- People are sharing how serving in the military has ruined their lives with #WhyIServe Sunday 5:31 PM
- Gillette ad showing a dad teaching his trans son how to shave has the internet in tears Sunday 4:34 PM
- 4chan’s new troll campaign aims to make the hashtag a white supremacist symbol Sunday 2:49 PM
- Here’s what that ‘cliff wife’ meme is all about Sunday 12:58 PM
- Artist suspended from Facebook, Instagram after posting anti-MAGA artwork Sunday 12:04 PM
- How to watch Serie A online for free Sunday 7:30 AM
- What does ‘uwu’ mean? Sunday 7:00 AM
- How to uninstall the Epic Games Launcher (for real) Sunday 6:30 AM
- How to watch the Indianapolis 500 online for free Sunday 6:00 AM
- Ohio KKK rally met with massive counter-protest and witty signs from local businesses Saturday 5:06 PM
- Guy who said he stole drugs from MS-13 now says viral story is fake Saturday 4:07 PM
- Financial service company left 885 million private records exposed online Saturday 3:13 PM
- Sasha Obama went to prom and Twitter is delighted with the photos Saturday 2:22 PM
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Saturday 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Saturday 11:58 AM
Apple is aware of the problem, and it’s trying to help you avoid it.
Apple on Tuesday said that it was monitoring reports of “intermittent organized network attacks” on its iCloud platform, one day after a Chinese censorship watchdog site observed attacks on iCloud that it attributed to the Chinese government.
“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” Apple said on a help page about iCloud security. “These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”
Anxieties about the cloud platforms of Apple and other major tech companies are running high in the aftermath of the Celebgate photo leaks. Apple quickly denied that vulnerabilities in iCloud were responsibility for the massive invasion of the celebrities’ privacy, but it later emerged that the company had been aware of security issues with the cloud platform that could have been related.
The attacks on iCloud from China were first reported by the blog Greatfire.org, which tracks the zealous Internet censorship of the regime in Beijing. The site said it had identified a “man-in-the-middle” attack on iCloud that it described as “an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc.”
The attack itself, at least as described by Greatfire.org, sounds like standard hacker fare: a site that looks like the iCloud login portal but that reports all attempted login credentials to the hackers. The fake site essentially steps into the “middle” of users’ attempts to log into Apple’s service.
Apple’s response to the report encouraged users to look for a security certificate when logging into iCloud.
“If users get an invalid certificate warning in their browser while visiting www.icloud.com, they should pay attention to the warning and not proceed,” the help page said. “Users should never enter their Apple ID or password into a website that presents a certificate warning.”
Image via Apple
Photo by Vince Alongi/Flickr (CC BY 2.0) | Remix by Fernando Alfonso III
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.