iCloud Hacks leaks continue with Sarah Shahi even as private files end up on Apple’s iCloud without consent

The iCloud Hacks continue unabated though the flow of the leaks has waned considerably with none of top names figure in the leaks in past two weeks.  This weekend iCloud Hacks leaks just contain one Hollywood personality, Sarah Shahi.  The leaks came exactly as promised, that is on Saturday but the iCloud Hacker has claimed that he has big ones which he will share in coming time.

Back to the iCloud hack leaks, the latest victim is a former NFL cheerleader, Sarah Shahi is best known for her roles in legal drama Fairly Legal in 2011–2012 and currently stars as Sameen Shaw on the CBS crime drama Person of Interest. She has also appeared as the female main role in Life, and in supporting roles in The L Word and Alias. She can be considered a B lister of Hollywood.

More leaks to come?

KroNos, in paste on Pastebin has claimed that the new iCloud hacks contain top Hollywood A listers like Natalie Portman, Penélope Cruz, Emma Stone, Emma Watson, Jennifer Aniston and Hilary Swank. However our research shows no images of above stars have been leaked over the weekend as promised by KroNos.  It may also be possible that the claims made by KroNos are fake.

The iCloud Leaks happened because of phishing, spear phishing and social engineering attacks on the Hollywood personalities.  This was disclosed by the CEO of Apple, Tim Cook himself.  But what happens when private files end up on iCloud without your consent which also means that they are available without login credentials.

After security researcher Jeffrey Paul upgraded the operating system on his MacBook Pro last week, he discovered that several of his personal files had found a new home – on the cloud. The computer had saved the files, which Paul thought resided only on his own encrypted hard drive, to a remote server Apple controlled.  Paul on his personal blog stated that it happened with his unsaved files which landed up on the iCloud without his permission.  A little research showed him that all Mac applications do the same. Here is a list of how Apple products work according to him

  • Open text editor, create some new documents. Store PII, passwords, seed values, phone call notes, love letters, et c. in them.
  • Quit text editor.
  • Reopen text editor several times over the course of a year, add more notes. Previous notes remain, safely in ~/Library/Saved Application State/ on my local, encrypted computer.
  • Upgrade to Yosemite
  • Notice that all of my locally-stored, “unsaved” documents open in my text editor have now been uploaded in full to a partner in NSA’s PRISM program.
  • Update, 26 October 2014: This happens for all applications (think iA Writer, Pixelmator, et c) that had saved application state. Any open and yet-unsaved document within an app is now silently and automatically uploaded to iCloud Drive.

Johns Hopkins University cryptographer Matthew D. Green tweeted his dismay after realizing that some private notes had found their way to iCloud.

While yet another cryptographer, Bruce Schneier, wrote a blog post calling the automatic saving function “both dangerous and poorly documented” by Apple.

The concern is simple, if Apple backs the files/images/videos without the owners permission, it is understood that the files will be available for prying eyes of third party as has happened in case of the now famous iCloud Hacks leaks.

Apple is still to comment on the allegations made by these three eminent people. Meanwhile Team Techworm will strive to bring you the latest in the high octane saga of iCloud Hacks.


Please enter your comment!
Please enter your name here

Read More

Suggested Post