[Superfly_FR]

Ok, now BlackBerry is jumping on this ITW and more. Glad they didn't comment it [the celebs' hack] by themselves but instead use the media materials available (and there's a ton of it right now ).
Neat move, IMHO.

Experts: Celebrity Hacking Scandal Reinforces BlackBerry's Security Leadership | Inside BlackBerry

[pkcable]

The problem is the cloud itself, and users with insecure passwords. This can and has happened to Google and Microsoft users and their cloud users also.

[nbaliga]

It wasn't an iCloud hack. It involved social engineering. Apple offers up new details in iCloud investigation over celebrity account hacks | iMore
Sent from my Nokia Lumia 920 using Tapatalk

Reminds me of Apple's PC vs Mac ads where they claimed Windows was more vulnerable, whereas it really was just that Apple didn't have enough users for hackers to bother with.

[undone]

The problem is the cloud itself, and users with insecure passwords. This can and has happened to Google and Microsoft users and their cloud users also.

true, but leaving something available for a brute force attack isn't exactly a good security practice. At least have a cut off attempts.

[Ghyss8888]

Another clip , this time from CNN

The Buzz
BlackBerry fans poke fun at Apple iCloud
By Paul R. La Monica @lamonicabuzz September 4, 2014: 12:26 PM ET

BlackBerry fans poke fun at Apple iCloud - Sep. 4, 2014

[mnc76]

It's mostly the end users fault. Weak passwords (Paris Hilton was 'hacked' a while back because she used her dog's name for a password) and not deleting old backups.

I give Apple a slight fault for not limiting the number of attempts. Apple fixed their end.



They didn't hack into the server and browse files, they logged into the user's account. So it really doesn't matter how encrypted the files are, if you use a weak password....



And the CIA uses complex passwords, not their dog's name.

It wouldn't have mattered how strong their passwords were. The "find my phone" feature had -- until Sunday -- no protection against brute force attacks. This allowed hackers to try an UNLIMITED number of passwords without Apple ever locking the account or notifying the user.

The flaw in "find my phone" has been fixed now. But it was only fixed on Sunday, just AFTER the pictures were found. It was, in fact, FIXED DURING THE VERY SAME TIME Apple states they did their 40 hour investigation which -- according to them -- found no problem with "find my phone".

Their vaguely worded statement only says they were not "breached", which is technically true. Since after using the "find my phone" brute force attack, the hackers were able to login with the *correct* password. Technically, if you login with the correct password then its not a breach since iCloud is just doing what it is supposed to do when given a correct password.

The only "targeting and social engineering" was in finding these womens' AppleIDs.

Don't let Apple trick you into blaming the victims. Apple has behaved in a disgusting manner regarding this situation.





Posted via CB10

[raino]

Don't let Apple trick you into blaming the victims! Apple has behaved in a disgusting manner regarding this situation.

Is it really surprising, coming from the company that brought us "you're holding it wrong?"

[MB64]

Is it really surprising, coming from the company that brought us "you're holding it wrong?"

TWSS

Posted via CB10 with my z30

[TgeekB]

Are we all feeling better now?? LOL.

Proudly using a Blackberry Q10!

[lift]

Are we all feeling better now?? LOL.

Proudly using a Blackberry Q10!

Yeah we are. Aren't you?

[lift]

Are we all feeling better now?? LOL.

Proudly using a Blackberry Q10!

You seem upset or hurt that Apple messed-up. They should have had better security policies in place with their icloud. Now a lot of people are probably re-thinking Apple. As a true BlackBerry fan, I'm just elated.

[redlightblinking]

Are we all feeling better now?? LOL.

Proudly using a Blackberry Q10!

About what? Seems like a loaded question.

[mnc76]

Are we all feeling better now?? LOL.

Proudly using a Blackberry Q10!

The 100 or so women who's intimate photos are now being leered at by millions of strangers certainly aren't.

Posted via CB10

[gebco]

Apple CEO Denies a Lax Attitude Toward Security Allowed Hackers to Post Nude Photos of Celebrities

See link here:

http://m.us.wsj.com/articles/tim-coo...80977?mobile=y

Posted via CB10

[lift]

Apple CEO Denies a Lax Attitude Toward Security Allowed Hackers to Post Nude Photos of Celebrities

See link here:

Tim Cook Says Apple to Add Security Alerts for iCloud Users - WSJ

Posted via CB10

Of course they are going to try and deny it was their fault. They are in CYA and spin mode!

[gebco]

Of course they are going to try and deny it was their fault. They are in CYA and spin mode!

People will believe it. And will media question it?

Maybe I'm pessimistic but not so sure this will do much for BlackBerry, especially with consumers.

Posted via CB10

[lift]

People will believe it. And will media question it?

Maybe I'm pessimistic but not so sure this will do much for BlackBerry, especially with consumers.

Posted via CB10

Sad but true. I don't think it will do much for BlackBerry either. But you have to admit that BlackBerry has been getting mentioned a lot lately in the media because of this. Maybe, just maybe it may make some people see that BlackBerry is still very much alive and serious about security.

[mnc76]

Apple CEO Denies a Lax Attitude Toward Security Allowed Hackers to Post Nude Photos of Celebrities

See link here:

http://m.us.wsj.com/articles/tim-coo...80977?mobile=y

Posted via CB10

I wonder why he didn't mention that they added bruteforce protection on 'find my phone' on Sunday just after the photo leak was discovered?

I would have thought that'd be something he'd want everyone to know since it strengthens their security, and shows they are working to improve it.

Also: Why so few direct quotes from Tim Cook in this interview? He contributes only 2 or 3 sentences -- everything else is paraphrased by the author. I would like to hear exactly -- in his own words -- what Tim Cook had to say about how the photos were acquired.

On a somewhat related note... Here is an interesting article about how Apple uses the media :

From Apple fan site 9to5mac.com
Seeing Through the Illusion: Understanding Apple's Mastery of the Media

A relevent section of this article can be found here:

From Apple fan site 9to5mac.com
Part 3) Strategies: The "Art of Deep Background" and Controlling the Press


Posted via CB10

[TgeekB]

The 100 or so women who's intimate photos are now being leered at by millions of strangers certainly aren't.

Posted via CB10

Exactly my point. It's about the victims, not BlackBerry fans feeling good about their device choice.

Q10, N5, N10.

[TgeekB]

You seem upset or hurt that Apple messed-up. They should have had better security policies in place with their icloud. Now a lot of people are probably re-thinking Apple. As a true BlackBerry fan, I'm just elated.

I'm upset for the victims. It's not about me.

Q10, N5, N10.

[chickenman18]

Of course Apple isn't going to come out and say "Wow folks! Did we ever screw up!!" While Apple is a big company, those 100 or so young ladies who have had their privacy invaded have some financial means to take some legal action against Apple. Apple won't admit to anything unless they absolutely have to.

[GoJaysGo]

Do you really think this is to BlackBerry's advantage? How many people do you think are running to Blackberry because of this.

The answer is easy: 0.0 (Reference:
)

It's hard to just change to your phone vendor in the middle of your contract, and absorb the penalties. Average consumers don't care about this (or security) and business typically have policies that disable cloud service on mobile devices. Really there is nothing new here.

Apple will fix this, just like every other vendor, and hopefully beef it up, with two factor authentication, or something similar.

Do you really think any cloud offering from any vendor is 100% safe? It isn't. Trying googling (or DuckDuckGo if that's your thing) about cloud breaches. It's more amazing that Microsoft is getting zero press on this, since iCloud runs on Microsoft Azure.

I love that BlackBerry is touting how secure they are when they don't even have a consumer cloud offering... Security by obscurity is not security at all.

Apple will announce their new wares on Sept 9th, and they will sell 10's of million devices. BlackBerry will also announce their new wares this month, and won't sell 10's of millions of devices. The public will speak with their money, and they don't really care about security or at least to the levels that BlackBerry fanboys think you need to feel safe...

[undone]

Apples failure to properly secure access to any id/password system will lead CIOs and other IT personnel to really question if Apple devices are truly something to use in there businesses. Apps are great, but losing all your data ends your business.

Apple is a consumer company, not a business company. They spin the truth to hide the vulnerabilities. Business focused companies identify vulnerabilities, notify customers, release patches and bug fixes as well as outlining what they fixed, not try to white wash it. You just can't take Apple seriously if they can't admit in a straight forward manner what the issue was and how they fixed it. Having a problem isn't really the issue, it's how you deal with it.

[Playbook007]

People will believe it. And will media question it?

Maybe I'm pessimistic but not so sure this will do much for BlackBerry, especially with consumers.

Posted via CB10

Not so much with consumers, but definitely enterprise. This is such a basic breach of security......how can Apple claim to know enterprise security when this is so basic.

Posted via CB10

[Superfly_FR]

Don't derail the events.
What the #celebGate is bringing to the table is the focus on security. No one as of date can seriously discuss BlackBerry advantage right now.

This awareness is very positive for BlackBerry in the enterprise context, which is BlackBerry's target right now.

Don't care about the Joes' hype, it's not the time.
I posted various contributions, the latest in this thread was IMO (IT pro) a real shocker.

Others (IT anything) will now realize (more) what "security aware" means and will tend to make it mandatory in their selection process.

Posted via CB10