Today 100’s of private images of celebrities have been leaked online, and by leaked I mean stolen, these are images that the owners never believed would see the light of day but today they are all over the internet.
A lot of people are pointing fingers at Apple as it is believed that this is where the images have come from, This repository on the code sharing Github show some code that it is alleged could brute force apples find my iphone service using the top 500 leaked passwords that meet Apples guidelines, this basically means the software tired each password inturn until it got in.
This is something that normally isn’t possible, most login security systems lock out after a predefined number of failed attempts, but it seems this isn’t something that had been implemented on find my iphone (although this has now patched).
So apart from the usual, use a secure password rhetoric what can we learn from this?
Simply put privacy isn’t what we used to think it is, almost everything we do is now online in one form or another, even the things you think are only on your phone and seamlessly synced across all of your devices. The thing is digital privacy should be simple, strong encryption is available but it isn’t widely used, but why?
The financial reason we don’t have encryption
Companies like Google or Microsoft could easily implement strong encryption into their gmail or hotmail services, but they won’t, the reason is they couldn’t serve targeted advertising on encrypted email systems, so they would lose revenue.
if you are not paying for the service then you are the product being sold
The paranoid government reason we don’t have encryption
Governments have always had an issue with their citizens using encryption, America even classified encryption as a weapon and banned its export, these days while you can use encryption software you can be forced to reveal your encryption keys or face prison time. Using an encrypted web browser can even get you labelled a terrorist.
What can we do?
While most political parties are against even though the often show woeful ignorant to technological issues one party is actively trying to raise these issue and where possible change them, The Pirate Party UK, part of the larger Pirate party stand aim to bring about reform to Copyright and Patent laws, support privacy and reduce surveillance from government and businesses, issues that seem rather pertinent considering the last 24 hours events.
So while I don’t expect anyone to switch allegiances over this little blog post you might at least take a little time to learn more about the Pirate Party at https://www.pirateparty.org.uk