The media crush will soon descend on Cupertino, California, as Apple prepares to announce what will surely be its newest iPhone, quite probably its latest laptops, and possibly its first smartwatch. When the new devices arrive next week, they’ll be tied together with an Apple operating system more dependent on the company’s cloud services than ever before. And as the world saw over the weekend, those cloud services might be about as secure as leaving your front door key under the mat.
The exact methods that led to the apparent breaches and theft of photos from celebrity iCloud accounts hasn’t been confirmed. Apple says the attacks were “very targeted” at specific user accounts, not the iCloud or Find My iPhone systems as a whole. But for the average user, how it was done is really beside the point. The message the world is hearing is that if it’s that easy to hack Jennifer Lawrence’s iCloud account, it’s probably that easy to hack mine too. For a company about to ask its users to entrust an even greater portion of their digital lives to its cloud, that’s the last thought Apple wants on anyone’s mind.
If all of this seems like a side note to the new features Apple nerds really care about, like a bigger iPhone screen, it’s not.
To refresh: Back in July, in a keynote widely hailed as the return of the company’s mojo, Apple announced a major refresh of iOS that would tie together users’ iPhones, iPads, and MacBooks more closely via the cloud. Among the most obvious was iCloud Drive, a Dropbox clone primed to finally make iCloud’s backup and syncing features less esoteric. Even more significantly, Apple released CloudKit, a set of tools for developers to build all kinds of third-party apps on top of iCloud, which let them outsource such tasks as data storage, syncing, and user authentication to Apple.
This last feature is especially unnerving in light of the celebrity photo hacks, since it allows access to other apps based on a user’s Apple ID —the same ID that would seem to have been compromised to gain entry to celebrities’ iCloud accounts. Regardless, once the account is compromised, whatever data it’s storing is likely compromised too.
All About the Cloud
If all of this seems like a side note to the new features Apple nerds really care about, like a bigger iPhone screen, it’s not. As Andreessen Horowitz’s Ben Evans noted after the Worldwide Developer’s Conference in July, “iOS 8 is really iOS 2.0,” and that next generation of Apple’s flagship mobile operating system is all about the cloud.
“For Apple, a lot of iOS 8 is about removing reasons to use the web at all, pulling more and more of the cloud into apps,” Evans writes. As Google stitches the web ever more tightly into Android’s fabric, Apple is embracing a closed system powered by its private cloud. And it’s that cloud that’s just become harder to trust.
In response to the hacks, Apple says it’s investigating. But as we at WIRED know all too well, this hardly the first time an iCloud account has been hacked with disastrous consequences. If Apple were a startup like Dropbox, such a high-profile theft of users’ sensitive, private data could spell the difference between success and failure as a company. If iCloud really is this poorly locked down, Apple starts to look like a company that has so much money it feels it can afford to be complacent.
No comments:
Post a Comment