On September 1st, many American big-name actresses were exposed in nude photos. It was reported that the reason was that there were hackers attacking multiple iCloud accounts. It is still unclear how hackers invade iCloud storage services to obtain indecent photos of Lawrence, Urban and other celebrities, but the security of iCloud has been widely questioned by public opinion.
"The root cause of photo leakage is that the account of the cloud service has been stolen." 360 security expert An Yang told the "First Financial Daily" reporter that hackers can use the "collision library" to steal the number, in addition to the service provider's user database. Disclosure may also expose all users to the risk of hacking.
In fact, this is not the first time that Apple products have involved “leakage†incidents. iOS has been exposed to multiple “secret backdoorsâ€.
In mid-August, Apple also filed a statement on the transfer of data from Chinese users to China Telecom's cloud storage. The cloud service provider should strengthen the network security protection of the data center, fix the vulnerability in time, and prevent hacking and collision. Hacking attack.
"cloud" vulnerability
Most Apple users are no strangers to iCloud, a new cloud storage service that Apple released at the 2011 WWDC conference. The service provides users with 5GB of free storage space, and users can back up private data such as contacts, emails, photos, etc. in the device through iCloud. Apple CEO Cook has said that iCloud is part of Apple's strategy for the next 10 years.
But obviously he did not take into account the impact of hackers.
It is reported that hackers use iCloud storage service vulnerabilities to retrieve celebrity indecent photos, and these photos are posted on foreign 4chan forums, and hackers try to earn bitcoin.
The hacker who posted the photo claimed that he had more than 60 self-portrait photos of Lawrence, and not all of them were nude photos, including self-portraits wearing swimsuits.
In theory, this violation may also occur on any Apple user using the iCloud service.
"In fact, in the era of big data, it is not easy to protect your privacy. If a hacker wants to break any thing he wants to break, it is only a matter of time." Wang Dengke, the person in charge of the Cool Internet Center, said that the data is in the cloud. The transfer process, the process of transferring passwords to the server, and the process of cloud storage are all likely to be compromised by hackers.
From the past to the present, iCloud has always been known for its ease of use, but like other cloud service providers, iCloud's data is synchronized across devices, and once a device has a problem, it can pose a risk of privacy breaches.
There are three possibilities for the account being stolen: First, the iCloud account uses the commonly used registered mailbox and password, and the hacker can use the "collision library" method for hacking (hacking some websites with poor security, stealing the user's registered mailbox and password) Try to log in on important websites or services such as iCloud. Second, the user database of the service provider is leaked, causing all users to face the risk of hacking. Third, there are security problems in the device or network environment, such as the device infected with Trojan virus, or The login account of the hacker's phishing WiFi may cause the account password to be leaked.
Previously, some netizens exposed a major vulnerability in Apple's iCloud system, which could turn off the "find my iPhone" function of the stolen iPhone without a password. Although Apple has also begun to strengthen the account security of iCloud and Apple ID, two-factor authentication has been added during the account login process, but security vulnerabilities have not been avoided.
Data security in the mobile age
More and more large companies are starting to make continuous investments in the data security arena.
On August 7, Facebook announced that it will acquire Internet security company PrivateCore, which will help Facebook protect servers from "malware, unauthorized physical access and malicious hardware." Facebook chief security officer Joe Sullivan said: "People are very concerned about the data security entrusted to services such as Facebook."
On August 12, IBM completed the acquisition of Lighthouse Security Group, a cloud hosting security service provider. Through this acquisition, IBM offers a unique set of identity and access management products that combine proven software and analytics with professional managed services to make it easier for businesses in the digital world to handle complex security issues.
Twitter also acquired Mitro, a small password security startup, last month to help improve its geolocation capabilities.
But in reality, security breaches still occur from time to time.
Wang Dengke said: "From the current situation of the mobile phone industry, most mobile phone manufacturers are under-prepared in the face of security problems." Wang Dengke said that the encryption of information security is mature from a technical point of view, but how to Self-product integration also requires a process. In addition, nothing is absolutely safe, and if you want to crack your password, all you need is time.
"From the perspective of revenue, security investment does not directly generate benefits. General mobile phone manufacturers say that it is difficult to achieve tens of millions of data centers, such as 500 servers, one 50,000, which is the cost of 25 million, and this The bandwidth costs and traffic brought by the data center are all factors to consider," Wang Dengke said.
However, Wang Dengke said that he believes that cloud storage is still the future trend. In the process of data-to-cloud transmission, enterprises can encrypt transmission channels. In the cloud, enterprises can also make specific keys to prevent hackers.
Cloud service providers should strengthen network security protection in data centers, fix vulnerabilities in time, and prevent hacking attacks such as hacking and collision. In addition, important data needs to be encrypted and protected. More importantly, users are provided with a higher level of account authentication mechanism. Accessing important data recommends using multiple authentications instead of relying solely on account passwords. For ordinary netizens, mobile phones and computers need to open security software to prevent and detect Trojan viruses. Some important accounts must be individually set with passwords, and passwords should be changed periodically to avoid using other devices or non-trusted WiFi network login accounts.
Column Load Cell,Fsr Sensor,Load Cell Forsentek,Impact Load Cell
Xiaogan Yueneng Electronic Technology Co., Ltd. , https://www.xyeloadcell.com