The Myth Of The Private Naked Selfie
Apple's iCloud hack involving nude photos of celebrities is different from many of the other hacks we've heard about. When hackers steal credit cards — like with Target or allegedly now with Home Depot — the expense falls on the retailer and the banks. And these companies can cancel and replace credit card numbers to contain the damage.
But in this case involving Apple, just about all the damage falls on the user, like actress Kirsten Dunst. And you can't take back the images. They're out there forever.
Here are some questions we thought you might be asking:
Is the lesson here just: Don't trust the cloud, don't put anything else online?
Well, that's one lesson. But it's not very realistic given how much people like being able to view and upload their data from anywhere — from their iPhone or their tablet, from work, from home. All of that mobility is super-convenient.
But there are ways to have that convenience and a lot more security, too. Consider this analogy: When you've got family jewels and you put them in a bank vault, you need more than one key to get in. There's your key and the bank's, and then some ID checks. So when we're putting more and more piles of valuable data into online vaults — like pictures and financial information — there should be more keys to protect that data. Several security experts tell us more keys (and a better lockout procedure for using too many faulty passwords) would have prevented the Apple hack.
We've been calling it the "Apple hack," but didn't Apple deny that any breach had happened?
That's right. Apple put out a statement that was very carefully worded — and that some say is intentionally vague. The company says that according to the cases it has investigated, hackers didn't breach iCloud or Find My iPhone.
But it's entirely possible that another computer program that talks to iCloud, for example, and that has access to iCloud data was breached. So hackers could get the data they wanted that way. NPR asked Apple about this possibility, and the company has not yet denied it or ruled it out publicly.
If you don't want sensitive stuff on Apple or Google servers, does deleting it from your phone mean it won't go to the cloud? For example, is a naked selfie on your smartphone ever really private?
No! On a smartphone, the completely private naked selfie is a myth. A user has to take explicit steps to disable what's called "automated backups." Otherwise, Apple and Google are copying every picture to their servers. And it's really common in these phone-related breaches for the hackers to target those backups. (Directions on how to turn backups on and off are here for Google and Apple iCloud.)
Lonnie Benavides, an information security expert at DocuSign, wants tech companies to create a new feature: "I believe that when I click delete on my phone, I should be offered the option of permanently deleting that file in a manner that assures me it's really deleted. I think as a customer, I have a right to this."
Has Apple done enough to protect its customers?
Meh. There's a way to protect an account through a process called two-factor authentication. Basically, you have to use your password, and, separately, you might have to reply to a text to your smartphone, to confirm it's really you.
This two-factor process has been around for a while. But Apple just introduced it into the iCloud Web app in June, according to Apple Insider. And a security firm that audited the feature found that Apple left some gaping holes. According to Gary McGraw of Cigital, Apple also failed to market the technology. Especially with people in high-risk categories, like celebrities and politicians, it wouldn't have hurt to say: "Boy should you guys use this!" Twitter, in contrast, was very forthcoming when it rolled out this security option after the embarrassing White House hack.
There could be a real cultural issue at play. Right now, leading tech companies including Google, Twitter and Cigital are sharing information internally about security breaches. But, McGraw says, Apple is reluctant to talk with peers. "Really, Apple is a very secretive place," he says. "Their culture is that way because [founder] Steve Jobs was that way."
This celebrity hacking spree doesn't come at a very good time for Apple.
It's very bad timing. Apple is expected to make a big announcement next week that it's partnering with Visa and others to turn its next iPhone into a mobile wallet. That means not just a smartphone, but a financial instrument. Apple is also building more tools for health tracking. It already has apps to let you record and store your heart rate and blood sugar to the cloud. David Amsler, CIO with Foreground Security, says given the weakness of current security practices, these mobile financial and health features are "not something I would entertain at this point or feel comfortable recommending to anyone, either."
DON GONYEA, HOST:
The the recent exposure of nude photos of celebrities taken from their Apple iCloud accounts is very different in some ways from many of the other hackings we've heard about lately. When hackers steal credit cards, like that major breach last year at Target, the expense can be absorbed by the retailers and banks. Credit cards can be canceled to contain the damage. But in this case involving Apple, just about all of the impact falls on the phone and photos' owners - like actress Jennifer Lawrence. Simply put, you can't take back the images once they're out there. Joining us now is NPR's Aarti Shahani. Good morning.
AARTI SHAHANI, BYLINE: Good morning.
GONYEA: So obviously, we need to say that these celebrities were victimized by the hackers. Their private photos were stolen. But is there a larger lesson here - simply that nothing is private in the Cloud?
SHAHANI: I mean, that's one lesson, and some people are saying don't trust the cloud. But it's also kind of unrealistic given how much people like to view and upload their data from anywhere. But there is a way to have convenience as well as a lot more security. So if you take this analogy - when you've got family jewels and you put them in a bank vault, it takes more than one key to get in; there's your key and the bank's and then some ID checks.
So when you're putting more and more piles of valuable data into online vaults - like pictures and financial information - there should be more keys to protect that data. And a lot of people say more keys and a better lockout procedure would have prevented the Apple hack.
GONYEA: OK, we keep calling this a hack. But in fact, Apple denies that any breach has actually happened.
SHAHANI: That's right. Apple put out a statement that was very carefully worded and, you know, many would say intentionally vague. And Apple said that according to the cases they've investigated, hackers didn't breach iCloud or find my iPhone. But it's entirely possible that another computer program that talks to iCloud, for example, was breached. So hackers could get the data they wanted that way. And NPR asked Apple about this possibility. The company hasn't decided it or ruled it out publicly yet.
GONYEA: And if you don't want sensitive stuff on Apple or Google servers, does deleting it from your phone mean it won't go to the cloud? Say you've got a naked selfie on your smartphone, can that ever really be private?
SHAHANI: (Laughter) No. Listen, there is no such thing as a completely private naked selfie. On a smartphone, it's basically a myth. A user has to take explicit steps to disable what's called automated backups. Otherwise Apple and Google are copying every picture to their servers, and it's really common in these phone-related breaches for the hackers to target those backups. One expert I interviewed wants tech companies to create a new feature. So say I click delete on my phone, I should be offered the option to permanently delete the file from everywhere - from backup, from temporary folders - so that I know it's really deleted. And he says as customers, we have a right to this.
GONYEA: I mean, I guess the ultimate question is, has Apple really done enough to protect its customers?
SHAHANI: Well, I mean, there is a way to protect an account through a process that's called two-factor authentication. So basically you have a password that you use to get into your account, and then separately you might have to reply to a text message on your smartphone to confirm it's really you. So this two-factor process is something that Apple has introduced into iCloud. They could do a more thorough push to make sure that people, especially, you know, high-target people like celebrities are using it. And probably now the word is out that people have to use stronger processes.
GONYEA: All right, that's NPR's Aarti Shahani in San Francisco. Thanks for joining us.
SHAHANI: Thank you. Transcript provided by NPR, Copyright NPR.