SAN FRANCISCO – The hacking of Apple iCloud accounts – which saw nude selfie photos of many famous movie stars revealed publicly – has the storage industry reeling as security experts question the efficacy of the cloud. They’re lining up to warn clients about vulnerabilities in the cloud system that leave it open to data mining and phishing.
Newspapers are running articles about how to disable an iPhone from iCloud and warn users about storing sensitive material on iPhones.
Doubts about the iCloud Keychain service, which synchronises various Apple devices, surfaced on the weekend at the Defcon conference on computer security in Russia.
Researchers Andrey Belenko and Alexey Troshichev both said they had discovered different flaws in Apple’s cloud storage infrastructure.
Belenko said Keychain’s default four-digit code, which was set by Apple, was easy to crack. Troshichev said it was open to data mining and phishing because there were no limits on how many times wrong passwords could be entered into the system.
The incident has overshadowed Apple’s launch of the iPhone 6, expected on September 9.
In a rare move, Apple’s PR people, usually silent during a crisis, rebuffed a Sydney Morning Herald story which claimed all iCloud accounts had been affected, forcing the newspaper to apologise.
Apple denied iCloud had been compromised, instead blaming the victims for not properly securing their individual accounts.
Apple’s drawbridge was then quickly shut, with the company hoping the affair would blow over before the new iPhone debut.
The main suspect in the nude photo leak, 27-year-old Bryan Hamade, has denied he is responsible.
Hamade, who goes by the username BluntMastermind, is accused of displaying a folder of the hacked images through photo-sharing site Imgur. His brother says the FBI, which is investigating the case, hasn’t interviewed him.