In a recent interview with Charlie Rose on PBS, Apple CEO Tim Cook said that the iCloud breach that leaked private celebrity photos wasn\u2019t necessarily a security flaw on Apple\u2019s side, but rather the result of a targeted phishing scheme. The company has since activated two-factor authentication to help boost the security of iCloud, but one developer says he informed Apple about the vulnerability as long as six months before the attack took place.<\/p>\n
<\/p>\n
The Daily Dot<\/em> received an email from Ibrahim Balic, a well-known security expert who, as\u00a09to5Mac<\/em> notes, has alerted Apple to previous holes in the past. \u201cI found a new issue,\u201d his note reads.\u201d By this brute force attack method I can try over 20,000+ times passwords on any accounts. I think account lockout policy should be applied,\u201d he said in an e-maito Apple on March 26, which was obtained by\u00a0The Daily Dot.\u00a0<\/em><\/p>\n Balic received a response from Apple security that said \u201cit would take an extraordinarily long time to find a valid authentication token for an account,\u201d which suggests Apple believed it wasn\u2019t possible for hackers to flood the site with password guesses until one matched. Except, that\u2019s exactly what happened and what led to the breach.<\/p>\n Balic, which said that he himself was able to test 20,474 password combinations on a single account, argued that Apple didn\u2019t take his claims seriously enough to address the bug before iCloud was eventually hacked using the same method he alerted security about. As a result, hundreds of celebrity photos were spilled to the public, creating mistrust in Apple\u2019s iCloud security that Cook eventually had to address in a public letter to consumers.<\/p>\n SOURCE<\/span> THE DAILY DOT<\/a>, 9TO5MAC<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" In a recent interview with Charlie Rose on PBS, Apple CEO Tim Cook said that the iCloud breach that leaked private celebrity photos wasn\u2019t necessarily a security flaw on Apple\u2019s side, but rather the result of a targeted phishing scheme. The company has since activated two-factor authentication to help boost the security of iCloud, but […]<\/p>\n","protected":false},"author":2,"featured_media":2338,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[16],"tags":[35],"class_list":["post-2337","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet","tag-apple","et-has-post-format-content","et_post_format-et-post-format-standard"],"_links":{"self":[{"href":"https:\/\/kmtech.blog\/index.php?rest_route=\/wp\/v2\/posts\/2337","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kmtech.blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kmtech.blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kmtech.blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/kmtech.blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2337"}],"version-history":[{"count":0,"href":"https:\/\/kmtech.blog\/index.php?rest_route=\/wp\/v2\/posts\/2337\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kmtech.blog\/index.php?rest_route=\/wp\/v2\/media\/2338"}],"wp:attachment":[{"href":"https:\/\/kmtech.blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2337"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kmtech.blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2337"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kmtech.blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2337"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}