110799

Apple to increase iCloud security measures after breach

Tim Cook speaks out on scandal for first time, says he is "outraged" by the hacking

Technology trends and news by Steven Loeb
September 5, 2014 | Comments
Short URL: http://vator.tv/n/38f9

Apple obviously still has a lot of explaining to do when it comes to the huge celebrity photo hacking scandal that everyone was talking about this past weekend, in which female celebrities that included Jennifer Lawrence, Kate Upton and Kirsten Dunst, had naked pictures of themselves leaked onto the Internet for all to see. 

The company has previously stated that there was no problem on the back-end of iCloud; there were no security flaws that allowed it to be breached. The problem, they said, was on the front-end, meaning security questions and passwords.

So it should be no surprise that that is what Apple will be focusing on a measure to prevent this kind of thing from happening again.

Speaking about the hacking incident for the first time, Apple CEO Tim Cook told the Wall Street Journal on Thursday that, over the next week or two, will begin sending out notifications to users when there has been activity on their iCloud account.

That includes anytime someone tries to change an account password, restore iCloud data to a new device or when a device logs into an account for the first time. Apple will start alerting users via both email and push notifications, rather than just e-mail. In fact, there were previously no notifications at all when iCloud data was restored.

Sending out push notifications will allow users to learn of any potentially suspicious activity quicker, rather than having to wait until they check their e-mail.

In addition, the company will "broaden" its use of "two-factor authentication," in which a user has to be able to have a password, as well as either a separate four-digit one-time code or a long access key given to the user when they signed up for the service, in order to sign in. 

If the celebrities who were hacked had been using two-fact authentification, he said, then their data would have been protected. 

As you can see Apple, and Cook, are still blaming what happened on the victims in the situation. The only measure of responsibility that the company is taking is that it did not do enough to fully instruct its users on how to fully protect themselves.

"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," Cook said told the Journal. "I think we have a responsibility to ratchet that up. That's not really an engineering thing."

In addition, he said that he was "outraged"  and that it wants "do everything we can do to protect our customers."

Though Apple also said there had been no breach in Find my iPhone, at least one security flaw, which did not put a limit on the number of times someone can try to input a username and password, was subsequently discovered. Apple immediately fixed the problem.

For Apple and Cook, this scandal is turning into a major PR disaster, with many openly questioning Apple's ability to safely secure their private data. Even if the company does not believe that there were any security flaws on its end, it might still be a good move to show people that they are upping measures on the back-end as well.

(Image source: techaeris.com)

blog comments powered by Disqus