Apple aware of iCloud brute-force vulnerability six months before ‘Celebgate’

celebgate

The software developer credited by Apple for discovering last year’s developer center flaw says that he informed Apple of an iCloud weakness that may have been used to obtain celebrity nudes more than six months before the photos were accessed.

The Daily Dot reports that Ibrahim Balic advised Apple in March of a Find My Phone weakness that would allow brute-force attacks on iCloud accounts. It has been suggested that this may have been one of the methods used to access the accounts – or even complete iPhone backups – of celebrities …  Read more

NSA had almost total access to iPhones, including microphone & camera, says security researcher

The NSA could access almost all data stored on an iPhone, including location, text messages and contact lists – including the ability to activate both microphone and camera, according to a presentation by security researcher Jacob Appelbaum at the Chaos Communication Conference in Hamburg, Germany.

Appelbaum showed what he said were leaked NSA documents in which the agency claimed to have a “100 percent success rate” at installing spyware on iPhones. The documents date back to 2008, at which point the NSA needed physical access to an iPhone to install the spyware, but a remotely-installable version was said at the time to be in development.

Even needing physical access to the phone was seemingly not a barrier to the NSA …  Read more