According to the MailOnLine, our Heroine Kirsten Dunst, the first one to apparently have recognized the Apple in the applesauce, is leading the charge against Apple for the iCloud hacks
Kirsten Dunst leads celeb anger at Apple over hacked photos
Spiderman star Dunst is the first victim to publicly criticize the tech giant after nude photographs of her and multiple other celebrities leaked online
The photos were obtained through Apple’s iCloud and published on 4chan
When activated, iCloud automatically stores users’ photos and data online
A flaw in its ‘Find My iPhone’ function reportedly undermined its security
Twitter is apparently shutting down accounts disseminating the pictures
Lawrence’s spokesman confirmed the nude photographs were published
Kate Upton’s attorney called leaked pictures ‘an outrageous violation’
Actress Mary Elizabeth Winstead confirmed the photos of her are real
But not all ‘nude’ photographs that have been published are genuine
Hacker claims to have images of other stars, which have not been posted
Kirsten Dunst has become the first celebrity to publicly criticize Apple after it emerged that a flaw in the ‘Find My iPhone’ function of its iCloud service may have helped an unknown hacker steal nude photos of her and ‘100 other celebrities’.
The Spiderman star tweeted ‘Thank you iCloud’ along with icons representing a slice of pizza and a pile of poo on Monday afternoon, the day after naked photos of her were published online.
The supposed hacker behind the scandal has claimed that they broke into stars’ iCloud accounts, including those of Dunst, Hunger Games actress Jennifer Lawrence, Kate Upton and Rihanna, before publishing them on 4chan, the image-sharing forum.
Hacked? A flaw in the ‘Find My iPhone’ function (right) of Apple’s iCloud service (left) may have helped the anonymous hacker to steal nude photos of Jennifer Lawrence and ‘100 other celebrities’
Earlier today, The Next Web spotted code on software development site Github, that would have allowed malicious users to use ‘brute force’ to gain an account’s password on Apple iCloud, and in particular its Find my iPhone service.
A message has since appeared saying that Apple has issued a fix for the bug. ‘The end of the fun, Apple has just patched,’ read an update on the post.
Brute force, also known as ‘brute force cracking’, is a trial-and-error method used to get plain-text passwords from encrypted data.
Just as a criminal might break into, or ‘crack’ a safe by trying many possible combinations, a brute-force cracking attempt goes through all possible combinations of characters in sequence.
In a six-letter attack, the hacker will start at ‘a’ and end at ‘//////’
Owen Williams from The Next Web, who discovered the bug, said: ‘The Python script found on GitHub appears to have allowed a malicious user to repeatedly guess passwords on Apple’s “Find my iPhone” service without alerting the user or locking out the attacker.
‘Given enough patience and the apparent hole being open long enough, the attacker could use password dictionaries to guess common passwords rapidly. Many users use simple passwords that are the same across services so it’s entirely possible to guess passwords using a tool like this.
‘If the attacker was successful and gets a match by guessing passwords against Find my iPhone, they would be able to, in theory, use this to log into iCloud and sync the iCloud Photo Stream with another Mac or iPhone in a few minutes, again, without the attacked user’s knowledge.
‘We can’t be sure that this is related to the leaked photos, but the timing suggests a possible correlation.’