Apple has a very large problem right now.
I’m not talking about legal liability over the nude celebrity photos and videos being posted all over the internet right now (dubbed “The Fappening”), although I think that’s also an issue. Celebrities tend to have aggressive attorneys, and the damages here are extreme – some celebrities have had careers ended from leaked photos (while others have benefited)
But a much larger crisis looms – everyone, and I mean everyone, now knows that everything private they’ve done with their iPhone, if they use iCloud, is not only vulnerable, but extremely vulnerable.
The Next Web says that a tool that allows brute force attacks against the Find My iPhone service gives hackers a way in to iCloud.
That may or may not be what’s actually going on. Hacker Nik Cubrilovic, for example, says it isn’t slowing people down from accessing new accounts:
Apple patching FindMyPhone API isn't slowing down the celeb pic groups – watching them attempt to break new accounts right now on a forum.
— nik cubrilovic (@nikcub) September 2, 2014
And it doesn’t really matter. Even if Apple fixes the problem, or has fixed the problem with the patch they just released, or even if all of this was caused by something else entirely, they’re still screwed. The damage, the massive damage, has already been done, and people associate it with Apple.
Because everyone now understands that their phones aren’t secure. Even things they thought they deleted are vulnerable. That’s something that will haunt Apple for a decade.
I’m not talking about people who trade their iPhones for Android devices. That isn’t a big issue, and Android isn’t any more secure than Apple anyway.
I’m talking about the fact that people won’t feel the same way about their phones after this. Your phone is no longer a part of you. It’s a weapon, pointed at you.
— Mike Butcher (@mikebutcher) September 2, 2014