Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

How iCloud Really Works

September 4, 2014

The Register came out blasting Apple for their lame excuse saying that if the celebrities had used two-factor authentication their nude selfies would be safe. The Register points out that you can install the iCloud backup data to any new devices by just having the Apple ID and password. No two-factor authentication needed. That doesn’t sound like a good design to me.

And it’s not just the current backup data. Checkpoint, a security appliance vendor, stated "After a hacker has obtained the appropriate iCloud username and password for a person, they can use tools like dr.fone to recover data from the three revisions of iCloud backups – which can include content that the user thought was deleted."

Oh my. As I said yesterday, the user should control their data access and encrypt anything they want to protect. The mantra should be…don’t trust the vendor.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com