Security News
Apple earlier this year fixed a security vulnerability in iOS and macOS that could have potentially allowed an attacker to gain unauthorized access to a user's iCloud account. Uncovered in February by Thijs Alkemade, a security specialist at IT security firm Computest, the flaw resided in Apple's implementation of TouchID biometric feature that authenticated users to log in to websites on Safari, specifically those that use Apple ID logins.
A perv who reportedly hacked people's iCloud accounts to obtain sexual images before sharing them online has been sent to prison for nearly three years. Tony Spencer of Victoria Hill, Eye, Suffolk, was found by Basildon Crown Court to have "Accessed iCloud accounts without the owners' consent" by using "Software", according to a police statement.
A perv who reportedly hacked people's iCloud accounts to obtain sexual images before sharing them online has been sent to prison for nearly three years. Tony Spencer of Victoria Hill, Eye, Suffolk, was found by Basildon Crown Court to have "Accessed iCloud accounts without the owners' consent" by using "Software", according to a police statement.
More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee. Under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form even under court order.
In spite of Apple having turned over the shooter's iCloud backups in the case of the Pensacola, Florida mass shooting last month, the US government has been raking it over the coals for supposedly not helping law enforcement in investigations. Specifically, according to six sources - Reuters relied on the input of one current and three former FBI officials and one current and one former Apple employee - a few years ago, Apple, under pressure from the FBI, backed off of plans to let iPhones users have end-to-end encryption on their iCloud backups.
Two years ago, Apple abandoned its plan to encrypt iPhone backups in the iCloud in such a way that makes it impossible for it to decrypt the contents, a Reuters report claimed on Tuesday. Based on information received by multiple unnamed FBI and Apple sources, the report says that the decision was made after Apple shared its plan for end-to-end encrypted iCloud backups with the FBI and the FBI objected to it.
Apple previously scuttled plans to add end-to-end encryption to iCloud backups, in part because such a move would have complicated law enforcement investigations, Reuters reports. Reuters' scoop highlights a behind-the-scenes compromise that explains what happened, with Apple reportedly opting to not use end-to-end encryption for iCloud backups as it faced increasing pressure from the U.S. government to ensure investigators could access user data.
Apple ditched plans to fully encrypt its iCloud backups two years ago after being pressured by the FBI, it is claimed. Under this plan, Apple would no longer have the key to unlock encrypted data, meaning it would no longer be able provide decrypted backups of its users to the authorities, even under court order.
Apple has confirmed that it's automatically scanning images backed up to iCloud to ferret out child abuse images. Horvath didn't elaborate on the specific technology Apple is using, but whether the company is using its own tools or one such as Microsoft's PhotoDNA, it's certainly not alone in using automatic scanning to find illegal images.
He claimed to have logins for millions of iCloud accounts, and told Apple he'd shut them all down unless he received a payoff.