Join

Enter Details

Comment on stories, receive email newsletters & alerts.

@
This is your permanent identity for Business Insider Australia
Your email must be valid for account activation
Minimum of 8 standard keyboard characters

Subscribe

Email newsletters but will contain a brief summary of our top stories and news alerts.

Forgotten Password

Enter Details


Back to log in

Apple May Have Known About ICloud Security Issues Long Before The Nude Celebrity Photo Hack

Jennifer LawrenceREUTERS/Lucas JacksonJennifer Lawrence was one of several celebrities involved in the recent iCloud hacking scandal.

Apple may have known about a vulnerability in iCloud about six months before the recent hacking scandal in which dozens of explicit celebrity photos were leaked, according to The Daily Dot.

The publication reportedly obtained emails between Apple and a security researcher that informed the company of a security hole back in March.

The security researcher, Ibrahim Balic, reportedly told Apple that he found a way to infiltrate iCloud accounts.

Balic said the vulnerability he reported to Apple seems very similar to the one that was believed to have been used by the hackers that ripped racy photos from celebrities iCloud accounts in early September, The Daily Dot reports. It still remains unclear, however, if the two vulnerabilities are the same or separate.

In one email, Balic warned Apple that iCloud seemed to be vulnerable to a technique known as “brute-force,” which is when an intruder attempts to guess passwords by trying thousands of difference character combinations. These attacks are usually hard to pull off since most systems lock you out after a certain number of failed password attempts.

Here’s a copy of that email published by The Daily Dot:

AppleEmailThe Daily Dot

Balic told Apple he was able to try more than 20,000 password combinations.

In a separate email from May 2014, the issue seemed to be unfixed since Apple continued to question Balic about his methods.

After this month’s iCloud incident, in which private photos from celebrities such as Jennifer Lawrence, “The Big Bang Theory” actress Kaley Cuoco, and Kate Upton among other were leaked, Apple said it had made efforts to boost security. For example, the company expanded its two-step verification system to iCloud, and CEO Tim Cook published a letter detailing the company’s commitment to user privacy.

Follow Business Insider Australia on Facebook, Twitter, and LinkedIn


Tagged In

apple icloud