The issue I see is having the photo storage enabled by default when you activate iCloud. I only activated iCloud because I wanted switch on the Find My iPhone activation lock. I had no idea when I did this that all my photos were also getting duplicated locally and uploaded to iCloud.
With other cloud services, I choose what to store and what to automatically sync. But, those are not services that I enable as part of a device activation. My point is simply that I can see a lot of people having their photos uploaded to iCloud without their knowledge. If someone wants to stalk a celebrity, they can peruse through private photos that the victim doesn't even know were uploaded from their phone in the first place.
I'm pretty sure PhotoStream is opt in when setting up/configuring your device. I can't remember exactly but someone else can verify that.
There's less chance of guessing nonsensical answers that don't relate to the questions.
Exactly: I will never be able to remember them. I can’t remember anything. I can’t ever address anyone by name because I don’t remember them. At least give me questions for which I can guess the answers...
Store it as a note in the 1Password or similar app. Personally I think these questions are pathetically configured, without any thought put in. If they want us to answer questions as a security measure, shouldn't we be able to create the questions ourselves? Yes, that will create a boatload of unique questions as opposed to the 3 standard ones every company now has, but what will that add to their data storage; a MB or two?
Hill60 is right; I also answer with the 'strangest of weirdest'
Go to the Daily Mail website and they have an entire section devoted to what they call the "Apple hacking scandal". Quite irresponsible to call it an Apple hacking scandal considering the fact that there is no conclusive evidence that iCloud was hacked (and Apple says it wasn't) or that FMI brute force was the source.
[quote]“In reviewing months worth of forum posts, image board posts, private emails, replies for requests for services, etc. nowhere was the FindMyPhone API brute force technique (revealed publicly and exploited in iBrute) mentioned,” Cubrilovic reports. “This doesn’t mean that it wasn’t used privately by the hackers – but judging by the skill levels involved, the mentions and tutorials around other techniques and some of the bragged about success rates with social engineering, recovery, resets, rats and phishing – it appears that such techniques were not necessary or never discovered.” https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/[/quote]
Color me highly skeptical that it's just a coincidence this leaks now right before Apple has a big event scheduled.
I'd still have called them "customers". Or users. I mean, yes perhaps not all of the affected were apple customers per se, but the press release obviously targets those that are using their servers.
I just feel the press release was written very unprofessionally. Especially for the grief it has caused for the ones concerned it could have been written differently.
So which of you clowns still thinks that Samsung or the credit card companies are behind this?
Daily Mail website has a whole section on this and they call it the "Apple hacking scandal". No way is it just a coincidence this leaks a week before a major Apple event. An event that is likely to heavily feature mobile payments, HealthKit and HomeKit. IMO there is a concerted effort to tarnish Apple's reputation and those involved know the Daily Mail's and Drudge Report's of the world will be willing accomplices.
If I ever saw an excellent use case for a smart iWatch, it is to send instant two-factor verification codes at every login! That would make iCloud super secure!
Comments
Ugh, crappy quoting in these new forums
1) Good article, and quick. Thanks for that.
2) This is incorrect: I cannot "change my security questions"
I always answer those with responses completely irrelevant to the questions.
I’d also love to be able to write MY OWN QUESTIONS.
Why not use the answers to the questions you'd like to write?
There's less chance of guessing nonsensical answers that don't relate to the questions.
Ugh, crappy quoting in these new forums
No problemo.
According to Gawker, the collection of pictures are as a result of potentially years' worth of work by hackers...
...the pictures may in fact have been part of a collection that grew over the years but stayed out of the public eye.
So which of you clowns still thinks that Samsung or the credit card companies are behind this?
Apple has two factor already. If you haven't turned it on, do so!
No worries here! I've had two factor enabled for quite some time now.
Trilateral Commission! /s
Btw it's here
https://www.apple.com/pr/library/2014/09/02Apple-Media-Advisory.html
Apple calls their customers "certain celebrities"... That just made me throw up a little bit inside...
There's less chance of guessing nonsensical answers that don't relate to the questions.
Exactly: I will never be able to remember them. I can’t remember anything. I can’t ever address anyone by name because I don’t remember them. At least give me questions for which I can guess the answers...
Yes, but how to remember the fictional answers?
Store it as a note in the 1Password or similar app. Personally I think these questions are pathetically configured, without any thought put in. If they want us to answer questions as a security measure, shouldn't we be able to create the questions ourselves? Yes, that will create a boatload of unique questions as opposed to the 3 standard ones every company now has, but what will that add to their data storage; a MB or two?
Hill60 is right; I also answer with the 'strangest of weirdest'
[IMG]http://i59.tinypic.com/3463ntw.jpg[/IMG]
Go to the Daily Mail website and they have an entire section devoted to what they call the "Apple hacking scandal". Quite irresponsible to call it an Apple hacking scandal considering the fact that there is no conclusive evidence that iCloud was hacked (and Apple says it wasn't) or that FMI brute force was the source.
[quote]“In reviewing months worth of forum posts, image board posts, private emails, replies for requests for services, etc. nowhere was the FindMyPhone API brute force technique (revealed publicly and exploited in iBrute) mentioned,” Cubrilovic reports. “This doesn’t mean that it wasn’t used privately by the hackers – but judging by the skill levels involved, the mentions and tutorials around other techniques and some of the bragged about success rates with social engineering, recovery, resets, rats and phishing – it appears that such techniques were not necessary or never discovered.”
https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/[/quote]
Color me highly skeptical that it's just a coincidence this leaks now right before Apple has a big event scheduled.
I'd still have called them "customers". Or users. I mean, yes perhaps not all of the affected were apple customers per se, but the press release obviously targets those that are using their servers.
I just feel the press release was written very unprofessionally. Especially for the grief it has caused for the ones concerned it could have been written differently.