In response to a recently leaked cache of nude photos apparently stolen from celebrities' iCloud accounts, Apple CEO Tim Cook said the company plans to activate new security measures designed to thwart future attacks.
Speaking to The Wall Street Journal, Cook reiterated Apple's stance that iCloud was not breached before announcing new security protocols meant to give users a heads-up when changes are made to their accounts.
"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," Cook said. "I think we have a responsibility to ratchet that up. That's not really an engineering thing."
To add an extra layer of protection, Cook said Apple will start sending out email and push notification alerts when an attempt is made to restore iCloud data to another device. The protocol adds to current safety measures that push out similar messages when a password has been changed or a device is first linked to an iCloud account.
With the alerts in place, iCloud users can quickly react to potential breaches by closing off access or deleting files before a nefarious user has a chance to download potentially sensitive data.
As for Apple's current security measures, Cook thinks the company is doing well, pointing to the iPhone 5s' Touch ID fingerprint recognition feature and iCloud's two-step authentication protocol, which requires users enter both a password and a separate code sent to a trusted device prior to making account changes. Cook said the feature's coverage area will be widened with the release of iOS 8 to include iCloud access from mobile devices. Cook also said Apple will be proactively pushing the two-factor system in the future.
Last weekend, dozens of nude photos taken from iCloud accounts belonging to Jennifer Lawrence, Kate Upton, Ariana Grande and more were dumped on the Web after being collected through various corners of the Internet, including anonymous image board AnonIB. In the ensuing aftermath, Apple issued a statement denying hackers were able to breach iCloud security, instead blaming targeted attacks that have "become all too common on the Internet."
Apple will continue to work with authorities toward finding the culprit or culprits behind the attacks and subsequent mass data leak.
"We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are," Cook said.
81 Comments
It's a start.
This is what I like about Cook. He's not afraid to say when they may have messed up (not necessarily saying that happened here) [B]or[/B] where they can do better. Similar to what happened with Maps.
It's a start.
Agree. The silent download of backups from iCloud by law enforcement tools will also notify users now. I would also like an audit dashboard to see where devices are connecting from that are accessing my data. Seeing IPs being used where I am not would be something that I could easily spot. I think of this like a credit card statement. Being able to see where I used my card lets me see when someone else is playing me and using my card. I want the same for the cloud.
I believe it is Google that actually warned me one time about connecting to gmail from a very different address within a short period of time. I was out of the country, but used VPN back into the country as well as accessing it without VPN. They were concerned that I could not be in and out of the country at the same time. Not a Google fan at all, but that was a nice thing to warn me about.
...celebrity photo flap
You did that on purpose.
PLEASE tell me there won’t be any time during the keynote dedicated to this drivel.
NOT good enough, provide the fix to enable two factor authentication for iCloud backups and Photo Stream in iOS 7 THIS month, Tim Cook! Not all devices will run iOS 8, and not all users, especially in corporations, will update to iOS 8 straight away. Also, what about iOS 6-only devices?!