Jennifer Lawrence leaks broke the internet today.

[weirdbr]

Well if people haven't figured out that nothing connected to a network is safe by now I don't what to say. Let see tens of million Target customer financial information was stolen over the holidays, and they aren't the only ones. Most large companies deal with hundreds of hacking attempt a month sometimes even week or day. It seems to me these are way bigger stories than few good looking celebrities getting nudes posted of them.

The problem here is two-fold:

- legislation isn't strong enough to punish companies that don't safeguard information properly. In the US, you have to report data breaches and provide things like credit protection/monitoring for some time, but that's cheap as hell to provide and rarely more than a slap in the wrist of the company
- not enough people qualified in security (or in IT) are available, so only the companies that value their data enough end up hiring those folks for the salary they deserve (and that the market has pushed way up). I'm not in security, but a few years ago my manager dropped an interesting statistic - we had to interview *1000* people for every sysadmin/site reliability engineer we hired.. And that's in a role that is way more common than security engineer.

We seen a significant decrease in property theft over the last 20 years, in no small part cause cops have gotten better solving crimes. However, for electronic crimes I suspect the chances of getting caught are getting worse not better in recent years. I think the sheer number makes it hard to find the folk, but part of it is cultural, the stealing of digital property doesn't seem to be an actual crime in many peoples mind.

I still believe it is mostly due to the law. It's really easy to catch people as long as you deploy the required monitoring and auditing infrastructure, but again, this costs money and without legislation forcing companies to do that, only those who value their secrets/intellectual property/user data/reputation end up doing the right thing.

 

[Shaun__]

I feel a little embarrassed to admit this, but I am terrible with names and did not know who any of these famous actors are really. I went and looked them up, and they look like regular people. I would have been more excited if one of my model friends had released new content I had to pay to see.

 

[GreatDane]

One thing that hasn't been mentioned yet, at least not that I saw posted here. JLaw may have lost some possible income for any future negotiating for that "FIRST" nude scene in a movie since she had not to date been seen in any form nude in any of the media outlets.

I have seen some of the images, nothing for any of the ladies or Gent to be ashamed of. Mostly looked like intimate images taken by friends or the occasional selfie. The images have been leaked, people have seen them and their lives will continue with minimal backlash on them as long as people quit making a huge deal out of it. We are living in a world that random intimate images are taken by almost everyone with a cell phone or access to a camera and if there is any way that someone not involved with said person wants to find those images, there will be a way to find them eventually.

 

[bawksy]

The way that so many people talk so nonchalantly about how they downloaded/watched these pics is already a problem in itself.

 

[Kradek]

Here is an interesting blog post I came across regarding the theft.

A lot of folks posting in this thread about the cloud being unsafe. It's true, nothing is ever completely safe but you can insulate yourself to a significant extent by using standard security practices. Use good passwords. Don't use the same password on every site. Use fake answers to security reset questions. The article above notes that the primary means to obtain these photographs wasn't any technical flaw in iCloud but really pretty basic information gathering and social engineering.

To reiterate what the main bugs are that are being exploited here, roughly in order of popularity / effectiveness:
Password reset (secret questions / answers)
Phishing email
Password recovery (email account hacked)
Social engineering / RAT install / authentication keys

 

[LilyMarie]

The way that so many people talk so nonchalantly about how they downloaded/watched these pics is already a problem in itself.

I can't see an argument anywhere in there, only a gif..

 

[PunkInDrublic]

Story going around is that it was a small group of guys that have been doing this for years. Only way in the club is to prove your skills and contribute new material, one guy announced he was going to share everything he collected with the peasants and then another dude beat him to the punch. Not sure if I believe it but I wouldn't be shocked if it was close to the truth.

 

[PepperoniPiz]

Story going around is that it was a small group of guys that have been doing this for years. Only way in the club is to prove your skills and contribute new material, one guy announced he was going to share everything he collected with the peasants and then another dude beat him to the punch. Not sure if I believe it but I wouldn't be shocked if it was close to the truth.

And apparently afterwards, the dude that did leak was DDoS'd and threatened by the others if he tried to release more.

It's like a soap opera, really.

 

[PunkInDrublic]

Yeah the drama around what happened is far more entertaining than what was leaked. Wonder how long until dudes start snitching each other out.

 

[AmberCutie]

Some of my thoughts, with no sort of organization:

I enjoyed seeing some of the pictures.

Didn't know who half of them were, but now I know their names a little better.

It sucks that something many people trusted was hacked into.

This whole event is fascinating, when you view all the different happenings and angles of it.

Jennifer Lawrence is like the Internet's sweetheart, so I think that's why her name is most prevalent in the reports.

Being angry that people are looking at and enjoying the photos is a waste of energy and rather silly. No point.

This can be seen as an eye-opening for people who put too much trust in technology and/or don't learn how to take proper security measures of their own. Maybe it will have an impact on our future.

I think "the fappening" is a funny and catchy name.

If the whole trading ring thing is true, it brings light to the fact that this sort of thing exists to those who may never have realized it. Many of us cam girls knew stuff like this existed already because it happens to our content, too, but now that non-porn celebrities had it happen to them, it's more in the mainstream.

I love Jennifer Lawrence.

 

[PunkInDrublic]

Kirsten Dunst not being a bigger name in this situation makes me feel kinda old. Not too long ago she was super popular and now nobody seems to care. Maybe because it was only a few pics but I always thought she was a huge celebrity.

 

[LailaBaise]

Kirsten Dunst not being a bigger name in this situation makes me feel kinda old. Not too long ago she was super popular and now nobody seems to care. Maybe because it was only a few pics but I always thought she was a huge celebrity.

 

[Kunra9]

I looked at em.

These girls have naked lady parts.

And I've moved on with my life.

 

[MrRodry]

Didn't know who was Jessica Brown Findlay. Now I know. Thank you Fappening.

 

[bawksy]

 

[HiGirlsRHot]

It also appears that hack wasn't a particular brilliant one., according the editors of ARS techiqueThe only security flaw was there was no limit to the number password attempts. A weak (dictionary) password, plus poorly thought out security question. Example name of your dog and than mention the dogs name in public = easy to break into an account.

 

[Bocefish]

I'll never understand what motivates these hacks to do things like this. The payoff is negligible at best and whoever it was will likely be facing a decade or more in prison when caught, and they will eventually be caught.

:twocents-02cents:

 

[HiGirlsRHot]

I'll never understand what motivates these hacks to do things like this. The payoff is negligible at best and whoever it was will likely be facing a decade or more in prison when caught, and they will eventually be caught.

:twocents-02cents:

I guess you score hacker creed. As far as being caught, it depends on how careful they were. If they were careful I doubt it. Operating through an oversea VPN, using anonymous tools you can be pretty safe. If this was matter of national security, or following a terrorism attack than yes. Maybe even if they stole 40 million credit card numbers, which is potentially what were are looking at with yesterdays Home Depot breach, then yes. But for celeb nude pictures, I am not sure if the FBI is should or will devote the resources.

 

[Kokoro]

I'll never understand what motivates these hacks to do things like this. The payoff is negligible at best and whoever it was will likely be facing a decade or more in prison when caught, and they will eventually be caught.

:twocents-02cents:

Because you want to be a based bro on 4chan. People on there really don't give a fuck. But you gotta give them credit. They can be sneaky motherfuckers. If someone was able to hack into multiple iCloud accounts (I'm not sure how easy that is), they are probably able to cover their tracks as well.

 

[Bocefish]

I'll never understand what motivates these hacks to do things like this. The payoff is negligible at best and whoever it was will likely be facing a decade or more in prison when caught, and they will eventually be caught.

:twocents-02cents:

I guess you score hacker creed. As far as being caught, it depends on how careful they were. If they were careful I doubt it. Operating through an oversea VPN, using anonymous tools you can be pretty safe. If this was matter of national security, or following a terrorism attack than yes. Maybe even if they stole 40 million credit card numbers, which is potentially what were are looking at with yesterdays Home Depot breach, then yes. But for celeb nude pictures, I am not sure if the FBI is should or will devote the resources.

Good points, but if I were laying odds on the culprit(s)being caught, I'd say it's about a 95% chance of them getting busted given the disposable income most celebs have along with the fact the FBI's cyber crimes unit is indeed making this a priority, or so I've heard.

 

[weirdbr]

I guess you score hacker creed. As far as being caught, it depends on how careful they were. If they were careful I doubt it. Operating through an oversea VPN, using anonymous tools you can be pretty safe. If this was matter of national security, or following a terrorism attack than yes. Maybe even if they stole 40 million credit card numbers, which is potentially what were are looking at with yesterdays Home Depot breach, then yes. But for celeb nude pictures, I am not sure if the FBI is should or will devote the resources.

The reality is that the FBI will investigate it as it's a high profile case, specially as it come out that at least one of the celebrities hacked was underage.
And let's be honest - those guys weren't professionals - the employer of one of them already has been identified thanks to the 'hacker' having been stupid enough to share screenshots of his desktop that uniquely identify machines on his work network and he had already posted screenshots in other sections of reddit that listed the same machines. Another was asking for payment on paypal , with an yahoo email account and mentioned he 'still need to figure out how to upload this without the feds tracing me'. (hint: you cant - nothing is untraceable on the internet).

(And wrt to the underage celebs part - I'm curious as to how this will play out, as I recall hearing about cases of teenagers who took selfies and shared them with their significant others [only to have them leaked/widely shared later] that were charged with production and distribution of child porn. I wonder if those celebs will have differential treatment....)

 

[Shaun__]

:lol:

 

[CallMeWilliam]

Story going around is that it was a small group of guys that have been doing this for years. Only way in the club is to prove your skills and contribute new material, one guy announced he was going to share everything he collected with the peasants and then another dude beat him to the punch. Not sure if I believe it but I wouldn't be shocked if it was close to the truth.

Not sure about the second part but the first part is probably true. A couple of the women whose pictures were in the release had said that they had deleted some of the photos up to two years ago. Also some of the original photos that were posted had meta data that showed it was taken by cameras other than IDevices, there was some Android as well non smartphone OS's in the mix as well.

It also appears that hack wasn't a particular brilliant one., according the editors of ARS techiqueThe only security flaw was there was no limit to the number password attempts. A weak (dictionary) password, plus poorly thought out security question. Example name of your dog and than mention the dogs name in public = easy to break into an account.

Well there was a python script in GitHub that used a list of 500 passwords (top 500 used passwords) that some people say might have been the script used. Also I have heard that they also might have used Apple's own password "example" list.

 

[Brad]

Haven't seen the pictures nor do I care to. I doubt I would even know who most of them are. I'm not even sure that I know who Jennifer Lawrence is.


But I did hear on NPR that Apple took a big hit today in the aftermath. Their stock lost about 4% which cost their investors roughly 26 billion!
:shock:

http://americasmarkets.usatoday.com/201 ... 0-a-share/

 

[bakersman]

a very interesting post which lays out some of what went on:

https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/

There is a very energetic group of people trying to get into these accounts, and it doesn't seem like much of a 'security breach' (like the Target one) but a very focused effort to steal/acquire/find (including from people the celebrities know) info about user names, answers to security questions, phishing, stuff like that. So it's not like they got everyone's iCloud pictures and then picked out juicy ones--they got only the compromised accounts' stuff.

Apple did have some problematic security procedures which it seems they've changed to make this sort of thing harder.

Also, it seems like a fight/money grab between various of these people caused the whole thing to become public.

Funny, partly due to even a whiff of nonconsent, and also the serious creeper/douchebag nature of the obsessives who find and distribute this stuff, I'm not interested in seeing any of these pics.

Fortunately, I have other outlets for viewing lovely lovely boobies. Some of those boobies are attached to charming personalities I've become fond of, too. YAY.

 

[bakersman]

Oh, and this is awesome (I gleaned this from the comments on that article)--while the whole thing was breaking, some guys pretended to have all the pics, and showed blurred out photos and screenshots of folders supposedly full of the real stuff. Turns out they had photoshopped it all, and were trolling for bitcoins with no intention (or ability) to deliver.

These guys are now getting all kinds of attention from the feds, HAHAHAHAHA.

Imagine that conversation--"uh, yeah, I wasn't really a purveyor of stolen personal pics, I was just, uh, pretending to be, to uh, keep the guys from getting the pics, see, I was a good guy, no really". This guy's porn collection will be getting a lot of scrutiny.

LOL, and of course bitcoin got involved somehow.

"I'm not a douchebag, I'm just ripping off douchebags, is that so wrong?"

 

[Kradek]

a very interesting post which lays out some of what went on:

https://www.nikcub.com/posts/notes-on-the-celebrity-data-theft/

 

[Ambers Troll]

My first thoughts;
If celebrities don't know how to use the cloud in a secure way, they should have deactivated automatic backup. It was foolish to record images that you don't want risking being shared to anything but a secure form of storage, and deleting all but secured copies/ originals.
There is no way released images are going to be stopped from being shared, only those profitting from them will be able to be stopped.
Wonder if this will tighten up free sharing sites, social media sites to nudity/ porn further?
I wont be looking for any of these pics, I know from my former model friends how distressing such stolen images can be.

 

[VeronicaChaos]

Was it foolish to use cloud services? Probably. But I'm sick of people using that foolishness to justify the leak.

 

[JerryBoBerry]

Was it foolish to use cloud services? Probably. But I'm sick of people using that foolishness to justify the leak.

Exactly, use of the cloud is a non-issue. There was a crime committed. One hundred percent of the blame is on the criminal. People that blame it on the cloud usage remind me of the people who blame the woman for getting raped because she was showing cleavage with the shirt she was wearing. NO idiots, she wasn't asking for it. It's still, and always will be, the rapists fault.