All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com
Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd Deal Finder...
Buy other stuff at Amazon.com...
Capacities up to 48TB and speeds up to 1527MB/s
Small Business Tax Write-Off?
Now is the time to purchase computer or photo gear for 2018 federal tax write-off. Consult with Lloyd.

The 'Cloud' is DEFINITELY a Huge and Tempting Target for Hackers

MPG advice is to avoid the Cloud as much as possible, and to never store sensitive information in the cloud. The Cloud is a Bad Idea in general, for a litany of reasons.

See also Apple iCloud: Promiscous Saving for Security Lapses.

About a week ago, MPG wrote The 'Cloud' Remains a Huge and Tempting Target for Hackers, one in a string of security-related posts over the years.

The Wall Street Journal reports today in Apple’s iCloud Service Is Under Attack in Mainland China of a widespread and highly sophisticated “man in the middle” attack:

Taiwan-based Chinese Internet activist Zhou Shuguang tested the service and found that communication channels between iCloud users and the iCloud server had been hijacked by an attacker in what is known as a “man-in-the-middle” tactic, Mr. Zhou said. Separately, Erik Hjelmvik, an analyst with Netresec AB, a network-security-software vendor in Sweden, said Tuesday he reviewed data posted online by Chinese Internet users and arrived at a similar conclusion.

“It’s evident that it’s quite massive,” Mr. Hjelmvik said. He said the perpetrators were able to attack users in different parts of China who used different Internet service providers. “The attack was quite sophisticated in that they apparently have quite a huge system set up in order to be able to intercept on such a large scale.”

The attack meant unauthorized parties would be able to decrypt the communication between iCloud users and the server, analysts said. This puts the iCloud users’ usernames, passwords, files, pictures and contacts at risk of being seen unencrypted.

Just today, I see a Chinese-origin IP attacking this site’s SSL link. The world is full of scum, and there are no security guarantees.

When a site uses TLS/SSL, a man-in-the-middle attack isn’t perfect—the user does get a warning that the security certificate is invalid. But many if not most users just will be confused, get annoyed and click right on through. NEVER, EVER do that—take the warning seriously, because it might really be a MITM attack and you’ve just logged logged your username and password in the hacker’s database. It is a fair question to ask why a browser should ever even allow a user to click through a failed certificate, but so it is.

Deals Updated Daily at B&H Photo
View BEST Deals Right Now
B&H Deal ZoneDeals by Brand/Category/Savings
Deals expire in 131 min unless noted. Certain deals may last longer.
$599 SAVE $200 = 25.0% Canon 17-40mm f/4 EF L USM in Lenses: DSLR
$519 SAVE $130 = 20.0% Canon 70-200mm f/4 EF L USM in Lenses: DSLR
$449 SAVE $100 = 18.0% DJI Goggles Racing Edition in Video: Drones
$299 SAVE $50 = 14.0% $149 FREE ITEMS DJI Spark Quadcopter (Sunrise Yellow) in Video: Drones
$50 SAVE $100 = 66.0% Lowepro DroneGuard CS 400 in Video: Drones
$2497 SAVE $300 = 10.0% $29 FREE ITEMS Nikon 70-200mm f/2.8 AF-S NIKKOR E FL ED VR in Lenses: DSLR
$1099 SAVE $100 = 8.0% Sigma 85mm f/1.4 DG HSM Art in Lenses: DSLR
$898 SAVE $500 = 35.0% Sony a7 II Mirrorless in Cameras: Mirrorless
$898 SAVE $506 = 36.0% $19 FREE ITEMS Sony a7 II Mirrorless with Accessory Kit in Cameras: Mirrorless

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2008-2017 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__