Don’t upload private photos ph online, say experts
Apple is acknowledging that computer hackers broke into the accounts of several celebrities to steal personal photos that have been posted online, a security breakdown that the iPhone maker blamed on the intruders’ ability to figure out passwords and bypass other safeguards.
The preliminary conclusions emerged on Tuesday after Apple’s engineers spent more than 40 hours investigating a high- tech break- in that has exposedweaknesses in online security at a time more people are storing photos and other sensitive information on other computers hosed in massive data centres.
Apple opened its inquiry at theweekend after the online distribution of nude photographs of Oscar- winning actress Jennifer Lawrence and other stars, including Mary Elizabeth Winstead. Some of the stars say the photos are fakes, but Lawrence has acknowledged the revealing pictures of her are real in a statement branding their theft as a “flagrant violation of privacy”.
The intrusion raised concerns that Apple’s iCloud service, which is widely used by iPhone and iPad owners to store copies of personal photos, may have suffered a massive security lapse.
Apple, though, says it found no evidence of a widespread problem in iCloud or its Find my iPhone service. Instead, the affected celebrity accounts were targeted by hackers who had enough information to knowthe usernames, passwords and answers to personal security questions designed to thwart unauthorised entries, according to Apple.
Knowing this crucial informationwould enable an outsider to break into Apple accounts, including iCloud.
It’s much more difficult to hack into an account if a user enables a two- step authentication feature offered by Apple, Google Inc, Microsoft Corp and several other major technology companies. This securitymeasure requires a user to enter a special code sent to a smartphone when an attempt is made to sign into an account froma device that hasn’t been previously used.
Security specialists also suspect the hacking into the celebrity accounts could have been avoided if Apple had stricter controls on howmany times an incorrect password can be entered before access to the account is forbidden for a short time period. Apple has a lockout feature on its online accounts, although it won’t say howmany times an incorrect password must be entered before it’s triggered.
Apple is urging its users to switch to stronger passwords and enable the two- step authentication feature in the aftermath of the celebrity hacking attacks. “Our customers’ privacy and security are of utmost importance to us,” Apple said in its statement.
The Cupertino, California company is also co- operating with an FBI investigation into the intrusion.— AP To keep private pictures private, never upload them online.
That’s the advice experts offer after hackers broke into female celebrities’ personal accounts, stole nude photos and posted them on theweb. Jennifer Lawrence and Mary Elizabeth Winstead have said theywere victims of the hac hack attack. US federal investigators are looking lookin into the theft, and Apple confirmed on Tues Tuesday that while individual accountswere breached, br its iCloud and Find My iPhone services se remained secure. This latest hacking scandal scanda is another reminder that locking downdigital down data is amust for forpublicfi public figures. “It shows that celebrities, like the rest of ofus, us, are not as attu attuned to internet net security as they should be,” said marketing ex expertDorie Clark. “Likemany Likeman regular couples, celeb celebrities probably ably enjoy ta taking racy photographs, photograph but they have to recognise re there are people out therewhoare the inherently inher interested este in what they’re th doing, andwant a to eithermake e money or make m a namefor n themselves th by getting ge at those photos.” p
It could be embarrassing for anyone to have their nude image shown online, butmost people aren’t at risk of being targeted by hackers in thisway, said Gary Zembow, who helps celebrities secure their data as founder of Hollywood Tech Consulting.
“If you accept that some celebrities need bodyguards,” he said, “then their personal, private data needs a version of that aswell.”
Individuals and companies increasingly use internetbased “cloud” storage for images and other data. But such data can become more vulnerable once uploaded online, said professor Lance Larson, an instructor at San Diego State University’s Graduate Programme in Homeland Security.
“The cloud is like a storage locker,” he said. “Are you the only person with the key? Or does the storage- unit owner also have a key?”
In short: “Don’t put a document or photo online or in the cloud if you don’twant it to get out at some point,” he said.
So howcan celebrities— and others— protect their privacy in the internet era?
Remember that all digital media, even with privacy controls, can become public, said professor Karen North of the University of Southern California. “What you think is private is public, and what you think is temporary is permanent,” she said. “Once you share it with somebody, you no longer control the intellectual property.”
To really keep something private, don’t upload it and don’t share it.
Also, log off the internet and turn off the computer when you’re done using it, Larson suggested. “If you don’t take that device offline,” he said, “you’re providing 24 hours a day, seven days aweek of a potentially unmonitored computer on the internet.”— AP