Tag: icloud

Apple suffers more iCloud woes

Posted on September 30, 2014 by - News

stormNot satisfied with a security hole which allowed 4Chan users access to minor celebrities’ porn stashes, the Fruity Cargo cult Apple has some more problems with its cloud.

According to MacRumours there is a serious bug with the “Reset All Settings” option in iOS 8, causing users who activate the feature to lose all of their iWork documents stored in iCloud Drive.

Using the “Reset All Settings” option under General –> Reset has caused documents to be permanently deleted from iCloud Drive.

The “Reset All Settings” option explicitly says that “No data or media will be deleted,” which means that Apple was lying when it told users they were safe. It is meant to reset all user preferences to the default out-of-the-box settings not kill the documents.

MacRumours tested the bug and found that “Reset All Settings” deleted all iWork documents stored in iCloud Drive on the iPhone and on iCloud.com.

“After allowing time for syncing to a Mac running OS X Yosemite, all of the documents disappeared from that machine as well. Preview and TextEdit documents, which cannot be accessed on the iPhone, remained untouched on the Mac,” the magazine said.

Apple ignored warnings of potential iCloud hack

Posted on September 25, 2014 by - News

Three-Wise-MonkeyFruity cargo cult Apple’s delusions of its own iCloud invulnerability may have led to naked pictures of its starlet customers being leaked to the Internet.

A security researcher warned Apple in March 2014 of a security hole that left the personal data of iCloud users vulnerable.

A string of emails went back and forth between Jobs’ Mob and Ibrahim Balic, a London-based software developer, which told the cargo cult of a method he’d discovered for infiltrating iCloud accounts.

The exploit Balic says he reported to Apple shares is similar to the exploit allegedly used in the so-called “Celebgate” hack.

Balic told an Apple official that he’s successfully bypassed a security feature designed to prevent “brute-force” attacks. Typically, this kind of attack is defeated by limiting the number of times users can try to log in.

He said that he could try over 20,000 passwords combinations on any account and he was warning them so that it could be fixed. The vulnerability was also reported by Balic using Apple’s online bug submission platform.

By May 6, the reported vulnerability apparently remains unfixed, as an Apple official continues to question Balic over the details of his discovery, but did nothing.

Then soon after the Celebgate photos exploded across the Web, Apple reportedly patched Balic’s vulnerability.

Apple  denied, however, that it was in any way linked to the Celebgate event. The theft of the photographs, a statement from the company insisted, was not the result of “any breach in any of Apple’s systems including iCloud or Find my iPhone.”

This is the second time that Apple has done this to Balic. In June 2013, he identified a security flaw in the Apple Developer Centre.

In that case, the website was almost immediately taken down, and Apple claimed that “an intruder attempted to secure personal information of registered developers” and it had called the rozzers.

The implication was that Balic was a criminal for reporting the flaw and Apple was only too happy to have him arrested for daring to point out flaws in its security.

Needless to say Balic was a little concerned about that and went public in the form of a comment on a TechCrunch article. He later uploaded a YouTube video, which he says contains proof of his discovery.

Apple later acknowledged Balic for reporting a cross-site scripting (XSS) vulnerability on its Web Server notification page.

Apple wakes up to security

Posted on September 5, 2014 by - News

blue-appleApple’s CEO, Tim Cook, has admitted to the Wall Street Journal that it needs to improve security on its users accounts.

But Cook said that it wasn’t Apple’s fault that hackers had broken into iCloud.  He said the hackers used various methods to get passwords for iCloud accounts but none of the material came from Apple servers.

He did, however, promise to do something to beef up security.  He told the Journal that Apple will now tip people off if someone changes a password, or when a new device attempts to access the iCloud.

That’s going to be carried out within two weeks, said Cook.

Apple has been widely criticised for its laissez faire attitude towards the recent hacking, and no doubt Cook has agreed to do an interview to defuse a situation that might spoil the launch of  yet another iPhone next week.

Apple agrees to add alerts to iCloud

Posted on September 5, 2014 by - News

lawrrenceAfter denying that its iCloud security was as good as a tent flap, Apple has agreed to warn users when their privacy is being invaded.

Jobs’ Mob hit the news this week after numerous beautiful celebs had their iCloud accounts hacked and naked pictures posted online.

Apple denied that its security was below parr but saw its share price tumble as people failed to believe it.

Now it seems that Apple is planning additional steps to keep hackers out of user accounts and will encourage users to take stricter security measures.

CEO Tim Cook told the Wall Street Journal that Apple will alert users through email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time, the report said.

He added that Apple will broaden its use of the two-factor authentication security system to avoid future intrusions and  aggressively encourage people to turn on the two-factor authentication in the new version of iOS.

However, Apple is still insisting that celebrities’ iCloud accounts were individually targeted, and that none of the cases it investigated had resulted from a breach of its systems. [Who is that woman you keep throwing into these Apple cloud stories, Nick? Ed.]

Security experts said that Apple was to blame for failing to make its devices and software easier to secure through two-factor authentication, which requires a separate verification code after users log in initially.

Unsinkable Apple hits Selfiegate iceberg

Posted on September 4, 2014 by - News

Der Untergang der TitanicHistory says that Apple’s share price should be going sky high right now buoyed by the expected launch of a new iPhone6 and whipped to a frenzy by its free publicity provided by the Tame Apple Press.

However, the company shares are suffering their worst day and one brokerage warning of a stock downgrade unless its new products show better promise for profit growth.

Shares of the smartphone maker slumped four percent as users realised that the company’s iCloud was not the safest place to store their snaps. Apple has done its best to say that its security was not at fault in its Cloudgate boob, which saw naked snaps of Hollywood stars appear online, however evidence is mounting that is not the case.

It seems investors are starting to realise that Apple has not introduced a new product since the iPad in 2010 and is not expected to create anything brilliantly new with its coming iPhone.

It has been thought that an increasingly desperate Apple would unveil a version of a smartwatch next week but even the technology for that has been done to death as Jobs’ Mob’s own version was constantly delayed.

Pacific Crest Securities analyst Andy Hargreaves said unless next week’s shows massive incremental profit opportunities, he was likely to downgrade Apple’s rating.

Apple needed a security flaw in its iCloud exposing like a hole in the head. Apple wants its clouds to become repositories of sensitive home and healthcare data, and payments and financial information too.

Security experts have been warning for ages that Apple’s cloud is not up to snuff security wise and the current breach just proves how untrustworthy it is.

Apple faces firestorm over celeb hacking

Posted on September 3, 2014 by - News

lawrrenceIt appears that the Tame Apple Press are finally giving up on Jobs’ Mob and admitting that the leak of racy celebrity photos was actually caused by a security fault on Apple’s iCloud.

Earlier this week it looked like Apple was going to avoid any mention in the hack as the press insisted that such an attack on the iCloud was impossible because it had this magical thing called “encryption.” Apple even went as far as denying that the iCloud was breached by hackers who posted nude pictures of celebrities.

Photos from the celebrities were stolen individually, the company said. The celebrity accounts were “compromised by a very targeted attack on user names, passwords and security questions, a practice that is all too common on the Internet,” Apple insisted.

However by yesterday it was clear that Apple was not going to get away with that. Journalists were starting to ask real security experts about how hackers got the information and it was fairly clear that there was a bit of a tiny weeny hole in the iCloud.

Reuters, which normally spins pro-Apple adverts pretending to be news, sheepishly admitted that the highly public affair remains potentially one of Apple’s worst public crises in years. Speculation continues to spread on blogs about flaws in the iCloud service.

Brandwatch, a company that analyses sentiment on social media, blogs and other sites, found Apple had received 17,000 mentions on Twitter were related to the security breach and the negative words associated Apple’s iCloud service include “violation,” “disgusting violation,” “criminality,” “failure,” “glitch” and “disappointment”.

What is worrying Reuters is that it could upset Apple’s coming launch of the iPhone 6 which actually includes features that use the iCloud for mobile payments. After all, if you are in the middle of a security crisis the last thing you want is to tell potential customers that the same technology which handed over naked pictures of beautiful celebs to the paparazzi can be doing the same thing with your credit card information.

“This could be a scary time publicly for Apple,” JD Sherry, vice president of cybersecurity provider Trend Micro wrote in a Tuesday blogpost. “They haven’t had many, Antennagate and Apple Maps come to mind, and this would most likely trump those.”