Sunday, September 7, 2014

Top 5 infosec links of the week (XLII)

#CelebLeaks, #CelebLeaks And #CelebLeaks. Or if you prefer #CelebGate, as it has also been called. There's no doubt about it: this is the main topic of the week now ending. Whether curiosity about the iCloud security, whether another kind of curiosity, your clicks are unequivocal about it. If a topic has especially motivated the community the last seven days, this has been the leak of nude celebrities pictures. Leak due to... vulnerability, hacking, cluelessness?

This week we've been going this way: Apple denies, Apple recognizes... The post on Forbes where we picked up the story on Monday, showed that doubt from the beginning: "It is unclear whether the celebrities did not properly protect their accounts, if a vulnerability was found in iCloud or if something else occurred". In any case, this leak has led to many misunderstandings. Among them, one highly publicized on CNN: the 'ephemeral' forum 4Chan was the location for spreading the #CelebLeaks, and hours after an "expert" on American TV station was speculating about the identity of this "user" called 4Chan .

CIGTR's blog itself received a lot of visits on Monday, when that news was the main story (just what it was expected to be). As if that were not enough, another important link of the week is the investigation driven by the FBI. In this case, the expectation was not only given by the subject itself, but maybe also a lexical-technological trick. The headline of the post on the BBC said that the FBI investigates 'Cloud' celebrity picture leaks. However, for some reason – eg, initial headline modified minutes after initial owner, the post jumped to syndicated channels – feeds, RSS, with other headline: The FBI probes filtering celebrities from the cloud. A 'false friend' could led some Spanish-Speaking to think that the "probes" meant that the FBI had "evidence" ("pruebas") of this leak.

So it goes, another one of the most clicked links this week was the reaction of Tim Cook, CEO of Apple. As the company continued to deny direct responsibility, Apple's number one said that iCloud will bring new and more stringent security measures.

The exception that proves the rule comes on the heels of Chinese online shopping platform, Taobao. Palo Alto Networks found there several individuals who are involved in selling hacked e-mail accounts from top-of-mind universities. The accounts offer various benefits, which include registration to software developer programs, discounts from certain retailers, as well as access to academic databases. If this is done on the "public" web in broad daylight, what should be going through some of the darkest URLs...

Top five topics of the week. News Five drinking from the same source: the value of information.


Post a Comment