Popular Posts

Friday, 5 September 2014

iCloud Password Strength = Weak (and possibly irrelevant)

Apple are in big trouble. Over 100 celebrities have had naked photographs and intimate videos stolen from their iCloud and posted across the 4Chan network. It seems the Cloud may not be as safe and convenient as the tech giants would have us believe...

The leaked photographs are a ruthless violation of the privacy of female celebrities and should be condemned. But at least Jennifer Lawrence's boobs have finally put an end to ALS Challenge videos.

Maybe the new 'Burn Isis Flag Challenge' will takes its place.

In an interview with the Wall Street Journal, Tim Cook, the Apple CEO, announced the company is set to tighten iCloud security, however reiterated the fact that the attacks were targeted toward specific individuals (hackers guessed those individuals' passwords) and was not a widespread hack of iCloud.

The question is, will the celebrities sue? Traditionally, data breach lawsuits rarely make it to trial, but the high profile of this case my change the way things operate. If people begin to stop trusting Apple with their digital information this could imperil the entire internet economy. Maybe now is the time to set some legal ground rules.

First though, it may simply be worth sorting out your own passwords. You'll find some sound advice here.

And for anyone who does struggle, just be thankful you aren't a UCL student. This was an angry letter sent by my housemate when he couldn't get a password to fit their stringent requirements:

Dear I.T.,

I have tried about 6 or 7 different 'new' passwords because my current one is going to mysteriously 'expire'. There was nothing wrong with my old password. In fact, the random set of letters, numbers and capitals you allocated me is a far better password than anything I could come up with myself. I have tried to change my old password to my old password, but it's not allowed to be the same. I tried changing one letter so that I could still easily remember it, but no, it is 'too similar'. I then tried others; 'cheesesandwich' - 'too long'. HOW CAN A PASSWORD BE TOO LONG? 'Jigstick' - 'it does not contain a sufficient mix of character types'. Do you honestly think someone is going to guess my password is 'Jigstick'? A 'jigstick' isn't even a thing!

Let's try a different tack; 'Fluff69'. 'Based on a dictionary word'. BASED ON A FUCKING DICTIONARY WORD OF COURSE IT IS THAT'S WHERE I GET MY FUCKING WORDS FROM. How about a random series of numbers that I will literally have to write down on a post-it note and label 'Password' in order to remember? '237890'...created by slamming my head against the number pad. 'It is based on a keyboard sequence'. IT IS BASED ON A KEYBOARD SEQUENCE. I would try and create a password without a keyboard sequence, but I fear this will result in a very short password, probably in the vicinity of one letter. Do you realise how stupid this is?

Possibly not as stupid as the next one I try. 'NiGGer19'. 'Based on a dictionary word'. What dictionary are you using? One from the 17th century? I can't be sensible, I can't be silly, I can't be practical and now I can't even be racist?

What is the point of this anyway? Is someone going to steal my education? I probably wouldn’t mind if whilst they were at it they dealt with all this stuff for me. Surely anyone can see how much of a waste of time this stupid bureaucracy is.

Yours sincerely,

Harry Quinn Schone

P.S. It finally accepted 'ARs3h0le'.