Tag: fappening

Apple suffers more iCloud woes

Posted on September 30, 2014 by - News

stormNot satisfied with a security hole which allowed 4Chan users access to minor celebrities’ porn stashes, the Fruity Cargo cult Apple has some more problems with its cloud.

According to MacRumours there is a serious bug with the “Reset All Settings” option in iOS 8, causing users who activate the feature to lose all of their iWork documents stored in iCloud Drive.

Using the “Reset All Settings” option under General –> Reset has caused documents to be permanently deleted from iCloud Drive.

The “Reset All Settings” option explicitly says that “No data or media will be deleted,” which means that Apple was lying when it told users they were safe. It is meant to reset all user preferences to the default out-of-the-box settings not kill the documents.

MacRumours tested the bug and found that “Reset All Settings” deleted all iWork documents stored in iCloud Drive on the iPhone and on iCloud.com.

“After allowing time for syncing to a Mac running OS X Yosemite, all of the documents disappeared from that machine as well. Preview and TextEdit documents, which cannot be accessed on the iPhone, remained untouched on the Mac,” the magazine said.

Apple ignored warnings of potential iCloud hack

Posted on September 25, 2014 by - News

Three-Wise-MonkeyFruity cargo cult Apple’s delusions of its own iCloud invulnerability may have led to naked pictures of its starlet customers being leaked to the Internet.

A security researcher warned Apple in March 2014 of a security hole that left the personal data of iCloud users vulnerable.

A string of emails went back and forth between Jobs’ Mob and Ibrahim Balic, a London-based software developer, which told the cargo cult of a method he’d discovered for infiltrating iCloud accounts.

The exploit Balic says he reported to Apple shares is similar to the exploit allegedly used in the so-called “Celebgate” hack.

Balic told an Apple official that he’s successfully bypassed a security feature designed to prevent “brute-force” attacks. Typically, this kind of attack is defeated by limiting the number of times users can try to log in.

He said that he could try over 20,000 passwords combinations on any account and he was warning them so that it could be fixed. The vulnerability was also reported by Balic using Apple’s online bug submission platform.

By May 6, the reported vulnerability apparently remains unfixed, as an Apple official continues to question Balic over the details of his discovery, but did nothing.

Then soon after the Celebgate photos exploded across the Web, Apple reportedly patched Balic’s vulnerability.

Apple  denied, however, that it was in any way linked to the Celebgate event. The theft of the photographs, a statement from the company insisted, was not the result of “any breach in any of Apple’s systems including iCloud or Find my iPhone.”

This is the second time that Apple has done this to Balic. In June 2013, he identified a security flaw in the Apple Developer Centre.

In that case, the website was almost immediately taken down, and Apple claimed that “an intruder attempted to secure personal information of registered developers” and it had called the rozzers.

The implication was that Balic was a criminal for reporting the flaw and Apple was only too happy to have him arrested for daring to point out flaws in its security.

Needless to say Balic was a little concerned about that and went public in the form of a comment on a TechCrunch article. He later uploaded a YouTube video, which he says contains proof of his discovery.

Apple later acknowledged Balic for reporting a cross-site scripting (XSS) vulnerability on its Web Server notification page.