STUDENT VOICE
Why Not To Keep Your Nudes On iCloud By Aaron Sigal insecure and dangerous. In response to these most recent bouts of attacks, the author will be revamping his own passwords using the aforementioned advice and advises his readers to do the same. Nothing is worse than having one’s identity stolen out from under him or her because of a weak password.
The Cloud is a relatively new medium of digital storage. There are many options, but the most popular ones are iCloud, Google Drive, OneDrive and Dropbox. They have, until recently, been believed to be secure. An anonymous hacker recently proved this notion false by hacking over 100 celebrities’ personal iCloud accounts and releasing “private” photos to websites such as 4Chan and reddit. Among these celebrities were Jennifer Lawrence, Kate Upton, Victoria Justice and several other high profile Hollywood actresses. The attacker devised a tool that would let him test hundreds of thousands of passwords against a single iCloud account within minutes without being stopped by the page. This is known as a brute force attack. The tool likely used phrases from social media sites such as Facebook, Twitter and Instagram. While iCloud was not compromised, it shows just how vulnerable these major services are to the oldest form of hacking. Many websites today employ a feature that counts the number of times one attempts to enter a password, locking people out if they pass a predetermined number of tries. This is a security measure that was established to prevent password-
guessing attacks, but it has proven ineffective against sophisticated automated attacks. This was a fairly complex attack, but even with just one or two pieces of personal information, an individual can compromise some of the most major forms of social networking. For instance, in 2012, a journalist was subject to a large number of attacks that would ultimately lead to his AppleId, Gmail, Twitter and Facebook accounts all being hijacked. Due to a fundamental flaw in the security measures employed today, anybody who wanted to hack an online account badly enough could do it. The most effective form of defense is to employ strong, complex and unique passwords that are not found in dictionaries. Replacing letters with numbers is an effective way to prevent this, along with fictional character names and places. For example, the password “b00zE1sB@d” and “W33L0vLurNinG” are excellent passwords and would be incredibly difficult for an automated brute force attack to crack. Sharing passwords across multiple websites is very dangerous and explicitly not advised. Having a password of or containing names of pets, parents, siblings, street names, nations, states or cities is KOSHER OC MAGAZINE // DECEMBER 2014 |
27