Skip to main content

Opinion: After the celebrity hacks, the vulnerability that still exists and what needs to be done

main

There are still many unknowns surrounding the leaked celebrity nudes. While Apple appears to have ruled out a theory that a Find My iPhone vulnerability allowed easy brute-force password attacks, some commentators are suggesting that the wording was sufficiently vague that this may indeed have been one route in. (Apple might be arguing that it’s not a breach if the correct password was required.)

But one thing does now appear clear: rather than a single hacker gaining wide access to iCloud, the photos were instead amassed over time by a number of different individuals likely using several different approaches. Phishing was doubtless one of them – some of the claimed emails from Apple are reasonably convincing to a non-techy person – but another was almost certainly to exploit one of the greatest weaknesses found in just about every online service, including iCloud: security questions.

[Update: Tim Cook has confirmed these were the two methods used] 

Security questions were, when first introduced, a fairly obvious solution to a common problem: people forgetting their passwords. The typical 9to5Mac reader probably uses a password manager to have strong, unique passwords for each site, but the average person on the street doesn’t. They either use the same password for almost everything, or they do their best to use different passwords and end up forgetting half of them.

Why security questions are hopeless

The problem, of course, is that if the legitimate owner of an account can use security questions to reveal or reset their password, so too can anyone else. Which wouldn’t be a problem if we could choose our own questions, and set them to things so obscure not even our best friend could guess the answer, but that’s generally not the case.

iCloud is a case in point. iCloud requires you to select three security questions, but each one has to be selected from a choice of just six questions (I’ve pulled all three sets into a single graphic for convenience):

1

Now, I’m not going to get specific here by revealing any personal information, so I’m going to use made-up examples, but I’m betting that most people can’t answer half of these questions. For example, did you have just one favorite singer or band in high school, or did it change numerous times? Can you remember the first film you ever saw in a theater? Do you have the faintest recollection where you flew to the first time you went on a plane?

So in reality, the choice of questions open to us is even smaller than it first appears.

Of the remaining questions, how many of them are known to multiple people? If you have a dream job, chances are you’ve mentioned it to quite a few friends. Your childhood nickname is known by everyone who went to school with you, and maybe to all of your friends today if you’re still known by the same nickname.

Of the ones that aren’t known, how many could be googled by someone who knows you? How many of them, in fact, can be found on your Facebook page?

If you’re a celebrity, the situation is a thousand times worse because you’ve given countless interviews where you’ve likely revealed all kinds of trivia about yourself, like your first pet or the model of your first car or … Well, most of these questions, in fact. Even if you haven’t answered the question yourself, there are numerous fan sites where people post trivia they’ve unearthed.

So security questions are a terrible form of protection for most of us, and an absolutely hopeless one for celebrities.

2fa

Two-factor authentication

Ok, you might argue, but iCloud – like quite a few other online services these days – offers the alternative of two-factor authentication. I use it myself, of course, and the more observant will have spotted that’s how I grabbed the security questions above: by pretending I wanted to switch it off.

For anyone unfamiliar with it, two-factor authentication requires you to enter a one-time code to access a service. This code might be generated by an app (Google Authenticator is a popular one) or sent as a text message, for example. But while iCloud offers two-factor authentication, it doesn’t require it for everything. It doesn’t require it for rather critical things, indeed.

I managed to spill wine on my iPhone a couple of days ago, effectively killing it. So yesterday I went to an Apple Store and took advantage of the fixed-price repair option to get a replacement (so at least I’ll have a shiny new one to ebay when I get an iPhone 6). In the store, I needed to use iCloud to first remove the old phone from my list of devices, and second to restore the iCloud backup to the new phone. Despite the fact that I accessed my iCloud account on an unknown device (a MacBook in the Apple Store), I didn’t need two-factor authentication for either task.

[Update: Apple will use push notifications to alert uses when a device is restored or someone logs into iCloud from an unknown device.]

apple

What should Apple do?

There is always a balancing act to be achieved between security and convenience. We could make iCloud, or any other service, incredibly secure by doing things like requiring a 256-character password with no elements within it found in a dictionary, require us to change that password monthly and add in compulsory two- or even three-factor authentication.

That kind of extreme clearly isn’t realistic, so we have to strike a sensible balance between protection and usability.

Apple is well aware of this. It’s the reason it introduced Touch ID on the iPhone 5s – because too many people either weren’t using a passcode at all or were setting too long a time-out, giving a thief plenty of time to gain access.

Touch ID will appear on the new iPads launched in the fall, and it can only be a matter of time before it makes it to Macs too. But I think there are four more things Apple should do.

First, make two-factor authentication the default option for everything, and mandatory for critical things like accessing iCloud on an unknown device and restoring from an iCloud backup. Sure, we might need workarounds for the worst-case scenario – an iPhone is the only Apple device someone owns and they just lost or destroyed that – but where two or more devices are owned, there is certainly no reason not to require confirmation via a second device.

[Update: Apple will be “aggressively encouraging” users to use two-factor authentication]

Second, allow people to choose their own security questions rather than select them from a dropdown. Then they can choose things that only they will know, and can make them as obscure as they wish.

Third, there was a really good specific idea posted by the ACLU today (via Gizmodo): build in a Private mode to the standard camera app. If someone wants to take a … sensitive photo, they can flip a toggle and that photo is stored only on their phone and excluded from iCloud backups.

Fourth, fix a vulnerability pointed out by Business Insider: stop confirming to anyone who wants to try that a particular email address is an Apple ID:

appleid

Steps you can take in the meantime

There are a number of things you can do to increase your own security in the meantime.

First, if you don’t already have strong, unique passwords for each online service and website you use, set aside a couple of hours to correct that. If you don’t have the time, make it. Online services get compromised all the time, and the first thing a hacker does with a bunch of login credentials from one service is to try them on a whole bunch of other ones. If you’re using a single login for multiple sites, the question isn’t whether you’ll get hacked, only when.

You can’t possibly remember a mass of strong passwords, but it’s painless enough if you use a password manager, and our own guide to will tell you everything you need to know.

Second, if you own your own domain, you can add even greater security to online logins by having unique email addresses as well as passwords. I have a domain I use for accessing online services, and can have whatever I like before the @ – all the emails arrive in the same place – so I have different email addresses for different services. Using a password manager, it’s no more hassle to have a gibberish email address than it is a gibberish password.

Third, don’t use real data unless you have to. If the passport office or my bank asks for my date of birth, I have to use my real one, but that doesn’t apply to the vast majority of websites out there. I have a fake date of birth I habitually use for websites that have no need to know the real one, which reduces my risk of identity theft. I’m so used to typing the fake date, I have to be careful when accessing those few sites that really need the correct one!

Fourth, just because you’re stuck with a limited range of security questions doesn’t mean you have to give truthful answers. Your answers needn’t even have anything to do with the questions, just so long as you have a technique for memorizing them, known as a mnemonic.

For example, when asked for the name of your first pet, you could have a mnemonic that runs pet = petting = first girlfriend. Or mother’s maiden name = maid = Marian. (No, these aren’t mine, I just made them up.)

You do need to remember that balance between security and convenience, of course. You don’t want your two-factor authentication to fail when your iPhone falls into a river and then realize you can’t remember the answers to any of the security questions. But half an hour spent memorizing some links for common security questions can vastly improve your security until such time as security questions are consigned to where they belong: history.

Finally, if you are taking photos you wouldn’t want other people to see, leave your iPhone and wifi-equipped camera alone and use a good old-fashioned non-connected one!

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. PMZanetti - 10 years ago

    Great article Ben. Seriously, top notch.

    • Ben Lovejoy - 10 years ago

      Thanks, PMZ, I appreciate the kind comment

      • BenRadUK - 10 years ago

        Agree with PMZ, great article Ben!
        Only thing I would question (sorry to be that guy) is how on earth could Apple avoid telling you that an email address is already in use? When you sign up for an Apple ID, you need to put in an email address. If that address is taken, you can’t progress…so in order to create an Apple ID, by definition, you have to be told if the email you suggest is already in use.
        Make sense? I just don’t see any way around that.
        That aside, this is key reading for most people, well done.

      • Ben Lovejoy - 10 years ago

        Many thanks, Ben – see below for one approach that could be taken.

    • bb1111116 - 10 years ago

      I’ll add my compliments for an excellent article.

      • Ben Lovejoy - 10 years ago

        Thanks, it’s appreciated.

  2. hobster (@hobtests) - 10 years ago

    What happened to my comment just published?

  3. parvc (@parvc) - 10 years ago

    if i request an email address as an id and am not able to then its pretty obvious its because its being used. How are you supposed to stop that? Don’t use email addresses? Still require a user name test to see if free. If fails test then it’s already exists.

    • Ben Lovejoy - 10 years ago

      The best way would be to silently handle it: seemingly allow the registration while emailing the address to advise that an attempt was made to use it.

      • parvc (@parvc) - 10 years ago

        But if i am unable to have the email address assigned to me it then I know it has already been registered. So i know something. Silent handle is not going to help.

      • Ben Lovejoy - 10 years ago

        Your automated tool wouldn’t know that, though. The way such tools work is trying thousands of email addresses and flagging ones that show up as in use. If Apple handled it silently, the hacker would have no way to tell the ID was valid.

      • parvc (@parvc) - 10 years ago

        your automated tool does it need to know. If it has not been assigned then you will eventually receive some sort of confirmation in some time in the future. You just need to write a script that checks whether you receive conformation?

      • Ben Lovejoy - 10 years ago

        You don’t own the email addresses you are trying so won’t receive anything

      • PMZanetti - 10 years ago

        How about making it submission-based, and emailing the current account holder of the IP address of the person attempting to register it

        :P

      • parvc (@parvc) - 10 years ago

        You are missing the point. The hacker is checking to see if that email exists by seeing if he can create a new email account with that email address.
        So, by the fact that you don’t receive anything implies that the email exists! Therefore you know that it exists and you can use that piece of information. If it doesn’t exist then you will receive information that you have been assigned that email address

        (ps the problem you described via BI also exists with gmail)

      • Ben Lovejoy - 10 years ago

        The hacker doesn’t own the email addresses he is testing (there would be no point in testing addresses you own)

      • parvc (@parvc) - 10 years ago

        Again, you are failing to understand my point. I never said they own the address they are testing. You are saying that.

        1. When you sign up for an email address you are asked to create an email address.
        2. You are informed whether your choice already exists. You cannot overcome that issue. If it does not exist then you are assigned that email address. If it does already exist then you are informed, whether silently or not.
        3. At some time you will know whether that email address is already taken. It could be immediately or later. But you have to be informed otherwise how else can you create a new email account.

        No where in my argument is there any assumption that the hacker owns the email address. Your claim about silent reply only works if someone is checking to see if an email already exists. Not when they are creating a new account.

      • Ben Lovejoy - 10 years ago

        We’re going in circles here. If it was silently handled by alerting the account owner and telling the hacker nothing, that would solve the issue.

    • Mike Knopp (@mknopp) - 10 years ago

      From another article detailing a lot of what Ben just covered the issue isn’t so much that Apple tells a user when an email is taken, which as many have pointed out Apple can’t really get around.

      The problem is how easy it is for a hacker to automate this process. Apparently, it is trivially easy to write a script which will check thousands of emails for their authenticity as accounts. Apple could help to alleviate this by making it less susceptible to this.

      This will not solve it by any means, but it is a step in the right direction.

      • pecospeet - 10 years ago

        Mike, au contraire. I think Apple (and others) could easily avoid telling someone that and address is in use.

        When setting up a new account, make it clear that any email address you use must belong to you. As soon as you enter an address for a new account, they send you a message to authenticate it before you are permitted to proceed. If you don’y get an email, all it tells you is you don’t own the address. It does not let you figure out whether that address is registered on their site.

      • Mike Knopp (@mknopp) - 10 years ago

        Not for all cases.

        Let me give an example.

        We bought an iPad for my daughter for her birthday. It was her first Apple device, so we created an iCloud account for her. The AppleID/iCloudID that we chose for her wasn’t linked to any prior existing email address. We created a completely new account name, which incidentally also created an iCloud email account for her at the exact same time.

        So, let’s say that I am John Doe and want to setup a brand new iCloud account with a currently non-existent iCloud email, john.doe@icloud.com. I can do this. However, your supposition is that when I sign up for this new account with this new email address that I am told absolutely nothing? Or perhaps that I am told congratulations your new account is ready to use, but in reality there was already a john.doe@icloud.com and my account wasn’t really created, but he was emailed that I tried setting up and account with his email?

        How exactly does that work?

        What happens when John Doe tries logging into his new account that doesn’t really exist because it was already used?

        The flaw with your supposition is that when creating a new iCloud account you can also create a completely new iCloud email address at the same time. Since this is possible I do not see any feasible way for Apple to not tell the person, “Sorry, but that iCloud account already exist. Try another account name.”

        Now, if it is setup like my mother-in-laws where she setup her iCloud account using a previously existing hotmail address, then what you are proposing would work just fine. However, not all iCloud accounts are setup using pre-existing email addresses. Which means that the email address cannot belong to you because it doesn’t exist yet. In point of fact, the creation of the iCloud account is at the same time an attempt to setup an email address.

  4. paulywalnuts23 - 10 years ago

    I don’t disagree with your comments from the article however in the end, even with what you suggest it all depends on the user, either a.) using the service provided properly or b.) making a security question or password that is hard enough that someone can’t figure it out, or that only the user knows. The weakest point in any security measure is always going to be the user and his or her desire to make the use of the device as simple as possible. Although things that Apple put into place could have helped contribute to the way these photos were obtained, like identifying if a Apple ID is valid or not, as time passes it is looking more and more like the real source of the security hole here was one of the celebs.

    • Ben Lovejoy - 10 years ago

      Absolutely – but there are still steps that can be taken to encourage/require certain levels of security. However, if someone uses the same password everywhere …

  5. Cadu (@cadujr) - 10 years ago

    There’s a serious problem if the idea of letting people chose their security questions. I acceded a webmail by accident one time and asked for the security question ( i was still thinking it was my e-mail at that time) and the security question i got was, be alive it or not, “the sun of god”…. i actually typed “jesus” and got full access to the guys e-mail … after that i sent him a e-mail telling him to change the “question”for something NOT know to 99% of humanity..

  6. Tyler Cohn - 10 years ago

    Great article! I love being able to an article nowadays with this much realism! I’ve already came across articles saying all these different levels of security to keep people’s privacy, but nobody has highlighted the fact that its just not practical. Everybody wants everything stupid-proof now, so if companies made it as secure as these articles proposed, consumers would get angry because they couldn’t access things as quickly and easily. Again, this was a stellar article. I wish more people were as sensible as you are.

    • Ben Lovejoy - 10 years ago

      Thanks, Tyler. We do seem to live in a knee-jerk world these days where there’s an immediate jump to one extreme or the other.

  7. Nothing makes up for the stupidity of some people, no matter how many times they are told, the stupid ones scream the loudest when it comes to being hacked etc…! I have 3 levels of passwords, the junk password, used on the junk email, for all the crap that you don’t need to be real, forums, purchasing sites etc, for which i never use my full name either, there are 4 of us with the same initials… ;) Another for everything that matters, with a 16 digit password that is completely random by way of numbers and letters that actually makes so much sense it is impossible to forget, then my log in, which is 24 digits…! And a real pain in the arse when i switch my phone on, but means i never have to worry… I know i am risking it with only 3 passwords, but they are so ridiculous that no one would come close. I recently used a website to check how secure they are, not the right ones, as i changed 6 digits in each, but number for number and letter for letter, it was in the 1000’s of years to crack using a pc… Haha

    • Ben Lovejoy - 10 years ago

      I used a very similar approach myself for years, but the problem is that any given class of password is only as secure as the least secure/competent/trustworthy site on which it is used. If you used the same password for Dropbox, Google Drive, iCloud and email, for example, any one of them being compromised gives a hacker access to the rest. A password manager allows you to have unique, strong logins for each site without even having to know what they are.

      • I only have iCloud for cloud anything, and a NAS drive other than that, nothing gets stored up there… 3-2-1 ;) 3 drives, 2 mirrored, 1 disconnected in a different location (Garage Basement, which is a separate building). I don’t trust my storage with anyone else…!!! 400,000 photos, 140,000 songs, 1350 movies among other things…!!!

  8. Klaus Dietrich Lange - 10 years ago

    If you have to use security questions you don´t need to rely on the “pet = petting = first girlfriend” trick only. If the question is “first pet” instead of first girlfriend “Michelle” you better use that 256 character random password you have saved in your password manager or jotted down on a piece of paper.

    • Ben Lovejoy - 10 years ago

      Absolutely, but as yet most password managers don’t offer to generate them for security questions

  9. Johnny M. Sanchez - 10 years ago

    Despite of an insightful article detailing the security of Apple Inc., websites such as 9to5Mac won’t band together with other sites to actually call justice against Apple for protecting your privacy. One way of doing this would be to completely blackout the Apple event next week and a planned event in October. Showcase to this company that you will not participate in this insane security flaw that will plague this company. Yes, people will still buy iPhones, iPads, and iPods, but I believe tech websites have so much influence to blackout Apple in an attempt raise awareness to this problem:

    On record this morning, Apple release App Store developers Review Guidelines and mentioned a section just for HealthKit. Look what they said in 27.3:

    27.3 – Apps using the HealthKit framework that store users’ health information in iCloud will be rejected.

    This is the most blunt way in which Apple is acknowledging that iCloud is simply unsafe and doesn’t work as advertised. If iCloud works and was completely secure, they wouldn’t reject anyone from putting health information from users. When will tech websites such as 9to5Mac make the privilege to block out Apple. Only cover Apple if and when they will make a significant change and overhaul to their iCloud service.

    Otherwise, despite of an insightful article, reporters like Ben, with all due respect are simply hypocrites. I don’t know these guys, but I would hope that standing up against a company that is clearly using them would be the best way to showcase that change is possible. Not covering Apple for a whole week for instance would showcase that privacy means a lot to a community that cares passionately about the company. Apple with their newest suites of devices and services will need to depend much more on iCloud. It’s simply a suggestion as it would showcase that privacy is vital to you. You have to ask yourself, what’s important? Covering a company that doesn’t care about privacy and continue to use you in attempt to bring customers to their company or privacy itself? Opinion pieces like this mean nothing if you don’t express awareness about this very disturbing problem.

    Any thoughts are welcome.

    • Ben Lovejoy - 10 years ago

      I think writing about things is a more effective way to communicate issues than not writing about things …

      • Johnny M. Sanchez - 10 years ago

        That’s a distinction without a difference because that doesn’t accomplish anything. What accomplishes something for tech websites such as yourselves to stop reporting about Apple. A great way to do that is their event. Blacklist the event. Don’t have them the credit you keep doing so. Apple needs websites like yours to inform customers about their products. I know you are trying to stay cutting edge because it’s 9to5Mac, it’s an Apple related website.

        Writing about cancer is not a more effective way to communicate issues involving around it than not writing about cancer (For Example). If you focus on removing the aspect of discussion involving Apple, than Apple is affected. Customers could go elsewhere, but will find less information regarding their services and products. Blacklisting Apple allows you to send a message the tech world that breaking privacy is not acceptable. You depends on visitors to fund the website. Who did you write this opinion piece for? For your health. I doubt it. If there was a unique way for 9to5Mac and other tech websites to not participate in discussing Apple information; one way is don’t go the Apple event entirely, that would showcase a lot in Apple’s eyes. They can acknowledge, we’ve hurt our customer base and we must make this right. Otherwise, what happens? More and more, hour by hour, there are more invades of privacy that will and can happen thank you to Apple.

    • dpkonofa (@dpkonofa) - 10 years ago

      You must be dense. Apple uses better/higher protections on iCloud than nearly every other company out there. As Ben already pointed out, no matter how much work Apple does, it’s not going to stop people from setting their passwords and security questions to “Jesus” and “Password”. The user is always going to be the weakest link no matter what.

      • Johnny M. Sanchez - 10 years ago

        You must be dense, delusional, and completely out-of-wack. We are talking about a company that can’t admit to their mistake.

        Once again, this is what they stated this morning regarding HealthKit:

        27.3 – Apps using the HealthKit framework that store users’ health information in iCloud will be rejected.

        Get the facts straight. They are stating quite clear that they do not want app developers to store information, in this example, health information on the cloud, but all other types of information is acceptable? That’s what this company advertises with iCloud. Contacts, texts, photos, etc. It’s quite clear who’s dense. Read about what this statement declares for Apple. They’ll reject any app which stores health information, but everything else that iCloud stores is okay, other apps like Messages, Mail, Settings, Photos, etc.? I’m sure it doesn’t need to spelled out this far and hope you get it.

      • Felipe Castillo (@fcs132) - 10 years ago

        I Agree. Everything and anything could eventually be hacked. Didn’t some of the largest banks get hacked about a week ago? It doesn’t mean that we’ll stop using their services, and stop storing our money there. It isn’t really Apple’s fault, like Johnny S. implicates.

    • Mike Knopp (@mknopp) - 10 years ago

      My suggestion to you is that you stop using all electronic devices until they are “completely secure”.

      There that should take care of any of us needing to listen to you for the rest of eternity.

      I am sorry, but if you think that there is such a fairy tale as “completely secure” then you have no business lecturing anyone on the realities of what should be done.

      Apple and other companies can certainly do more to make things more secure. But it is ridiculous to think that anyone can make any electronic device or cloud medium completely secure.

  10. Great article! Just one small correction : when two-factor authentication fails because you lost your only device you don’t use your security questions to log in, you use a recovery key you get when you turn on two-factor authentication. You are suppose to print this key out and store it in a safe place. With your AppleID, password and this key you can get in without your device. Google and other services have similar recovery keys too.

    • Ben Lovejoy - 10 years ago

      Thanks, Benoit. I’m not sure what the fallback is if you don’t have your recovery key?

  11. bobborries - 10 years ago

    Apple has a huge problem here, I hope the rumored “Apple doesn’t care” is untrue, but how do they convince everybody they’re Healthkit data stays private, let alone NFC payment info.

  12. William Robinson - 10 years ago

    As I pointed out in another thread, there is no reason you need to program your security questions with correct answers. If your grandmother’s maiden name is obtainable on Facebook or Geni etc. you need not use her real name, just use a name that you will remember. Same for any data asked for as security questions. You are not required to be accurate, only consistent. Don’t use data that others can find: create unique info known only to you.

    • davidgoscinny - 10 years ago

      I would take it one step further & use made up name/places, etc. “Who is your uncle? Count Dracula. Name of your first pet? Robocop.”

      Just use very unlikely answers and store them somewhere secure (inside a 1password, on a piece of paper in your wallet or something similar) as remembering them might be quite the challenge. :-P

  13. Erik Bean - 10 years ago

    This is not a problem with iCloud like everyone thinks it is, this is a problem with people using week passwords. Only thing Apple could do is put a block in the system (kinda like a wall) where if you fail a password attempt so many time it locks your account. The problem is week passwords. This can be done on Yahoo, Google, even CNet if there is no wall to stop someone from attempting multiple password attempts. They can try for YEARS without anyone knowing (but its more like hours or even less if the user has a week enough password)!

    This is all coming from a programmer who used to do this to get passed Windows passwords this way in High School for unrestricted access!

    • Paco Santiago - 10 years ago

      Haha good times. My high school had a testing user called “ONET” (apparently it stood for “one teacher”) that we found and guessed. the password was something trivial. Instant Power User account for me and all my friends. So much more useful than the shitty locked-down student accounts. Not much changes.

  14. Paco Santiago - 10 years ago

    My security question strategy, where the site needs to be very secure, no 2-factor is available, and security questions are required:
    1. Make up a few unique (single-use) random passwords with letters, numbers, and symbols, and put one in for each security question.
    2. Print and store this list in a safe at home:
    > First girlfriend: N#&Jxs!
    > High school: #(JFD–e
    > etc.

    For a site which is less important or one that asks me the security questions all the damn time, I store the passwords and “security question answers” in a note on iCloud for convenience, and of course iCloud is set up to use 2-factor auth and I use Touch ID. Really, everyone needs to start offering 2-factor, and everyone needs to start using it too.

  15. herb02135go - 10 years ago

    Great article, Ben. One of the most helpful I’ve read in a while.

    I’m glad that yiu mentioned the shared responsibility between Apple and its users.

    I also favor user-created security questions.
    One financial website I know has 8 options. Seven of the questions are related to marriage or children. So if a childless/single person wants to answer them honestly they have only one question.

  16. My easy-simple solution involves taking naked pictures no one would want to see.

  17. dacinin - 10 years ago

    How is a password manager like 1Password different than keychain built into OSX/iOS?

    • davidgoscinny - 10 years ago

      There are many advantages even though the keychain built in iOS & OS X will suffice for most.

      Advantages include a granular control over how your random password is generated (how many max characters, how many digits, how many special characters, can characters repeat, etc.). You can also store other things like credit cards (keychain does that as well), passports, secure notes (which can contain anything you want, including answers to security questions, recovery codes, etc.), software licenses (serial numbers, etc.). It can detect if you have duplicate accounts, can remind you to change them every 6 months, 12 months, etc.

      I’ll stop here or it’ll start to look like I work for them…

    • Ben Lovejoy - 10 years ago

      Safari now does the same job, just not quite as flexibly as LastPass

      • davidgoscinny - 10 years ago

        Well that must be some features from Yosemity & I can’t wait to try them out later this year (haven’t tried the open beta).

  18. “hacking” an email account is probably one of the easiest things someone could do. It’s even easier if you know the person. Secret Questions as authentication factors are seriously terrible. Let’s say that I want to “hack” an email of my next door neighbor. I can say “forgot password” and then “answer with secret question”. The secret questions are usually something like “whats my dogs name?”. Well, I live next door to you, and I see your dog Spot every day. So I know that. “What college did I go to?”. Well, I see your USC Alumni license plate in the drive way. Now I’m in, I’ve reset your email password. Now I can “forget” your bank passwords and have new ones sent to your compromised email and have a hay day with whatever I want that you use that email with.

    Two factor authentication is really whats needed here.

    • davidgoscinny - 10 years ago

      2-factor wouldn’t have changed a thing. It’s been mentioned a couple of times already.

  19. incredibilistic - 10 years ago

    “Finally, if you are taking photos you wouldn’t want other people to see, leave your iPhone and wifi-equipped camera alone and use a good old-fashioned non-connected one!”

    The article was great and took a very nonjudgmental and civil approach to the vulnerabilities of Apple’s iCloud service but the last quote is the most important.

    it’s hard for me to understand how a celebrity can claim that their naked body is so sacred yet not use sound judgement when taking nude photos.

    “I’m ready baby, let’s take some…up, hold on, wait, is that my phone or yours? Do you have PhotoStream or Google+ turned on by default so that it backs up to the cloud? Can you grab the DSLR instead…the one without the WIFI SD card? Or maybe get the Polaroid? On second thought, I’m naked, let’s just capture this moment in our memory. I think we have enough storage in our brains to remember tonight and unless we take roofies it won’t get erased.”

    I also think it’s incredibly moronic for us to believe that technology should do ALL the work so we can continue living irresponsibly. This is why SkyNet will take over, because we don’t give a crap what happens so long as the machines are doing the work and the thinking for us.

    With all that said, I believe Apple has no choice but to adopt new security measures to ensure they’re never in the news for this again. They can be forgiven once for having outdated security provisions but if happens again they’ll be hell to pay.

    But just like the day after a plane crash everyone’s taking extra special care not to be hacked.

  20. Antonios Bouris - 10 years ago

    Apple lacks creativity to its approach about security.

    They might consider all available factors like fingerprints, physical gps location, languages, personal preferences, phone settings, images, voice recognition, other technologies with external connected sensors, personal NFCs, QRcodes or virtual reality technology based on physical elements like aurasma, contacts, game scores or achievements, social media activities, health status, physical differences like heartbeats, family statuses, etc.

    Then define the standards and the minimum requirements and let the people create or choose their combination recipes.

  21. Joe Joe - 10 years ago

    Simple answer to this is Apple using/demanding Touch ID. A non-tech person understands the simplicity of this.

  22. robertvarga79 - 10 years ago

    You really write for us, seemingly. Thank you. And yes, I also turned on 2-step verification, and additionally changed my password too ( even stronger than before)

    Greetings

  23. John Smith - 10 years ago

    I enjoyed reading this article as it vindicated pretty much what I’ve been saying for a long time. Which is that the main reason this hack happened is because of poor security practice by the celebs. I try to educate people all the time on security and I always get the same response, “that’s just paranoid”. There is no such thing as being paranoid with security, especially online.
    Over 23% of people still use password/password1234 as their password, and choose silly password reminders that are easy to figure out as the article mentioned.
    Security should be a habit not a chore…rule 10

    If you are not ‘paranoid’ then you run the risk that someone will be cleverer than you and will go to great lengths to hack you. so by being ‘paranoid’ and making it so hard the hacker gets bored and gives up helps prevent anyone not working for the NSA/GCHq.
    I know what I am talking about as my father worked for the military and spent time with GCHQ.
    Just to use his work laptop you needed to do the following

    1)know what keys to press and when just to boot up, after pressing the power button
    2)then enter a username and complex password at least 14 characters long including numbers, letters, uppercase letters and special characters.
    3) Then at a menu screen press more keys in right order, after choosing the right option.
    4) then this gets you to enter a 2nd username and password that are different to the first, but the password has to be as complex.
    5) then you have to finally enter a third username and complex password, then it boots up the operating system whereby he had to enter his windows password.

    If he got it wrong just once the laptop was designed to shut down and then was only able to be booted up again by the right person which was not my dad.
    the hard drive was encrypted to the highest military standards.

    all this just for his laptop.lol! the point is that it was a pain in the **** for my father but it would have been a bigger pain for any hacker, thus making it as secure as reasonably possible. It even was not allowed to be connected to the internet.
    I go to similar lengths to keep hackers out.
    if we all did the same then the hackers would give up and only a handful clever and determined enough would keep trying.

  24. John Smith - 10 years ago

    HOW TO HAVE GOOD PASSWORD SECURITY WITHOUT RELYING ON PASSWORD MANAGERS
    =============================================================================

    I wish to state the while password managers are a good idea, they can be open to being hacked (though some are better than others). i just think that we should rely on password mangers as little as possible.
    Here is a step by step guide to what I consider good password security
    I also wish to say that I know not everyone will or can go to the steps mentioned in which case take your own steps and if you get hacked don’t say i didn’t warn you

    1)purchase your own domain name and choose a hard to guess name
    2)choose a host and pick a hosting option. Most hosts will offer a cheap option just for Email accounts. They give you tons of Email accounts and aliases etc.
    3)For every website you have to register an account for create an Email address on your domain. Choose something hard to guess but easy to remember such as

    the name of the website plus at least 6 numbers at the end, that only you know. Don’t choose dates of birth for you, your partner, children or anyone you know. Avoid phone numbers or anything else directly personal.
    This way the worst case is a that a hacker would guess the first part of the email but not the numbers. They may with effort brute force the rest but it would take time.
    Then you create a password that avoids anything personally direct. One way is to choose a phrase you will remember and no body knows, then take the first letter from every word. Then change certain letters for upper case(it could be every other letter, just the first 3, last 3 etc) then add numbers at certain points(making the password longer)
    This then would result in a complex password that is easy to remember as you only need remember the phrase and a couple of rules I.E

    for the website http://www.apple.com you could
    have the email apple531540@mydomain.com
    then the password would be:
    the phrase could be i hate my wifes interfering family. This would translate to
    ihmwif

    change every other letter for upper case giving
    iHmWiF

    then add numbers after, say, every lower case letter, giving
    i2Hm4Wi9F

    thus having a password hard to guess but easy to remember, and every site would have different passwords without having to rely on software which will always be the weak link in the chain.

    there is of course scope to be even more secure, but I didn’t want to get carried away.

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear