- Devin Nunes’ lawsuit with Twitter over parody accounts inspires more parody accounts Tuesday 7:53 PM
- Alexandria Ocasio-Cortez posts SpongeBob meme to diss Green New Deal adversaries Tuesday 7:23 PM
- Twitter blasts Benny Johnson over heinous Native American ‘socialist’ reservations take Tuesday 6:16 PM
- New Zealand arrests 2 for sharing video of mosque shooting Tuesday 4:44 PM
- ‘Queer Eye’ season 3 serves more frothy fun and cathartic realness Tuesday 4:30 PM
- Everyone is roasting this photo of Kourtney Kardashian in a bubble bath Tuesday 4:15 PM
- White House report has a lot of superheroes listed as interns Tuesday 4:06 PM
- Google to launch ‘Stadia’ cloud gaming service this year Tuesday 3:55 PM
- Amy Schumer addresses her ‘Growing’ pains in new Netflix special Tuesday 2:04 PM
- This Bitcoin tie is everyone’s favorite part of the Theranos documentary Tuesday 1:56 PM
- Trump’s social media guru gets suspended on Facebook Tuesday 1:51 PM
- YouTube time traveler says he saw a dinosaur—in the future Tuesday 1:47 PM
- Why is Netflix changing the viewing order for ‘Love, Death & Robots’? Tuesday 12:47 PM
- Elizabeth Holmes’ deep voice captivates and confuses the internet Tuesday 12:40 PM
- These cat purses have everything you need (including balls) Tuesday 12:22 PM
Apple is aware of the problem, and it’s trying to help you avoid it.
Apple on Tuesday said that it was monitoring reports of “intermittent organized network attacks” on its iCloud platform, one day after a Chinese censorship watchdog site observed attacks on iCloud that it attributed to the Chinese government.
“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” Apple said on a help page about iCloud security. “These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”
Anxieties about the cloud platforms of Apple and other major tech companies are running high in the aftermath of the Celebgate photo leaks. Apple quickly denied that vulnerabilities in iCloud were responsibility for the massive invasion of the celebrities’ privacy, but it later emerged that the company had been aware of security issues with the cloud platform that could have been related.
The attacks on iCloud from China were first reported by the blog Greatfire.org, which tracks the zealous Internet censorship of the regime in Beijing. The site said it had identified a “man-in-the-middle” attack on iCloud that it described as “an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc.”
The attack itself, at least as described by Greatfire.org, sounds like standard hacker fare: a site that looks like the iCloud login portal but that reports all attempted login credentials to the hackers. The fake site essentially steps into the “middle” of users’ attempts to log into Apple’s service.
Apple’s response to the report encouraged users to look for a security certificate when logging into iCloud.
“If users get an invalid certificate warning in their browser while visiting www.icloud.com, they should pay attention to the warning and not proceed,” the help page said. “Users should never enter their Apple ID or password into a website that presents a certificate warning.”
Image via Apple
Photo by Vince Alongi/Flickr (CC BY 2.0) | Remix by Fernando Alfonso III
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.