Disclaimer: In no way do I think that I am completely ignorant, but I do feel that I need to have a point of view about issues and this is what this blog is about.
When I opened up Google News to find the top story to post about today, and saw Jennifer Lawrence listed on the top of the list, I was a little surprised. I was fully expecting Ukraine or New Russia or Ebola or something more along those lines, but once I realized what the stories were referring to, it made more sense.
What we are really talking about here is internet security, specifically the “Cloud” and security of items stored in it. Apparently over the weekend, nude pictures of Jennifer Lawrence, Kate Upton and several other celebrities were posted on a site called 4chan, and then later also on Reddit. I have heard of Reddit, but never heard of 4chan, so I looked it up (No, I did not try to go on the site) to see what it was about
For all its cultural relevance, it’s possible you’ve never heard of 4chan. It’s not much to look at. Just a few pixels blinking on a page like something out of “Duck Hunt.”
The outdated design, however, belies its influence. Called one of the “darkest corners of the Web” by a New York Times writer and the “ninth circle of Hell,” 4chan twins the irreverent with the abhorrent, birthing wildly popular memes such as Lolcats while simultaneously hosting some of the most prurient content on the Internet.
The photos first appeared on 4chan, which is the Mos Eisley Cantina of the internet. Founded a decade ago as a forum for swapping anime pictures, it has become a popular place for posting controversial images of all kinds — including a lot of pornography.
4chan has had a large influence on the culture of the internet. It is generally credited as the birthplace of the LOLcat phenomenon and as well as rickrolling. The online quasi-movement Anonymous also emerged from 4chan message boards.
Anyone can post images on 4chan, and the site allows people to post anonymously. So we don’t know who posted the photos, and finding the culprit could prove challenging. One man who posted a message claiming responsibility and seeking bitcoin donations is now vehemently denying he was the source.
Some security experts have pointed to a security hole in Apple’s iCloud as one way hackers could have accessed the private images. Information about the vulnerability was posted online on August 30, a day before the photos first appeared online. Ordinarily, if someone tries to guess a user’s password over and over again, an online service will notice and limit the number of guesses someone can make. But Apple’s “Find My iPhone” service allowed a user to guess an unlimited number of times, which an attacker may have exploited to guess the victims’ passwords.
Apple has reportedly fixed the issue with the Find My Iphone app that allows people to repeatedly try passwords to login until they get it right, without being locked out of the site. As I understand it, this was a known issue that was not addressed until a crisis involving a celebrity came up. Something wrong with that in my opinion. People have been getting exploited for years, either as a revenge thing or just hateful people with no lives and nothing better to do, posting personal information or compromising photos of them for the world to see. Why wasn’t that a top news story?
Anyway, Apple released a statement:
“After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet,” Nat Kerris, an Apple spokeswoman, said in a statement. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.”
I heard about this story this morning on the radio, and the DJ just basically said “Stop putting nekked pictures on the internet and this won’t happen”. The scary part is that I am not so sure that most of what ends up “in the cloud”, was meant to be there. So many devices are now hooked up to the internet and have default settings that automatically will upload any information for free, no questions asked. People can take a picture in Michigan that can be seen in Japan within minutes, or seconds. Many services are out there that allow you to share your photos instantly to any computer that has that App within minutes of that picture being taken, most of us don’t think about the security of that picture or of the sick, twisted individuals that have nothing better to do than to hack into other people’s personal information.
Unfortunately, or fortunately depending on how you look at it, it took this happening to a celebrity in order for it to become news. From what I have been reading on several blogs, this happens all the time to us regular folks. Either for revenge purposes or just because of sick, twisted minds. But it took naked pictures of Jennifer Lawrence to actually get people to look at it, the issue, not the photos.
Some of the responses from security companies have been just as ignorant as the radio disc jockey I heard this morning:
In a conversation on Twitter this morning with Tal Klein, the vice president of strategy for the cloud security firm Adallom, Klein said there were two things to take away from this latest breach: “1. Don’t take pictures of your junk; it will end up on the Internet somehow at some point. 2. Not all security is equal
I did find one article that actually seemed to give good practicealadvice on securing your information on the internet
What can I do to prevent hackers from stealing my personal information?
There are several steps people — celebrity and otherwise — can take to lock down their online accounts.
• Enable two-factor authentication. As already mentioned, 2-factor authentication requires you to have your cell phone in addition to your password in order to access your online accounts. It’s a bit of a hassle but it’s one of the best ways to boost your online security.
• Don’t answer “security questions” honestly. Security questions are often the weakest point in an online service’s security, since someone could to figure out the name of your pet and the street where you grew up. Instead, treat the answers to these questions as a second password. Make up long, random answers, write them down on a piece of paper, and store that in a safe place.
• Avoid re-using sensitive passwords. It’s unrealistic to expect people to have a separate password for every online account. But you should at least avoid the same password for your most sensitive accounts (online banking and email for example) and less sensitive ones such as online gaming or discussion boards. A good strategy for keeping track of multiple passwords is to write them down and keep the paper in your wallet or purse. Password-management software is another good option.
• Enable the screen-locking feature on your phone. The tips so far have focused on thwarting online attackers, but you might also need to worry about someone snooping through your information after stealing your smartphone. All major mobile operating systems now offer a screen-locking feature that requires users to enter a short passphrase to unlock the phone. This feature may not keep determined hackers out, but it will certainly thwart casual thieves and may give you time to change your passwords before someone gains access to your online accounts.
What are the chances that people will actually take this advice? Probably slim to none. People do not want to take the time to do additional work, they want others to take care of that. Why should they be responsible for their own data stored on public servers in some air condition controlled environment in another state or another country?
This will happen again in my opinion, and we will all act surprised again….just my ignorant viewpoint