"Now I want to talk about icloud." We spent some time on this project and I am personally very excited about it. "Jobs did so in 2011 at the Apple Global Developers Conference (WWDC)," he said of the day's focus-icloud. When big "free" appeared on the large screen, jobs quietly enjoyed the cheers of the station with his hands on his back.
Jobs would not have imagined that the product he was excited about would have angered many American actresses in a few years.
September 1, a number of American star actress like Jennifer, Kate Er, Ally Anna Grande and Victoria Jasti, such as nude photos of a succession of exposure, there is a source of information that hackers have attacked multiple icloud account. It is still unclear how hackers hacked into icloud storage services to get photos of Lawrence, Ernie and other celebrities, but icloud's security has been widely questioned by the public.
"The root cause of the photo leak is that the cloud service account is stolen." "360 security expert Anyan to the" First financial daily "reporter said that hackers can use" collision "and other ways to steal the number, in addition to the service provider's user database leakage may also cause all users face the risk of theft.
In fact, this is not the first time Apple products involved in the "leak" incident, iOS has been exposed to a number of "secret back door."
In mid-August, Apple also issued a statement from abroad to China Telecom cloud storage for data from Chinese users, saying that cloud service providers should strengthen the network security protection of data center, fix the loophole in time, prevent hacker to invade and hit the bank pilfer number attack.
A loophole in the cloud
Most Apple users are certainly not unfamiliar with icloud, a new cloud storage service icloud Apple unveiled at the 2011 WWDC Conference. The service provides 5GB of free storage space for users, and users can back up private data such as contacts, mails, photos, etc. through icloud. Apple CEO Cook has said icloud is part of Apple's strategy for the next 10 years.
But apparently he did not take into account the impact of the hackers.
There are reports that hackers use icloud storage service vulnerabilities to retrieve celebrity photos, which are posted on foreign 4chan forums where hackers try to earn Bitcoin.
The hacker who released the photos claimed that he owned more than 60 photos of Lawrence, not all of which were nude, and included a photo from a bathing suit.
In theory, such violations may also occur in any Apple user who uses icloud services.
"In fact, in the big data age, it's not easy to protect your privacy, and it's only a matter of time before a hacker is willing to break anything he wants to penetrate," he said. "Wang Dengko, the director of the Cool Internet Center told the first financial daily reporter, data to the cloud transmission process, the password to the server process and cloud storage process are likely to suffer from hackers."
ICloud has been known for its extreme ease of use, but, like other cloud service providers, ICloud data is synchronized on a variety of devices, and once the device has been compromised, the risk of a privacy leak can be raised.
Anyan thinks, this account is stolen three kinds of possibility: first, the icloud account uses the commonly used registered mailbox and the password, the hacker may use "The collision storehouse" the way carries on the pilfer number (hacker invades some security inferior website, steals the user to register the mailbox and the password, in icloud and so on important website or the service attempts to login) Second, the service provider's user database leaks, causing all users to face the risk of theft; third, the equipment or network environment security problems, such as device infection Trojan virus, or in the hacker's phishing account, may lead to account password leakage.
Previously, netizens have exposed a major flaw in Apple's icloud system, which could turn off the "Find My iphone" feature without a password. Although Apple has also begun to tighten account security for icloud and Apple IDs, it has added dual identity authentication to the account login process, but has not avoided security vulnerabilities.
In the face of the leak, Lawrence's spokesman said: "This is a flagrant violation of privacy." We have contacted the department concerned, and those who released Lawrence's stolen photos will be prosecuted. ”
Data security in the mobile age
More and more large companies are beginning to invest in the data security field.
August 7, Facebook announced that it would buy Internet security enterprise PrivateCore, which could help Facebook protect servers from "malware, unauthorized physical access, and malicious hardware devices." Joe Sullivan, Chief security officer at Facebook, said: "There is a lot of concern about data security for services such as Facebook and Chow Sullivan." ”
August 12, IBM completed acquisition of Cloud hosting security Service provider Lighthouse Through this acquisition, GROUP.IBM offers a unique set of identity and access management products that integrate proven software and analytics technologies with professional hosting services to facilitate the handling of complex security issues for businesses in the digital world.
Twitter also bought a small cipher security start-up, Mitro, last month to help it improve its geo-positioning capabilities.
In reality, however, security vulnerabilities are still occurring.
"From the current situation in the mobile phone industry, most handset makers are not prepared enough to face security problems," Wang Dengko told the first financial news reporter. Wang Dengko said that information security encryption from a technical perspective is mature, but how to integrate with their own products need a process. In addition, nothing is absolutely safe, if you want to crack the password, it takes only time.
"In terms of earnings, security inputs are not directly productive. General mobile phone manufacturers said to build data center, not on the hard to achieve, such as 500 servers, 1 50,000, is 25 million of the cost, as well as the data center to bring bandwidth costs and traffic are to be considered factors. "Wang Dengko said.
However, Wang Dengko to this reporter that he believes that cloud storage is still the future trend, data to the cloud transmission process, the enterprise can encrypt transmission channels, and in the cloud, the enterprise can also make a specific key to prevent hacker intrusion.
Anyan to reporters, cloud service providers to strengthen the data center of the network security protection, timely repair loopholes, to prevent hackers and hit the library and other stolen number attack. In addition to the important data encryption protection, but more importantly, to provide users with a higher level of user authentication mechanism, access to important data recommended to use multiple authentication, rather than relying only on account password.
"And for ordinary netizens, mobile phones, computers need to open security software, prevention and killing Trojan virus, some important account must be set up a separate password, and regularly change the password, to avoid using other people's equipment or not trusted WiFi network login account." Anyan told the newspaper reporter.
(Responsible editor: Lvguang)