thing is the actresses eventually will get over it. It is natural they get upset over it. It could be picture, sensitive data anything from anybody.
Link to comment
Share on other sites

Completely disagree. Its like saying that victims of bank fraud are the ones to be blamed because they put their money in the bank in the first place. And bank fraud (here I also include leaking of credit/debit card details) from many, many banks in many countries has been happening for far longer than these Cloud leaks but it hasn't stopped people, especially millionaires/billionaires (these are the ones who have the most to loose in case of bank fraud) from putting their money in banks, has it? In case of such leaks the fault lies with the companies, not with the people putting their photos/other stuff online - most people would trust companies like Apple/Microsoft/Google etc to keep their data safe. Heck, companies like Dropbox have that as their entire business - so why shouldn't people trust them? Its the companies which have to make sure that the data, be it from a celebrity or a common person, is safe. And calling someone dumb just because he/she saved their personal photos on their personal account online is quite ridiculous TBH. And one more thing - in some cases the photos had actually been deleted long time back but still the hackers managed to find them somehow - now, who is to blame because the celebrities on their part had deleted the pics.. Actress Mary Elizabeth Winstead also confirmed that nude photos of her were posted online. "To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves," Winstead posted on Twitter. Winstead, who starred in "Final Destination 3" and "Abraham Lincoln: Vampire Hunter," wrote that she thought the images had been destroyed. "Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this," Winstead wrote.
I think you have a grave misunderstanding of the issue. There wasn't any "hack" on the company servers. People targeted celebs using social engineering i.e. making educated guesses about their e-mail, passwords etc. heck, this isn't even a cloud hack.
Link to comment
Share on other sites

I think you have a grave misunderstanding of the issue. There wasn't any "hack" on the company servers. People targeted celebs using social engineering i.e. making educated guesses about their e-mail' date=' passwords etc. heck, this isn't even a cloud hack.[/quote'] The fact that there was leak means that at some point somewhere the company's security was weak, no? And again, these people are celebrities so they will be followed and targeted in whatever they do - that doesn't mean that they should stop living their life and stop doing such basic stuff as saving pics etc online. Blaming them for putting their pics online is absurd.
Link to comment
Share on other sites

The fact that there was leak means that at some point somewhere the company's security was weak' date= no? And again, these people are celebrities so they will be followed and targeted in whatever they do - that doesn't mean that they should stop living their life and stop doing such basic stuff as saving pics etc online. Blaming them for putting their pics online is absurd.
No, it isn't. Let me give you a simple example. Lets say (hypothetically) - I make an educated guess of your ICF password because I know you like Sachin Tendulkar. I find out that (after some failed attempts) that your password is "ILoveSachin". This doesn't make ICF security weak. Now, imagine the same scenario with "Password Recovery" mechanisms where most questions are standard template - "What is the name of the first school you went to?", "What is your mother maiden name?". For you and me, these questions must be difficult to answer but for celebrities most of these questions are readily available on the Internet. Now, Apple also has minuscule part of the blame here (I'm intentionally leaving out the technical details so you'd have to trust me on this) but assuming that they fix it, it would have little or no effect on the hacking process. All said, I'm not blaming the celebrities for putting pics online which they may or may not have done! My beef with them is that they decided to put themselves at higher risk by using naive passwords and even more naive password protection mechanisms (not using 2FA etc.). Mind you, I am don't condone this act of hacking but there are robbers in real life, there are robbers in digital life too. Just like in real life, you create a strong passwords like good locks, safe neighborhoods etc. you'd have to do that in your digital life too. Yes, the police (Apple) do take blame but it's a joint responsibility of people like you and me to report (bugs) and stay vigilant (better passwords). I hope I'm making some sense here!
Link to comment
Share on other sites

The fact that there was leak means that at some point somewhere the company's security was weak' date=' no? And again, these people are celebrities so they will be followed and targeted in whatever they do - that doesn't mean that they should stop living their life and stop doing such basic stuff as saving pics etc online. Blaming them for putting their pics online is absurd.[/quote'] I don't think these pics were stolen from iCloud or even from their computers. Most probably hackers got them from their phones which were sharing a wireless network (maybe at a restaurant or at a public place) which are usually not very secure and got access to their files using password guesswork. It doesnt seem very hard.
Link to comment
Share on other sites

No, it isn't. Let me give you a simple example. Lets say (hypothetically) - I make an educated guess of your ICF password because I know you like Sachin Tendulkar. I find out that (after some failed attempts) that your password is "ILoveSachin". This doesn't make ICF security weak. Now, imagine the same scenario with "Password Recovery" mechanisms where most questions are standard template - "What is the name of the first school you went to?", "What is your mother maiden name?". For you and me, these questions must be difficult to answer but for celebrities most of these questions are readily available on the Internet. Now, Apple also has minuscule part of the blame here (I'm intentionally leaving out the technical details so you'd have to trust me on this) but assuming that they fix it, it would have little or no effect on the hacking process. All said, I'm not blaming the celebrities for putting pics online which they may or may not have done! My beef with them is that they decided to put themselves at higher risk by using naive passwords and even more naive password protection mechanisms (not using 2FA etc.). Mind you, I am don't condone this act of hacking but there are robbers in real life, there are robbers in digital life too. Just like in real life, you create a strong passwords like good locks, safe neighborhoods etc. you'd have to do that in your digital life too. Yes, the police (Apple) do take blame but it's a joint responsibility of people like you and me to report (bugs) and stay vigilant (better passwords). I hope I'm making some sense here!
Fair enough. But in case of pics that were deleted, the company is obviously at fault. Also, Apple isn't as secure as it should be - http://www.slate.com/articles/technology/bitwise/2014/09/celebrity_photo_hack_blame_apple_for_its_disregard_for_user_security.html
Link to comment
Share on other sites

Fair enough. But in case of pics that were deleted, the company is obviously at fault. Also, Apple isn't as secure as it should be - http://www.slate.com/articles/technology/bitwise/2014/09/celebrity_photo_hack_blame_apple_for_its_disregard_for_user_security.html
The deleted pictures might have been acquired well before they were deleted. We don't know that as yet. Find my iPhone vulnerability is quite stupid and Apple should've patched it way back. The vulnerability is more generalizable and wasn't made aware to Apple (unlike the link to the article). It consists of sending a POST request which is not rate limited (standard practice). It's quite really a simple fix actually which one would expect Apple to do immediately and that blame should be on them. BUT, the hack wasn't due to any of this vulnerability. A more clear reading of the situation is here - https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/
Link to comment
Share on other sites

I think you have a grave misunderstanding of the issue. There wasn't any "hack" on the company servers. People targeted celebs using social engineering i.e. making educated guesses about their e-mail' date=' passwords etc. heck, this isn't even a cloud hack.[/quote'] Their problem is with this mainly http://rustyshelf.org/2014/09/03/security-by-deflection/ And now I will go in hibernation again :cantstop:
Link to comment
Share on other sites

Their problem is with this mainly http://rustyshelf.org/2014/09/03/security-by-deflection/ And now I will go in hibernation again :cantstop:
It isn't clear that the hackers got access to the pictures via iCloud. iCloud backups aren't supported by 2FA but their statement is confusing. I think the hackers have got access to passwords via App store. screen-shot-2014-09-02-at-3-20-56-pm.png
Link to comment
Share on other sites

It isn't clear that the hackers got access to the pictures via iCloud. iCloud backups aren't supported by 2FA but their statement is confusing. I think the hackers have got access to passwords via App store. screen-shot-2014-09-02-at-3-20-56-pm.png
i am sure its not hack in icloud ..i was doubtful even at start because small leak i can understand but to get data of multiple people over period of time i am sure any security apple had implemented would have caught it so its not hack into icloud like there was with play station few years ago that much is clear just they some how got access to personal data..i will wait for some more info to be 100 percent but apple currently should not blame anyone atleast not right now
Link to comment
Share on other sites

×
×
  • Create New...