

iCloudHack: DropBox the More Likely Source - searchmartin
http://webmarketingschool.com/hollywood-hack-dropbox-likely-source/

======
Nexxxeh
The author seems to be assuming that any files on an iPhone were generated
originally by that iPhone. This obviously isn't the case, as I send stuff to
Android users, iPhone users, even WinMo users. And thus, photos from an
Android show up on an iPhone and, depending on the software used, are then
backed up to iCloud.

Another assumption is that it was the celebrity's account and only that
account that was compromised in every case. It could have been JLaw's
(ex-)boyfriend's iCloud account that was hacked, surely?

------
sp332
It certainly looks like multiple leakers and multiple sources. There are
various "official" bitcoin addresses, connected to different leaked content.
Most of it looks pretty amateurish. Probably after the first guy started
getting paid for leaked files, a bunch of other script kiddies jumped in.

~~~
searchmartin
I'd agree with that - on the press flaming that Apple are getting though - Im
just not buying it. Really feels more like a cloud storage hack than iCloud,
right?

~~~
sp332
Edit: Apple has confirmed that it was breached and celebrities were targeted.
[https://arstechnica.com/tech-policy/2014/09/apple-
confirms-c...](https://arstechnica.com/tech-policy/2014/09/apple-confirms-
celebrities-accounts-breached-in-highly-targeted-attack/)

Some of the leaks do look like iCloud backups though. Videos don't get
uploaded to Apple's "photo stream" so it would have to be an iCloud backup or,
less likely, a local backup that was uploaded to Dropbox. Right now it "feels
like" a lot of different leaks and leakers jumping on 4chan and demanding
bitcoins for their own little dumps.

------
jschrf
If I go to upload file A.zip to Dropbox, and it already exists in someone
else's Dropbox (has a matching hash), does Dropbox bother re-upload the entire
thing?

If not, then perhaps there's a way to test if the files came from Dropbox or
not.

------
searchmartin
I'd welcome the YCOM analysis of whats actually happened here, but iCloud just
doesnt feel like the issue...

