3 September 2014
 |
| Jennifer Lawrence meminta FBI menyelidiki peretasan akun Cloud miliknya |
Dua hari setelah foto - foto pesohor Hollywood bocor
ke dunia maya, satu hal sudah jelas. Dan bahwa secara virtual tidak ada
hal yang jelas.
Walaupun ada banyak spekulasi bahwa sistem penyimpanan iCloud Apple dan beberapa sistem sejenisnya telah diretas, masih belum ada bukti konkrit tentang bagaimana foto - foto ini didapatkan.
Yang kita ketahui adalah beberapa,
tidak semua, dari foto ini asli, dan kita tahu bahwa foto-foto ini telah
bocor ke dunia maya, dengan beberapa pihak berusaha mengambil
keuntungan dengan menawarkan foto untuk ditukar dengan Bitcoin. Walaupun
ada satu individu yang telah diidentifikasi sebagai pembocor, ia
bersikeras bahwa ia hanya ingin mendapatkan uang dari foto-foto tersebut
dan bukan pembocor asli.
Apple belum sepenuhnya mengambil langkah besar
untuk memperbaiki masalah keamanan ini. Mereka mengeluarkan sebuah
pernyataan, mengatakan "Kami menjaga privasi pengguna kita dengan sangat
serius dan secara aktif menyelidiki laporan ini ".
Sementara itu, kotak surat saya sudah penuh
dengan email dari petugas-petugas humas menawarkan komentar "pakar
keamanan" mengenai "peretasan iCloud" ini. Tapi sewaktu saya bertanya
alasan mereka berpikir mengapa insiden ini adalah sebuah peretasan,
jawaban mereka adalah “saya melihatnya di media”. Cukup sekian untuk
pakar keamanan.
Namun ada salah satu ahli yang dapat memberikan analisis yang masuk akal tanpa mengambil kesimpulan terlalu cepat.
Bagaimana peretas mendapatkan password dari akun-akun tersebut?
Rik Ferguson dari Trend Micro mengatakan bahwa
peretasan ini adalah serangan yang sengaja menyasar foto, dan bukan
dokumen lainnya atau sekelompok orang tertentu. Sehingga menurut dia,
peretasan ini bukan serangan skala besar terhadap infrastruktur Apple.
Kemarin ia datang ke sejumlah metode yang
mungkin digunakan oleh peretas mulai dari phishing hingga peretas
menerobos akun terkait dengan keamanan yang lebih lemah. Ia mengatakan
kemungkinan yang paling kecil adalah semua pesohor memiliki password
yang sangat lemah sehingga mudah ditebak.
Dan pagi ini, ia mengatakan memiliki teori baru
setelah berita tentang kelemahan potensial Apple mengemuka dan kelemahan
itu, menurut dia, memungkinkan terjadinya serangan berkekuatan besar.
Serangan ini meliputi membombardir laman akses dengan ribuan password
sampai salah satunya bekerja. Teknik ini biasanya dianggap tidak efektif
karena beberapa akun akan mengunci dirinya setelah tiga kali percobaan
password yang gagal
Sekarang lubang keamanan itu tampaknya telah
ditambal, tapi hal itu juga bisa menjadi pintu masuk peretasan akun
pesohor. Atau seperti yang diakui Rick Ferguson, hal ini mungkin kasus
ketika korelasi tidak setara dengan kewaspadaan. Kita sekarang perlu
mendengar dari para insinyur di Apple apakah teori ini punya argumen
yang kuat atau tidak.
Hal selanjutnya yang perlu dipikirkan adalah
bagaimana peretas mendapatkan email yang diperlukan untuk mengakses
akun-akun tersebut. Tampaknya mereka tidak mendapatkan akun tersebut
dalam waktu singkat, jadi kelihatannya materi ini dikumpulkan dalam
jangka waktu yang panjang, mungkin oleh sekelompok hacker, dan
dilepaskan bersamaan.
Saat ini kita semua berada di awan
ketidakjelasan. Tapi satu hal cukup jelas, yaitu menyimpan foto yang
tidak ingin dilihat orang lain secara daring mungkin bukan hal yang aman
untuk dilakukan.
ENGLISH
Jennifer Lawrence asked the FBI to investigate hacking his account Cloud
Two days after the photos - photos of Hollywood celebrities leaked into cyberspace, one thing is clear. And that virtually nothing is clear.
Although there is much speculation that Apple's iCloud storage system and the like have been compromised several systems, there is still no concrete evidence of how the photo - this photo obtained.
All we know is that some, not all, of this original photo, and we know that these pictures have been leaked into cyberspace, with several parties trying to take advantage by offering to exchange photos with Bitcoin. Although there is one individual who has been identified as the leaker, he insists that he just wants to get money from these photos and not the original leaker.
Apple has yet to fully take big steps to fix this security issue. They issued a statement, saying "We maintain the privacy of our users very seriously and is actively investigating these reports".
Meanwhile, my mailbox has been filled with emails from public relations officers offer comments "security experts" about "hacking iCloud" this. But when I asked the reason why they think this is a hacking incident, their reply was "I see in the media". That's it for security experts.
However there is one of the experts who can provide a reasonable analysis without drawing conclusions too quickly.
How do hackers get passwords of these accounts?
Rik Ferguson of Trend Micro said that this is a hacking attack that deliberately targeted the photo, and not the other document or group of people. Therefore, according to him, hacking is not a large-scale attack against the Apple infrastructure.
Yesterday he came to a number of methods that may be used by hackers ranging from phishing to hackers to break through the account associated with weaker security. He said most small possibility is all the celebrities have very weak passwords that are easy to guess.
And this morning, he said to have a new theory after news surfaced about potential flaws and weaknesses of Apple, he said, allows for powerful attacks. These attacks include bombarding access pages with thousands of passwords until one works. This technique is generally considered to be ineffective because some accounts will lock itself after three failed password attempts
Now it seems to be a security hole has been patched, but it could also be the entrance hacking celebrity accounts. Or as recognized Rick Ferguson, this may be the case when the correlation is not equivalent to vigilance. We now need to hear from the engineers at Apple whether this theory has a strong argument or not.
The next thing to think about is how the hackers get emails that are required to access these accounts. It seems they do not get the account in a short time, so it seems this material is collected in a long period of time, perhaps by a group of hackers, and released simultaneously.
This time we were all in the cloud obscurity. But one thing is quite clear, that does not save the photo that you want to see other people online may not be a safe thing to do.
Two days after the photos - photos of Hollywood celebrities leaked into cyberspace, one thing is clear. And that virtually nothing is clear.
Although there is much speculation that Apple's iCloud storage system and the like have been compromised several systems, there is still no concrete evidence of how the photo - this photo obtained.
All we know is that some, not all, of this original photo, and we know that these pictures have been leaked into cyberspace, with several parties trying to take advantage by offering to exchange photos with Bitcoin. Although there is one individual who has been identified as the leaker, he insists that he just wants to get money from these photos and not the original leaker.
Apple has yet to fully take big steps to fix this security issue. They issued a statement, saying "We maintain the privacy of our users very seriously and is actively investigating these reports".
Meanwhile, my mailbox has been filled with emails from public relations officers offer comments "security experts" about "hacking iCloud" this. But when I asked the reason why they think this is a hacking incident, their reply was "I see in the media". That's it for security experts.
However there is one of the experts who can provide a reasonable analysis without drawing conclusions too quickly.
How do hackers get passwords of these accounts?
Rik Ferguson of Trend Micro said that this is a hacking attack that deliberately targeted the photo, and not the other document or group of people. Therefore, according to him, hacking is not a large-scale attack against the Apple infrastructure.
Yesterday he came to a number of methods that may be used by hackers ranging from phishing to hackers to break through the account associated with weaker security. He said most small possibility is all the celebrities have very weak passwords that are easy to guess.
And this morning, he said to have a new theory after news surfaced about potential flaws and weaknesses of Apple, he said, allows for powerful attacks. These attacks include bombarding access pages with thousands of passwords until one works. This technique is generally considered to be ineffective because some accounts will lock itself after three failed password attempts
Now it seems to be a security hole has been patched, but it could also be the entrance hacking celebrity accounts. Or as recognized Rick Ferguson, this may be the case when the correlation is not equivalent to vigilance. We now need to hear from the engineers at Apple whether this theory has a strong argument or not.
The next thing to think about is how the hackers get emails that are required to access these accounts. It seems they do not get the account in a short time, so it seems this material is collected in a long period of time, perhaps by a group of hackers, and released simultaneously.
This time we were all in the cloud obscurity. But one thing is quite clear, that does not save the photo that you want to see other people online may not be a safe thing to do.
FBI selidiki peretasan akun Cloud pesohor
2 September 2014
 |
| Salah satu pesohor yang diretas akunnya adalah Jennifer Lawrence |
FBI sedang memeriksa sejumlah tuduhan yang menyatakan bahwa puluhan akun daring pesohor Hollywood telah diretas.
Foto-foto milik sederetan selebriti wanita
terkenal, seperti Jennifer Lawrence dan Kate Upton, diunggah oleh orang
yang belum diketahui identitasnya setelah diduga diretas dari layanan
penyimpan dokumen cadangan seperti Apple iCloud.Lawrence, bintang The Hunger Games, meminta dilakukan penyelidikan setelah foto-foto telanjangnya dicuri dari telepon selulernya.
Juru bicara FBI mengatakan kepada kantor berita Associated Press bahwa mereka "mengetahui adanya pelanggaran" dan "menyelidiki masalah ini."
Juru bicara Apple Nat Kerris dikutip oleh Reuters mengatakan, "Kami sangat serius menjaga privasi para pengguna dan aktif menyelidiki laporan ini."
Penyimpanan cloud selama ini dinilai aman
"Penting bagi pesohor dan masyarakat untuk mengingat bahwa foto dan data tidak hanya tinggal di alat yang merekamnya," kata Ken Westin, analis keamanan di Tripwire.
"Meski banyak penyedia jasa cloud membuat sandi komunikasi data antara alat dan cloud, hal itu tidak berarti bahwa foto dan data itu disandikan ketika sudah disimpan.
"Jika Anda bisa melihat foto-foto itu di layanan cloud, maka peretas juga bisa melihatnya."
ENGLISH
FBI investigating hacking of celebrities Cloud account
2 September 2014
One of the celebrities who hacked his account is Jennifer Lawrence
The FBI is examining a number of charges stating that dozens of online accounts of Hollywood celebrities have been hacked.
The photos belong to a series of famous female celebrities, such as Jennifer Lawrence and Kate Upton, uploaded by people who have not been identified after allegedly hacked from a backup document storage services like Apple's iCloud.
Apple said they were investigating whether the iCloud accounts hacked.
Lawrence, star of The Hunger Games, requested an investigation after photos of naked stolen from her cell phone.
FBI spokesman told the Associated Press that they were "aware of any violation" and "investigate this matter."
Apple spokesperson Nat Kerris was quoted by Reuters as saying, "We are very serious to maintain the privacy of the users and is actively investigating these reports."
cloud
Cloud storage has been considered safe
Experts have long expressed concerns over the security of storage sites "cloud."
"It is important for celebrities and the public to remember that images and data are not only living in a recorded instrument," said Ken Westin, a security analyst at Tripwire.
"Although many cloud service providers to make the password data communication between devices and the cloud, it does not mean that the images and the data was encrypted when it is stored.
"If you can see the pictures in the cloud service, then the hacker can also see it."
2 September 2014
One of the celebrities who hacked his account is Jennifer Lawrence
The FBI is examining a number of charges stating that dozens of online accounts of Hollywood celebrities have been hacked.
The photos belong to a series of famous female celebrities, such as Jennifer Lawrence and Kate Upton, uploaded by people who have not been identified after allegedly hacked from a backup document storage services like Apple's iCloud.
Apple said they were investigating whether the iCloud accounts hacked.
Lawrence, star of The Hunger Games, requested an investigation after photos of naked stolen from her cell phone.
FBI spokesman told the Associated Press that they were "aware of any violation" and "investigate this matter."
Apple spokesperson Nat Kerris was quoted by Reuters as saying, "We are very serious to maintain the privacy of the users and is actively investigating these reports."
cloud
Cloud storage has been considered safe
Experts have long expressed concerns over the security of storage sites "cloud."
"It is important for celebrities and the public to remember that images and data are not only living in a recorded instrument," said Ken Westin, a security analyst at Tripwire.
"Although many cloud service providers to make the password data communication between devices and the cloud, it does not mean that the images and the data was encrypted when it is stored.
"If you can see the pictures in the cloud service, then the hacker can also see it."
Foto telanjang artis disebarkan peretas
1 September 2014
 |
| Jennifer Lawrence, pemenang piala Oscar untuk AktrisTerbaik tahun 2013. |
Foto telanjang para artis, termasuk Jennifer Lawrence disebarkan online oleh peretas.
Walau sejumlah bintang mengatakan foto mereka
adalah foto palsu, para artis lainnya mengatakan bahwa memang benar itu
foto mereka.Agen untuk Jeniifer Lawrence mengatakan timnya akan mengambil langkah-langkah hukum.
"Ini jelas merupakan pelanggaran berat atas hak privasi. Kami telah menghubungi pihak yang berwenang dan akan menuntut siapa pun yang memposting foto Jennifer Lawrence yang dicuri," kata juru bicara Jennifer Lawrence kepada wartawan acara Newsbeat BBC.
Mary Elizabeth Winstead, yang membintangi A Good Day to Die Hard, juga mengakui foto-foto itu memang miliknya.
Daftar panjang
"Bagi mereka yang melihat foto yang diambil bersama suami saya beberapa tahun lalu secara pribadi di rumah kami, saya harap kamu bisa merasa bangga akan dirimu sendiri," kata Winstead di Twitter."Karena foto-foto ini sudah dihapus sejak lama, saya bisa membayangkan betapa banyaknya usaha yang dilakukan untuk mendapatkan foto-foto ini."
"Saya ikut bersimpati pada orang lain yang juga diretas," kata Winstead yang kemudian mengumumkan bahwa ia akan "ke luar sementara dari internet" karena banyaknya gangguan yang diterimanya.
Daftar selebriti yang disebutkan diretas sangat panjang dan juga menampilkan nama-nama seperti Avril Lavigne, Cara Delevingne, Jenny McCarthy dan Kaley Cuoco.
ENGLISH
Artist nude photo spread hackers
1 September 2014
Jennifer Lawrence, an Oscar winner for AktrisTerbaik in 2013.
Nude photos of artists, including Jennifer Lawrence disseminated online by hackers.
Although a number of them say the photos are fake photos, other artists say that it is true that a picture of them.
The female star of the target, including Rihanna, Kate Upton, Selena Gomez and Kim Kardashian.
Agent for Jeniifer Lawrence said his team will take legal steps.
"This is clearly a gross violation of the right to privacy. We have contacted the authorities and will sue anyone who posted a photo of Jennifer Lawrence being stolen," said spokeswoman Jennifer Lawrence told BBC Newsbeat reporter event.
Mary Elizabeth Winstead, who starred in A Good Day to Die Hard, also admitted the photos were indeed hers.
The long list of
"For those who saw the photos taken with my husband a few years ago in person at our home, I hope you can feel proud of yourself," Winstead said on Twitter.
"Because these pictures have long since removed, I can imagine how much effort to get these photos."
"I'm sympathetic to other people who also hacked," said Winstead who later announced that he would be "out a while on the internet" because of the many distractions that it receives.
List of hacked celebrities mentioned are very long and also displays the names such as Avril Lavigne, How Delevingne, Jenny McCarthy and Kaley Cuoco.
source
Apakah sistem password sudah kadaluarsa?
Passwords sungguh menyebalkan. Kita memilih angka
atau kata yang sederhana dan mudah diingat tapi juga mudah ditebak oleh
peretas.
Namun kita tetap melupakannya dan mereka juga sering sekali dicuri.
Pencurian 1,2 miliar password email oleh peretas Rusia awal bulan ini hanya satu dari rangkaian panjang pembobolan keamanan password sehingga banyak orang bertanya-tanya apakah sudah saatnya mencoba sistem keamanan baru.
Tetapi apa saja alternatifnya?
Satu opsi rendah biaya, menurut Dr Ant Allan,
pakar keaslian di Gartner Research, bisa jadi adalah biometrik,
menggunakan mikrofon, kamera dan kamera web yang terdapat di banyak
komputer dan peralatan komunikasi bergerak.
Hal yang paling sederhana untuk mengakses sistem
adalah melalui pengenalan wajah atau "pengecekan keaslian dengan
selfie," demikian sebutan Dr Allan karena hal itu akan mewajibkan
pengguna untuk tidak melakukan lebih dari melihat ke layar komputer atau
ponsel pintar mereka.
Mengakses dengan menggunakan pengenalan suara juga dianggap efektif, kata dia.
Keamanan untuk metode-metode ini bisa diperkuat
dengan informasi kontekstual seperti data GPS dari ponsel atau waktu
pada hari itu.
Jika seorang pengguna berusaha mengakses suatu
sistem di jam atau lokasi yang tidak biasa, maka informasi pengecekan
keaslian tambahan bisa diterapkan.
ENGLISH
Is the system password has expired?
Passwords really sucks. We choose a number or word that is simple and easy to remember but also easily guessed by hackers.
But we still forget and they are also often stolen.
1.2 billion email password theft by Russian hackers earlier this month just one of a long series of password security breaches so many people are wondering whether it is time to try a new security system.
But what are the alternatives?
One low-cost option, according to Dr. Ant Allan, authenticity experts at Gartner Research, could be a biometric, using a microphone, camera and web camera are contained in many computers and mobile communication devices.
The simplest thing to access the system is through facial recognition or "checking the authenticity of the selfie," said Dr. Allan designation because it would not require the user to do more than look at the screen of their computer or smart phone.
Access using voice recognition are also considered to be effective, he said.
Security for these methods can be reinforced with contextual information such as GPS data from the phone or the time of day.
If a user attempts to access a system clock or an unusual location, then checking the authenticity of additional information can be applied.
Passwords really sucks. We choose a number or word that is simple and easy to remember but also easily guessed by hackers.
But we still forget and they are also often stolen.
1.2 billion email password theft by Russian hackers earlier this month just one of a long series of password security breaches so many people are wondering whether it is time to try a new security system.
But what are the alternatives?
One low-cost option, according to Dr. Ant Allan, authenticity experts at Gartner Research, could be a biometric, using a microphone, camera and web camera are contained in many computers and mobile communication devices.
The simplest thing to access the system is through facial recognition or "checking the authenticity of the selfie," said Dr. Allan designation because it would not require the user to do more than look at the screen of their computer or smart phone.
Access using voice recognition are also considered to be effective, he said.
Security for these methods can be reinforced with contextual information such as GPS data from the phone or the time of day.
If a user attempts to access a system clock or an unusual location, then checking the authenticity of additional information can be applied.
source
Tidak ada komentar:
Posting Komentar