Celebrity Nude Photo Hacking: Should You Be Worried?

Reports made over the weekend that intimate photos of celebrities were hacked serve as a vivid reminder about Internet security and the question of whether the vast majority of Internet users are also vulnerable to such an attack.

"Are you any less secure than you were a month ago? The answer is no," Patrick Moorhead, president of technology analytics firm Moor Insights & Strategy, told NBC News on Monday.

You're just as insecure as you always were.

It hasn't been definitively confirmed that the photos are real, or even that Apple's iCloud online storage service was hacked in the first place, as reports indicate. But they do highlight that our faith in the security of the Internet isn't always answered. Here's what we know and what we don't know.


Who Was Hacked?

Perhaps nobody. "We don't know if they were truly taken from iCloud or, for example, just Photoshopped by someone looking for publicity," said Carl Howe, vice president of data sciences for the Yankee Group, an information technology research company.

If you believe the still-unknown hacker or hackers, more than 100 celebrities had personal photos harvested, some of them explicit — with more photos to come. Jennifer Lawrence's publicity team called the alleged pictures of the Oscar winner "a flagrant violation of privacy" and promised prosecution, while Mary Elizabeth Winstead said on Twitter that photos of her were ones the singer and actress thought she'd deleted herself.

The FBI said Monday it's "aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter." Meanwhile, Apple Inc. — whose cloud storage service many of the photos appeared to have come from — said it's "actively investigating" the claims.


How Was It Done?

That hasn't been nailed down, but there are three main theories. One is what's known as a social engineering attack — the hacker or hackers simply "guessed a celeb's password or got it from a friend," Howe said.

The second theory involves what's called a brute-force attack. Announcement of the leak came very quickly after a team of developers revealed on tech forums that they'd found a bug in Apple's Find My iPhone service allowing anybody who learns your username to simply keep entering hundreds or thousands of passwords until he hits Bingo.

But "I think it's safe to say that this was not done with a brute force hacking tool," Moorhead said as further details of the photos emerged Monday, including data that indicated they were squirreled away not just on iCloud, but also on other popular online storage services.

The theory of Moorhead and several other experts consulted by NBC News is that the alleged hack probably started somewhere else, likely on an e-commerce site — somewhere "where somebody used the same login for another service where other photos were kept," Moorhead said. Once the hacker had an email address and either a username or a password, he or she could have gone to any one of a number of sites and used the "forgot my login" feature to get access to that site — and very likely several other sites, because the painful truth is that most people use the same login information for most of their online activities, security experts said.

How Safe Are You?

Millions of people and companies upload their most sensitive data to services like iCloud and Dropbox in "the cloud" — enormous online servers that you access as though they were your own hard drive. That way, "you can always have a backup if your computer is lost or stolen," said Mark Rasch of Rasch Technology and Cyberlaw, who's a former director of the Justice Department's Computer Crime Unit.

But if you store your data in the cloud, the cloud then becomes "a one-stop shop for hackers," Rasch told NBC News. "Hackers only have to break in one place to get everybody's data." If hackers were able to get the files they claimed over the weekend, they "can get files about anybody," he said.

What Can You Do?

It's not like this is anything new. The attack, if verified, probably exploited a well-known weakness not in the infrastructure of the Internet but in people — our willingness to cut corners in how we use the Internet by relying on the same simple passwords on multiple sites and services. To protect yourself, at least somewhat, experts gave the same advice you've probably heard before:

  • Consider whether you really want to store private or potentially incriminating pictures on the Internet in the first place.
  • Pick hard-to-guess passwords that aren't based on real words or personal data that a thief might be able to harvest elsewhere, for example from public records, like your birthday. And make sure they include punctuation marks, capital letters and numbers.
  • Don't use the same password on any other site.
  • If a service provides something called two-factor authentication — a system that sends a special one-time-only code to your phone, which you have to enter every time you try to log in — use it. More and more of the largest sites do.
It's inconvenient — of course it is. But it's simply a fact, Rasch said, that if you take an embarrassing photo and put it on the Web, "it's going to make it places you don't want it to be."

COMMENTS

Name

©2012 Oceninfo.co.cc,2,10:29 IST,1,2012,1,Adfly Bot,2,AFCEH,1,Ajax security,1,all posts for education purpose only...www.facebook.com/princebhalani,1,Android,1,android developer,1,android phone,1,android phone-1,1,anonymous email,1,Anti-Trojan software,8,Antivirus,1,Apple,1,article marketing,1,at risk,1,attacks,1,australian federal police,1,Auto Clicker,1,Auto surfer,1,backtrack link,2,Bank Hacking,2,BCMSN,2,BIOS Update,1,Blockchain,1,Blog and tagged Ransomware,1,boot fast...,1,boot xp faster,1,Business Deals,1,Bypass Antivirus and Hack Window Systems,1,CCIE,2,CCNA,2,CCNP,2,CEH,2,challenge-response system,1,Changing Root Bridge Election Results,2,code,2,commands,1,company deals,1,Computer Hacking,3,Connect,1,cookie stealing,3,Country,1,Crack,1,Credit Card Fraud,2,credit cards,1,Cryptography,1,cyber cell updated,1,cyber security,1,DATA CARD TRICK,1,delhi,1,Digital Marketing,1,direct admission in any colleges,2,Direct Link,3,Directory Traversal Attacks,1,Dos and Ddos,1,DotNetNuke Remote File Upload Vulnerability,1,Earn Lots of money,3,EARN MONEY PART2,1,earnings in$,1,email hacking,4,email spoofing,2,Er Prince Bhalani jobs,1,Ethical Hacker job,1,ethical hacking,8,exploit,1,facebook autoliker,1,Facebook tricks,3,Fake Mail,1,fake sms,1,FB hackz,1,FBI,1,FBI HACKERS,2,FBI Jobs,2,featured,6,Finger scan,1,fingerprint Hacking,1,format without pain,1,Free Download,1,Free Flash Templates,1,free hacking book,5,Free Recharge,1,free sms,2,Freebeacon,1,friendship day,2,friendship day image,2,friendship image,1,Future Computer,2,future of hacking,1,Gadgets,1,good clean fun,1,google,3,Google Ads,1,google adsense account,1,Google hacking,3,google hacks,1,google search,1,hack,2,hack the world,2,HACK WEBSITES USING SQL INJECTION,2,hacker,1,hacker uni,1,hacker/LPT/etc,1,hackers,2,Hackerz info,1,hacking,4,hacking games,1,hacking matterial,1,HACKING OFER,1,hacking softwares,1,hacking tools,2,Hacking with Mobile phones,1,HackingTeacher Security Solutions,1,hacks,1,hijack,1,history of hacking,1,How to,8,How to Hack,37,how to play,1,How to sniff,1,html,1,HTTPS/SSL secured sites,1,I LOVE YOU VIRUS,1,i-phone hacking,1,ICITAM 2012,1,iCloud Era,1,In Flow,1,indian cyber cell,4,information security,1,interesting,1,inurl:fcklinkgallery.as,1,IP hacks,1,iphone,1,IT Act,1,IT Decision Maker,1,IT Implem_App/LOB Spec,1,IT Implem_Desktop/EndUser Spec,1,IT Implem_Infrastructure Spec,1,IT Implem_IT Generalist and IT Manager.,1,it security,1,java,1,jobs for ethical hacker,3,jobs in hacking,5,Joe job,1,Just for education purpose only,1,Kaspersky,1,kaspersky crack 2013,1,keyboard hacking,1,keyloggers,1,keywords,1,Laptop Tracking,1,Laws of computer crime,1,Learn Cracking,1,Learn Website Hacking,7,Linkbucks Bot,1,Macromedia Flash,1,make some rules...|||_|||,1,malicious code,1,Malware,1,malware analysis,1,man in the middle attack (LAN),1,master,1,master list,1,metasploit,3,Microsoft scams,1,mobile,1,mobile recharge,1,moblie phone hacking,1,munging,1,network hack,1,Network Sniffers,1,new command set,1,new projects,1,nmap,1,No Survey,1,not infrequent,1,online scanners,1,paisa live hack,1,panetration for educational purpose only,1,Parental Controls,1,password hacking,4,Password sniffing with arp poisoning,1,PC TIPS,1,PE_PARITE (Trend Micro),1,penetration testing,1,pharming,1,phishing,1,phone hacking charged,1,PHP,1,pin ball,1,Play WMV Files,1,Press Trust of India / New Delhi Aug 15,1,Prime minister,1,prince bhalani,1,princebhalani,1,Professional job in FBI,1,Professional Penetration Testing,1,Programming,1,Programming of virus,2,protect my pc against hackin,1,proxy list by http,1,Proxy SOCKS Port,1,R-Admin With Key,1,Radmin,1,RAW Jobs,1,Real Hackers vs fake ethical hackers. ..:),1,Register of Known Spam Operations (ROKSO),1,repair corrupt hard disk,1,RFT,1,Robbery,1,Rupert Murdoch,1,SAMPLE,1,Sample dynamic flash template from TM website,1,Scams,2,Scanned Vulnerabilities,1,SEA,2,search engine hacking,1,Search Operators,1,Security,2,Security breach,1,security code brack,1,SEM,4,SEO,112,SEO Mistakes,1,SEO TOOLS,1,SEO Tricks,3,SERM,1,SERP,1,Session Hijacking,4,SET,1,shell commands...,1,shell list with download,1,SITES,1,Smart Home,1,Smartphones,1,SMM,1,SMO,2,sms spoofing,1,SMTP Servers,1,Sniffing passwords,1,Sothink SWF Decompiler,1,spam cocktail (or anti-spam cocktail),1,spam trap,1,spear phishing,2,SQL hacking,2,SQL Injection Attacks by Example,2,SSL,1,SSL Analysis,1,starting of help,1,System Information,1,System Restore,1,Tablet in 1000,1,Tablets,1,Temporary Email Service,1,time need,1,timer,1,tracing,1,Traffic,3,tricks,5,Tricks and Tips,1,Trojan,1,Trojan tools,1,Trojans and Backdoors,2,trojon,7,Turbo C++,1,UK phone hacking,1,UK phone hacking arrest,1,USA JOBS,4,Virus,2,virus writing,2,VPN,1,vulnerabilities,1,vulnerability assessment,1,W32/Pate (McAfee),1,W32/Pinfi (Symantec),1,Washington,2,web hacking,6,web security,1,Website Development,1,Website Hacking,3,White House,1,wifi hacking,3,Win32 : parite (Avast),1,Win32.Parite (Kaspersky),1,Win32/Parite,1,windows,2,Windows 8 event for IT Professionals,1,wirless hack,1,WordPress,1,WordPress hacking,1,working with Virus and worm,9,XP Hacking,1,xp hacking-1,1,XP part 3,1,xss hacking,1,
ltr
item
Group Of Oceninfo: Celebrity Nude Photo Hacking: Should You Be Worried?
Celebrity Nude Photo Hacking: Should You Be Worried?
Celebrity Nude Photo Hacking: Should You Be Worried?
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjycLsyLl5b_UJVqjW6qcZ3PIEY7U-f3aRPCOE5Zq5n8WWTLuZY727iYlLIDCYvso5rrXvA4LXvy4f_zNcxWV6VBjSce3ItDCfT7DdeIduE5exhRzWV8kmP4rfOOV8SwimyNsOLoyXZgvGu/s1600/hacking.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjycLsyLl5b_UJVqjW6qcZ3PIEY7U-f3aRPCOE5Zq5n8WWTLuZY727iYlLIDCYvso5rrXvA4LXvy4f_zNcxWV6VBjSce3ItDCfT7DdeIduE5exhRzWV8kmP4rfOOV8SwimyNsOLoyXZgvGu/s72-c/hacking.jpg
Group Of Oceninfo
https://oceninfo.blogspot.com/2014/09/celebrity-nude-photo-hacking-should-you.html
https://oceninfo.blogspot.com/
https://oceninfo.blogspot.com/
https://oceninfo.blogspot.com/2014/09/celebrity-nude-photo-hacking-should-you.html
true
6415817773321450103
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy