A Few Thoughts About the Big Hollywood Naked Hack
September 2, 2014 - 1:36 pm
By now you’ve surely heard about the huge hack of several A-listers’ iCloud accounts. The hacker or hackers released a trove of highly private material from Jennifer Lawrence, Kate Upton, and others.
Being A-listers, they are targets and will always be targets for blackmail, invasions of privacy, even terrorism. Surely they know this by now.
Apple has confirmed that the leaked material came from its iCloud service.
Update 9/2: Apple has released a statement confirming that the company’s investigation found no evidence that any of its services were compromised; the accounts affected were attacked using conventional (security question/username) password reset methods.
Update 2:35 pm ET: Over at The Guardian, tech reporter Charles Arthur summarizes the current thinking about the image release from security researchers. Some are surmising that these images were gathered over months or years (the earliest timestamps are from 2011, the most recent from last month) and then the repository itself was hacked or stolen. iCloud is still under scrutiny as a vector for gaining access to private images.
So it’s not a system-wide security breach. The hackers attacked at the most obvious point of failure, the users themselves. “Password” is not a viable password, folks. iCloud is probably the single largest hack magnet on earth. iPhones are more status symbols than technological necessities these days. Every celebrity and millions of non-celebrities have iPhones, or Android competitors, and they all can interact with the cloud.
A few months ago, I noticed that my phone was uploading my photos to the cloud automatically. They were just pics of family trips and mundane stuff, but I still didn’t want it outside my immediate control. It took a few clicks to get to the right place and turn that off. Turning the cloud services off on phones should be made so simple that anyone can figure out it. That doesn’t mean that people will take the steps to turn it off, of course.
iCloud and similar cloud storage is great, but it’s also creepy and fraught with problems. I wrote that post three years ago, when iCloud first came out, only to get poo-pooed by some because “I don’t have anything to hide!” Or, “Apple has to keep up with technological trends!” True, but not the point.
Everybody has something to hide. Everybody. Most of us probably don’t have naked pictures that the entire world wants to see, but we have bank accounts, addresses, phone numbers and family information that we don’t want out beyond our control. The cloud is a huge trade-off — we trade breezy permanent access to our stuff and painless back-ups for chucking our information and pixels all over the place.
The hacker(s) in this case have obviously committed crimes and should be severely punished. It might be time for heavy mandatory minimum sentencing for cyber crimes like this. The hacker who tried to blackmail Miss Teen USA only spent 18 months in jail. That’s not enough.
Everything is going toward cloud computing, there’s no getting around that.
But there’s no substitute for not being an idiot. Our smart phones are as much our enemies as our friends. We take them everywhere with us, meaning that unless we turn off the GPS features, they can rat on us at any given second. There are products out there that enable anyone to use smart phones to spy on individuals. No NSA program needed. A quick Google search hauls up numerous how-tos on hacking cell phones. They’re our handy cameras, and they can send our private pictures off to who knows where. If you send a photo in a message to anyone, you’ve totally lost control of it. We send and receive email on them, and that leaves us even less secure.
When you’re an Oscar-winning actress, the most red hot model in the world, and so forth, you’re a target. You’re always a target.
And so is everyone else, in one way or another. Hackers may not want our naked pictures, especially if we don’t have any, but they want our money and our identities.