Celebrity statements, pervert Googling and iCloud is what I could gather from this recent storm of news about Private Data leak. As some of the top models and actresses’ personal data was leaked by someone on a Forum, Internet woke up and realized that the so-called trusty Cloud services of major tech companies aren't as safe as we thought.
Lets start from the beginning. A perpetrator posted nude photos of several female celebrities including famous names such as Jennifer Lawrence and Kate Upton on a Forum called 4chan. He only showed few photos and showed glimpses of the rest, demanding money for them. To make the situation worse, the Forum ‘4chan’ didn’t take down those Photos.
How did He Get In?
The supposed hacker got these Images and videos from the personal devices of the celebrities. To be specific, iPhones. Since our lovely Cupertino company pushes its users to put everything on its iCloud, so did the Celebs and paid a heavy price. The hacker used the ‘Find My iPhone’ feature in the Apple devices and launched a Brute Force Attack on it eventually cracking their accounts. Brute force is basically a computer program guessing passwords at a incredibly fast rate. Apple fixed the vulnerability yesterday.
Why Not the Cloud!
Most of us now use cloud storages to store out important data. It is easy to access for anywhere and provides loads of space. BUT, the reality is different and hidden under the utility and charm of cloud storage.
Data was conventionally stored in Hard drives, flash disks and network drives until Cloud storages took over. While the device was in your possession, your data was safe. Paranoid personalities password protected their drives to make it more secure. Cloud storage, on the other hand, only has one line of defense between your data and a potential hacker, Your ID and Password. While many companies offer two-step authentication processes, they are cumbersome and avoided by many.
Automatic Data Sync from your gadgets is a tool everyone loves cause it saves a lot of time. But it does result in such unpleasant incidents. While all of your data is synced to services like iCloud, Dropbox and One Drive, it is pertinent that users should review their Synced data regularly and remove any potentially harmful files. Since everything done (even in a whim) is uploaded to clouds, it is wise to recheck it after a month or so.
One of the most dangerous Cloud service cum social media is Facebook. While People mostly post photos of themselves to Facebook they want to share, if you keep a private photo folder on Facebook, get rid of it. Facebook can track your activity based on your sign-ins as it keeps record of every sign and its corresponding IP Address and in court-of-law, each and every Album of yours will be available to lawyers even if its private.
The data you upload on the Cloud storages is physically out of your reach, it is in the reach of anyone who develops an interest in you. Since Snowden uncovered Big Brothers’ actions on their buildings, it is wise not to keep every little detail of your life on plate for NSA.
Social Engineering is a term that might be new to you but it is very much alive. It is basically making the tech support believe with little or no information that you are the person who you claim to be and get access to someone’s account. A tech journalist Mat Honan was a victim on such and attack in 2012 as all his tech related accounts were hacked!
So next time you think about putting it on the Cloud, Think Again!