Over the past couple of days, the second wave of sensitive images of A-list actresses and models have been leaked online on the now controversial image sharing forum 4Chan. The first images, which were posted around 3 weeks ago, contained photos acquired by a group of hackers who reportedly exploited a weak spot in Apple’s iCloud service.
The leaks have caused many to declare their anger toward both Apple – for flaws in the safety of their iCloud backup system – and towards the hackers themselves.
Others argue that the celebrities knew the risks when taking the photos in the first place, and suggest that it was only a matter of time before something of this nature occurred. After all, this isn’t the first time that sensitive celebrity imagery has been illegally acquired and distributed online, nor will it be the last.
No matter your moral standpoint on the matter though, anyone who uses a gadget or gizmo connected to the Cloud must now be asking how safe the Cloud is, and how they can make sure their private files aren’t pinched and posted to a public domain.
What is The Cloud?
For those of you who aren’t aware of exactly what the Cloud is, it’s a system by which your files are stored in a secondary location for the purposes of security and ease-of-access.
For example, if you take an image on your iPhone and your settings allow, it will not only be saved to your device, but also to your iCloud account. This can then be accessed from any internet-enabled device, provided you can give your account login details. This ensures that your photo is backed up in case your phone is lost, damaged or stolen, and also allows you to access your photo when you haven’t got your device or if its battery is dead.
The Cloud isn’t a concept used exclusively by Apple though; Apple’s iCloud is merely one of a number of Cloud-style security systems used by the top tech companies around the globe. We use a similar Cloud-based system here at sales-i to ensure that our customers’ data is securely backed up and easily accessed at all times. You can read more about it here.
How did they do it?
The main reason that Apple have come under fire for the recent hack of celebrity iCloud accounts is the loophole which allowed hackers to gain access. Usually, if you fail to log into a device or piece of software for a number of consecutive attempts, you’re locked out of the account for a while, or have to answer security questions to unlock the account. With Apple’sFind My iPhone, however, there was no such security feature in place, giving hackers unlimited attempts to gain access. This allowed them to use a style of hacking called Brute-force, which allowed them to try many passwords at a time and ultimately succeed without failure.
How can you make sure you’re safe?
Unfortunately, hackers seem rather fond of the ‘where there’s a will, there’s a way’ mantra, which means we’re all at risk until the day we turn off our monitors and pick our pens back up, which I can’t see happening too soon. That said, as recently as July this year, Germany mooted that they may return to using typewriters in their national embassies after strong allegations that American espionage agency the NSA had been spying on Germany’s internal workings.
It is of course highly unlikely that someone will spend hours and hours hacking your Cloud account if you aren’t a celebrity. Nevertheless, it’s still healthy to worry about your security online.
As hackers get more and more sophisticated, so too do the security measures put in place to stop them. Whilst many don’t realise it, ensuring your apps are up-to-date is therefore very important in terms of solidifying your Cloud accounts. The updates of many software companies make the behind-the-scenes algorithms and inner-workings of a piece of software more complex, keeping apps safer and the goals of hackers far more difficult to achieve.
Another, more obvious security tip is to use different passwords for all of your accounts. You wouldn’t have one key to your car, house and safe, so why only use one password? If someone was to get hold of one password, they’d have complete access to your online presence. Think about creating passwords which are at least 8 digits long, using foreign letters, which can be accessed by most mobile keyboards, to make your passwords much more difficult to guess.
Finally, we recommend knowing exactly what your Cloud settings are. Often, devices are pre-set to back up your files, so you may be saving things to the Cloud without even knowing it: a great surprise if you lose your phone and thought you’d lost your holiday photos; not such a great surprise if you lose your phone and discover some sensitive imagery you’d forgotten about.
Got any Cloud security tips that our readers need to know? Please share them in the comments below.