Update: A Dropbox spokesperson has confirmed that its service has not been hacked and that the exposed logins were mostly expired and harvested from third-party services. More information below.
An anonymous party has allegedly hacked 6,937,081 Dropbox accounts and gained access to email addresses and passwords in plain text. Hundreds of account emails and passwords have been posted online as proof, with whoever is responsible claiming that more will be shared after receiving Bitcoin donations.
Blame for the flood of celebrity nude photos that hit the Internet has been rotating from the pervy hackers that ripped the pics, to Apple, to the creator of iBrute, but while the FBI and Apple continue to investigate the source of the leak, there’s one tool that has gone unmentioned: the police forensic tool that made it all possible.
One of the key elements behind the iCloud nudes leak is a piece of software created by Elcomsoft that allows attackers to impersonate a target’s iPhone and download its entire iCloud backup, and you don’t even have to be a cop to get it.
Apple flat-out denies that an iCloud security breach led to the trove of celebrity nudes that leaked over Labor Day weekend. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone,” said the company in a statement.
Private photos of stars like Jennifer Lawrence were posted on the internet over the weekend, and initial reports pinned the hack on a flaw in iCloud’s login security.
The idea behind Secret is that you can share anything to your social circle with the comfort of total anonymity. Users’ identities are kept hidden, and that’s what’s supposed to make the app enjoyable or whatever.
As it turns out, it’s not that hard to see who someone actually is on Secret. The catch is that you need their email address.
Step away from the light with Yosemite’s dark mode, photo Buster Hein
OS X Yosemite is the biggest visual overhaul Apple’s made to the Mac in years, but developers at WWDC seemed most excited about one tiny UI tweak – dark mode.
Beta testers eager to try out the the new OS X 10.10 feature were disappointed to find out it didn’t make it into the first Yosemite beta, but our friend Jean-David Gadina, from the DiskAid developers team, has done some digging into the OS X Yosemite beta and discovered a new file not present in Mavericks that can be manipulated to enable the hidden dark mode feature.
The exploit, which is called DoulCi (“iCloud” backward), has already been used thousands of times on locked iPhones and iPads around the world. It’s the work of a pair of anonymous hackers, who cracked Apple’s theft-deterrent measure by tricking lost or stolen iOS devices into thinking they are being reactivated by Apple’s servers.
When we originally posted about winocm’s magic iPad 2 that could boot between iOS 5, iOS 6 and iOS 7 at will, we said that “the elite skills necessary to hack your iPad to dual boot operating systems is beyond the ability of most of us mortals, and it’s unlikely winocm will ever make this process friendly for the everyman.”
Then, just yesterday, we took it all back: winocm wasgoing to release the hack that allowed him to dual boot operating systems on his iPad. Schizo-iPads would soon be available to everyone! We were wrong!
Today, though, winocm has released his hack, and guess what? It’s a bunch of github code that you need to have “elite skills… beyond the ability of most of us mortals” to install… definitely not a “process friendly for the everyman.”
When your Mac’s iSight camera is running, a tiny green light lets you know that it’s turned on. Or at least it’s supposed to. New research from Johns Hopkins University shows how hackers can remotely control the iSight camera in certain Macs without turning on the accompanying LED indicator light.
Apple just sent out an email announcing that it has a new System Status page for developers who want to track what’s going on with the still-down Dev Center after it was apparently hacked a couple of days ago.
The email apologizes for the “significant inconvenience” caused by the downtime, and assures developers that it’s been working non-stop to overhaul the systems behind the Dev Center, update server software, and rebuild the entire database now that it’s been compromised.
In addition, they’ve created a one-stop web page with the status of each specific service, noting whether the services in question are yet online or still off.