Don’t let online hackers get into your home … directory. Photo: Scott Schiller/Flickr CC Flickr
We all make compromises daily when it comes to online security. Everybody wants to be safe and secure when making purchases online, but practically none of us do everything necessary to keep our data secure.
“People, myself included, are basically lazy,” web developer Joe Tortuga told Cult of Mac, “and ease of use is inversely related to security. If it’s too difficult, then people just won’t do it.”
With all the recent hacks into private as well as corporate data — like the credit card grab from Home Depot and the hack into Sony’s files, there’s no better time to learn some of the things we all can do to protect ourselves. We spoke to some online security experts to get their advice.
Update: A Dropbox spokesperson has confirmed that its service has not been hacked and that the exposed logins were mostly expired and harvested from third-party services. More information below.
An anonymous party has allegedly hacked 6,937,081 Dropbox accounts and gained access to email addresses and passwords in plain text. Hundreds of account emails and passwords have been posted online as proof, with whoever is responsible claiming that more will be shared after receiving Bitcoin donations.
Blame for the flood of celebrity nude photos that hit the Internet has been rotating from the pervy hackers that ripped the pics, to Apple, to the creator of iBrute, but while the FBI and Apple continue to investigate the source of the leak, there’s one tool that has gone unmentioned: the police forensic tool that made it all possible.
One of the key elements behind the iCloud nudes leak is a piece of software created by Elcomsoft that allows attackers to impersonate a target’s iPhone and download its entire iCloud backup, and you don’t even have to be a cop to get it.
Apple flat-out denies that an iCloud security breach led to the trove of celebrity nudes that leaked over Labor Day weekend. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone,” said the company in a statement.
Private photos of stars like Jennifer Lawrence were posted on the internet over the weekend, and initial reports pinned the hack on a flaw in iCloud’s login security.
The idea behind Secret is that you can share anything to your social circle with the comfort of total anonymity. Users’ identities are kept hidden, and that’s what’s supposed to make the app enjoyable or whatever.
As it turns out, it’s not that hard to see who someone actually is on Secret. The catch is that you need their email address.
Step away from the light with Yosemite’s dark mode, photo Buster Hein
OS X Yosemite is the biggest visual overhaul Apple’s made to the Mac in years, but developers at WWDC seemed most excited about one tiny UI tweak – dark mode.
Beta testers eager to try out the the new OS X 10.10 feature were disappointed to find out it didn’t make it into the first Yosemite beta, but our friend Jean-David Gadina, from the DiskAid developers team, has done some digging into the OS X Yosemite beta and discovered a new file not present in Mavericks that can be manipulated to enable the hidden dark mode feature.
The exploit, which is called DoulCi (“iCloud” backward), has already been used thousands of times on locked iPhones and iPads around the world. It’s the work of a pair of anonymous hackers, who cracked Apple’s theft-deterrent measure by tricking lost or stolen iOS devices into thinking they are being reactivated by Apple’s servers.
When we originally posted about winocm’s magic iPad 2 that could boot between iOS 5, iOS 6 and iOS 7 at will, we said that “the elite skills necessary to hack your iPad to dual boot operating systems is beyond the ability of most of us mortals, and it’s unlikely winocm will ever make this process friendly for the everyman.”
Then, just yesterday, we took it all back: winocm wasgoing to release the hack that allowed him to dual boot operating systems on his iPad. Schizo-iPads would soon be available to everyone! We were wrong!
Today, though, winocm has released his hack, and guess what? It’s a bunch of github code that you need to have “elite skills… beyond the ability of most of us mortals” to install… definitely not a “process friendly for the everyman.”