Scarlett Johansson, Jennifer Lawrence, Kate Upton... the list of hacked celebs goes on

While we weren't laboring, hackers have downloaded celebrities' sexting pictures, to the surprise of few (and to the delight of many teenagers). It would appear that the victims' iCloud passwords were either phished or brute-forced, perhaps with the aid of a vulnerability, since closed.
Featured Resource
Presented by Scribe Software
10 Best Practices for Integrating Data

Data integration is often underestimated and poorly implemented, taking time and resources. Yet it
Learn More

And, no, I'm not going to tell you where to find the stolen images.

In IT Blogwatch, bloggers wonder why 4chan's webserver is melting. Not to mention: ScarJo can't sing…

Your humble blogwatcher curated these bloggy bits for your entertainment.

 
According to Aunty's sub-eds, "cloud" is still a word that needs putting in "quotes":

    The FBI is looking into allegations that intimate pictures of celebrities have been stolen. ... About 20 personalities...have had images of themselves leaked over the Internet.
    …
    Apple says it is investigating [reports that] iCloud accounts have been hacked. ... [Jennifer] Lawrence, who stars in The Hunger Games films...requested an investigation after a hacker apparently obtained...graphic content, from the mobile phones of numerous celebrities. ... A spokeswoman for the actress said the internet posts were "a flagrant violation of privacy."  MORE

 
Shaun Waterman desperately tries to avoid prurience: [You'd better avoid it too, else you're fired -Ed.]

    The theft of the pictures, apparently from the actress’ own smartphone, is the latest in a series of hacking attacks against celebrities. ... “The FBI is investigating a person or group responsible for computer intrusions of high-profile figures,” said Arielle B. DeKofsky, a spokeswoman for the FBI.
    …
    Two photographs of Miss Johansson were posted. ... In one picture, the actress can be seen in a mirror, naked from behind, photographing herself. ... The TMZ Hollywood news service said the hackers who stole Miss Johansson’s photos were also behind a series of other cyberthefts of candid photos of young actresses.  MORE

 
Charles Arthur takes a break from trolling other writers on Twitter, to write this insightful, in-depth report:

    Security experts are warning that there could be many more compromised celebrity iCloud accounts after examining file data...stolen from stars including...Kate Upton. One theory gaining ground is that...pictures had been accumulated by one hacker over a period of time - and were then “popped” by another.
    …
    The posting to Github of an exploit against Apple’s Find My iPhone service three days ago, which could use a “brute-force” attack...points to the existence of weak links in Apple’s service. ... The original hack looks to have been done by “chaining” between accounts:..the hacker could access [one] address book and use that to attack others’.
    …
    Apple has still issued no statement on how many accounts on its iCloud service were broken into.  MORE

What Readers Like

    Backoff malware infections are more widespread than thought
    new ipad pro jony ive
    Size Matters: 13-inch iPad 'Pro' release date rumor redux
    Apple event invitation
    Apple makes Sept. 9 event official, hints at more than iPhone 6

 
So Kashmir Hill answers this very-FAQ:

    Predictably, many people respond to these famous women’s revealing photos going viral by saying they shouldn’t have taken naked photos of themselves in the first place. ... This is the “sext abstinence education” approach to scandalous selfies. [But] it’s not practical advice for most people. The digital age has changed courtship in many ways, and this is one of them. [It's] increasingly part of the sexual repertoire; phones have become sex toys.
    …
    If it is Apple’s infrastructure to blame, many of these people may not have realized that their photos were being sent to the cloud. ... Whenever a hack happens, there is a tension between the poor practices of the individuals hacked and the company that was supposed to protect their data.  MORE

 
And the ACLU's Christopher Soghoian notes three un-sexy issues:

    If...account passwords were brute forced, the problem seems to be lack of rate limiting by Apple.
    …
    The computer security community doesn't really know how to secure data...with a short, mobile friendly password.
    …
    Regular people use the default settings that come with products. We need...better defaults.  MORE

 
"But," I hear you ask, "What's this 4chan thing?" Terrence McCoy obliges: [Careful -Ed.]
Popular Resources

    Video/Webcast
    Sponsored
    Cloud BI Overview: Jaspersoft for AWS
    White Paper
    Managing Exchange in a Post-PC World

See All

    It’s possible you’ve never heard of 4chan. It’s not much to look at. ... Called one the “darkest corners of the Web”...and the “ninth circle of Hell,” 4chan twins the irreverent with the abhorrent.
    …
    The exact provenance of the images remains murky, like almost everything involving 4chan. [But] what makes 4chan unique may complicate the [FBI] investigation. ... 4chan users operate with complete anonymity.  MORE

 
All of which makes Philip Elmer-DeWitt gaze wistfully at his calendar:

    It almost doesn’t matter if Apple was to blame for the security leak. ... Says Stratechery’s Ben Thompson, the timing couldn’t be worse:
    …
    “The iCloud name is associated with this mess, which is bad enough; [but] Apple is allegedly unveiling a new payment capability with the iPhone 6. That, obviously, requires a high degree of security and consumer trust. ... Close observers know that Apple has never really done the cloud well. However, with this episode, that final point has now moved...to [being] a serious problem for Apple. ... And now, one of Tim Cook’s signature-rollouts is going to be tarnished.”  MORE

 
Meanwhile, Taylor Swift tweets what all the infosec professions are thinking: [Uh, are you sure that's really Ms. Swift? -Ed.]

    Computer security's dirty little secret is how much of the "hacking" people hear about is just brain-dead, color-by-numbers stuff.  MORE

 
Update: Apple breaks its silence (via Bob Brown):

    We wanted to provide an update to our investigation. ... When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. ... We have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions. ... None of the cases we have investigated has resulted from any breach in any of Apple’s systems.