Apple still hasn't assured millions of users that their information is safe, and it has refused to take responsibility for a security breach that led to the theft of scores of compromising photos of A-list celebrities.
The Cupertino-based consumer electronics titan has also failed to publicly apologize to celebs including actress Jennifer Lawrence and model Kate Upton — women who had their personal accounts hacked and intimate photos stolen and posted in an online forum over the weekend.
Best as I can tell, Apple failed to institute basic security protocols. That's because even Apple admits in a statement that "certain celebrity accounts were compromised by a very targeted attack on usernames, passwords and security questions, a practice that has become all too common on the Internet."
Well, it's actually not that common — for services that institute simple security protocols. The fact is, after several failed login attempts to a user's account, access should be shut down to that account. That simple lockout procedure is employed by all manner of software and services, from Yahoo to Facebook to Gmail.
Asked whether it had any lockout procedures in place for multiple incorrect login attempts to its iCloud and Find My iPhone service, a spokeswoman for the company would only say, "Yes, there is a limit."
As a test, I tried to log in with my Apple user ID with an incorrect password more than a dozen times. No emails or lockouts alerted me that someone could be trying to guess my password.
So while many Apple software experts claim that Apple released a patch that plugged at least one big vulnerability that is believed to have led to the breach, I'm not convinced.
To believe that Apple has no culpability in this breach, you'd have to buy the notion that hackers guessed the usernames, passwords and security questions correctly for dozens of celebrities on the first couple of attempts.
More likely is that hackers employed a method known as brute force, where malicious software programs make thousands of automated guesses until the correct password is found.
We don't know the precise hacking methods. But Apple has left us with more questions than answers. The company said in a statement, "When we learned of the theft, we were outraged and immediately mobilized Apple's engineers to discover the source. Our customers' privacy and security are of utmost importance to us."
But Apple also insinuated that the victims should have chosen stronger passwords. There are some simple ways to prevent brute force password hacks, and at this point, we don't know for sure whether Apple uses those safeguards.
Anda sedang membaca artikel tentang
Apple at core of security problem
Dengan url
http://warnakelabuabu.blogspot.com/2014/09/apple-at-core-of-security-problem.html
Anda boleh menyebar luaskannya atau mengcopy paste-nya
Apple at core of security problem
namun jangan lupa untuk meletakkan link
Apple at core of security problem
sebagai sumbernya
0 komentar:
Posting Komentar