Common Sense in the Cloud Era

We’ve recently been hit over the head with the news reporting a supposed hack of Apple’s iCloud Service (perhaps not the service itself, but it could have been brute force password hacks, the “I forgot my password” questions or maybe even social engineering, all of which is still considered “hacking”) and the distribution of private photos of celebrities. This post may get slightly political, but I will my best to keep the political undertones to a minimum and attempt to focus solely on something that these celebs may be lacking and that is something called common sense.

We live in a cloud era. I detest that word because it means so much, yet it’s often misidentified or people just don’t have a clue what it means – there is the private cloud, the public cloud, the hybrid cloud – cloud this, cloud that, iCloud. What exactly is the “Cloud”? In this case, it just means somewhere other than you local device. I can, on my Android phone, set my photos to be backed up to “Google Drive”. This would be part of Google’s Cloud. It’s no longer local to my phone but it is offsite somewhere.

This has a lot of good things about it: I could lose my phone, but hey, my photos are still on Google Drive. I could trash my phone and not be able to get anything off of it, but hooray, my contacts are still sync’d with my Gmail account. This also means that once it is no longer on your device, that you no longer have complete control over it, and it is suddenly much more suceptible to hack attempts. Let’s face it, the only way you can get to something that is ONLY on my local device (provided internet / data connection is turned off) is to get my phone out of my physical hands and in to yours. This is true up until the point that is no longer only on my physical device – once it’s uploaded somewhere on the internet, there opens up a lot of new possibilities.

If you have something of value (in the celebs case, I would say, against better judgement, that naked pictures are of value), you become a target. That’s right, if you have anything of potential value, you become a target – and to the celebs out there, now that the hackers know that you keep naked pictures on your phone, you are about to become even more of a target.

There is a LOT of publicly available information about celebs. That means when choosing some “I forgot my password” questions, you need to do better than your birthday (public domain), your dogs name (public domain), your first boyfriend / girlfriend’s name (public domain).

So here it is – if you don’t EVER want incriminating data / photos to end up in the hands of the masses, don’t keep it somewhere connected. The “cloud” is only as safe as you make it with your passwords and guess phrases and it will NEVER be 100% foolproof. Even if you choose a password that is 48 alpha numeric characters long with special characters – if your password reset questions are simple and easy to guess (based off of information that can be found publicly), it’s still somewhat easy to get access to your accounts. Even if you choose insanely hard password reset questions and crazy long alpha-numeric passwords, if the software has a bug in it, it STILL may not be safe. This is the era we live in.

The advice of someone like me who works with cloud based devices is that you should never keep anything incriminating anywhere that may be remotely public and even then, it’s just not a good idea to take naked pictures and keep them on your phone. That has absolutely zero common sense to it, and to some people, it’s deemed as valuable information, which makes you a target.

I don’t think that the celebs can blame anyone but themselves for this happening to them, but I do still feel bad for them. I would not wish that to happen to anyone, but I find it pretty crude that the people that kids look up to are doing this kind of stuff, and really, it’s about common sense.