Cook says Apple will roll out new iCloud security alerts, expand 2-step authentication after celebri

Posted:
in General Discussion edited September 2014
In response to a recently leaked cache of nude photos apparently stolen from celebrities' iCloud accounts, Apple CEO Tim Cook said the company plans to activate new security measures designed to thwart future attacks.



Speaking to The Wall Street Journal, Cook reiterated Apple's stance that iCloud was not breached before announcing new security protocols meant to give users a heads-up when changes are made to their accounts.

"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," Cook said. "I think we have a responsibility to ratchet that up. That's not really an engineering thing."

To add an extra layer of protection, Cook said Apple will start sending out email and push notification alerts when an attempt is made to restore iCloud data to another device. The protocol adds to current safety measures that push out similar messages when a password has been changed or a device is first linked to an iCloud account.

With the alerts in place, iCloud users can quickly react to potential breaches by closing off access or deleting files before a nefarious user has a chance to download potentially sensitive data.

As for Apple's current security measures, Cook thinks the company is doing well, pointing to the iPhone 5s' Touch ID fingerprint recognition feature and iCloud's two-step authentication protocol, which requires users enter both a password and a separate code sent to a trusted device prior to making account changes. Cook said the feature's coverage area will be widened with the release of iOS 8 to include iCloud access from mobile devices. Cook also said Apple will be proactively pushing the two-factor system in the future.

Last weekend, dozens of nude photos taken from iCloud accounts belonging to Jennifer Lawrence, Kate Upton, Ariana Grande and more were dumped on the Web after being collected through various corners of the Internet, including anonymous image board AnonIB. In the ensuing aftermath, Apple issued a statement denying hackers were able to breach iCloud security, instead blaming targeted attacks that have "become all too common on the Internet."

Apple will continue to work with authorities toward finding the culprit or culprits behind the attacks and subsequent mass data leak.

"We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are," Cook said.
«1345

Comments

  • Reply 1 of 81
    john.bjohn.b Posts: 2,740member
    It's a start.
  • Reply 2 of 81
    This is what I like about Cook. He's not afraid to say when they may have messed up (not necessarily saying that happened here) [B]or[/B] where they can do better. Similar to what happened with Maps.
  • Reply 3 of 81
    Quote:

    Originally Posted by John.B View Post



    It's a start.

     

    Agree. The silent download of backups from iCloud by law enforcement tools will also notify users now. I would also like an audit dashboard to see where devices are connecting from that are accessing my data. Seeing IPs being used where I am not would be something that I could easily spot. I think of this like a credit card statement. Being able to see where I used my card lets me see when someone else is playing me and using my card. I want the same for the cloud.

     

    I believe it is Google that actually warned me one time about connecting to gmail from a very different address within a short period of time. I was out of the country, but used VPN back into the country as well as accessing it without VPN. They were concerned that I could not be in and out of the country at the same time. Not a Google fan at all, but that was a nice thing to warn me about. 

  • Reply 4 of 81
    Originally Posted by AppleInsider View Post

    ...celebrity photo flap

     

    You did that on purpose.

     

     In response to the recent leak of nude photos apparently stolen from celebrities' iCloud accounts, Apple CEO Tim Cook announced a planned activation of new security measures designed to thwart future attacks.


     

    PLEASE tell me there won’t be any time during the keynote dedicated to this drivel.

  • Reply 5 of 81
    NOT good enough, provide the fix to enable two factor authentication for iCloud backups and Photo Stream in iOS 7 THIS month, Tim Cook! Not all devices will run iOS 8, and not all users, especially in corporations, will update to iOS 8 straight away.

    Also, what about iOS 6-only devices?!
  • Reply 6 of 81
    Quote:

    Originally Posted by Phone-UI-Guy View Post

     
    I would also like an audit dashboard to see where devices are connecting from that are accessing my data. Seeing IPs being used where I am not would be something that I could easily spot. 


    Facebook does something quite similar.

  • Reply 7 of 81
    shogunshogun Posts: 362member
    He had me until the last line. He's more outraged than the actresses who had their accounts pried open and their personal data stolen and spread all over the internet for every slimy person on earth to salivate and worse over. Um, yeah. No. I don't think so. One step too far Apple PR. Can you please pull your heads out of your holes?
  • Reply 8 of 81
    radjinradjin Posts: 165member
    Then use better passwords and don't be stupid enough to give it away.
  • Reply 9 of 81
    Originally Posted by Shogun View Post

    One step too far Apple PR. Can you please pull your heads out of your holes?

     

    Nah, he’s right.

  • Reply 10 of 81
    Quote:
    Originally Posted by AppleInsider View Post




    To add an extra layer of protection, Cook said Apple will start sending out email and push notification alerts when an attempt is made to restore iCloud data to another device. The protocol adds to current safety measures that push out similar messages when a password has been changed or a device is first linked to an iCloud account.



    With the alerts in place, iCloud users can quickly react to potential breaches by closing off access or deleting files before a nefarious user has a chance to download potentially sensitive data.

     

    Looks like I was too hasty. According to Apple, iCloud backups are encrypted, contrary to Mashable. And Cook did address expanding 2-factor authentication. I somehow missed that on my first read through. Whoops.
  • Reply 11 of 81
    You did that on purpose.

    PLEASE tell me there won’t be any time during the keynote dedicated to this drivel.
    I very well hope it isn't, maybe a mention after the keynote to press, or website, maybe within a paragraph of IOS 8 release notes(on website).
  • Reply 12 of 81
    gtrgtr Posts: 3,231member
    Apple to address celebrity photo flap after celebrity photo fap?
  • Reply 13 of 81
    hentaiboyhentaiboy Posts: 1,245member

    Thanks Tim. Meanwhile I'll stock up on a little more AAPL before the dust settles :smokey:

  • Reply 14 of 81

    That's "photo fap".

  • Reply 15 of 81
    docno42docno42 Posts: 3,660member
    A pretty well reasoned commentary on this whole thing: http://dankaminsky.com/2014/09/03/not-safe-for-not-working-on/
  • Reply 16 of 81
    docno42 wrote: »
    A pretty well reasoned commentary on this whole thing: http://dankaminsky.com/2014/09/03/not-safe-for-not-working-on/

    This alone is worth the click…


    1000
  • Reply 17 of 81
    Originally Posted by SolipsismX View Post

    This along is worth the click…



    Why would his bottom be censored? Everyone has a bottom. It’s not a naughty bit.

  • Reply 18 of 81
    mazda 3smazda 3s Posts: 1,608member

    Why would his bottom be censored? Everyone has a bottom. It’s not a naughty bit.

    Everybody has breasts, but they sensor those on chicks :(
  • Reply 19 of 81
    For a fleeting moment, I thought the headline said:

    Cook says Apple to alert iCloud users of nude celebrity photos being deposited into their account.

    I'm going to bed.
  • Reply 20 of 81
    Quote:

    Originally Posted by alcstarheel View Post



    This is what I like about Cook. He's not afraid to say when they may have messed up (not necessarily saying that happened here) or where they can do better. Similar to what happened with Maps.



    He's also not afraid to placate the public a bit. The truth is that there is zero proof that all those folks stuff came from iCloud. I believe Jennifer Lawrence is the only confirmed iCloud user in the bunch. The rest could have been Drop Box etc. And in Jennifer's case for all we know the source was a disgruntled employee who knew the log in info and decided to get back at her. Or a greedy current one with the same access. 

     

    But folks are screaming they should have more alerts so Tim will give it to them. Kind of like how Steve pointed out that the whole antenna gate thing was actually present on tons of phones but still gave folks free bumpers. 

Sign In or Register to comment.