Apple's Tim Cook has finally spoken up regarding the recent scandal that rocked its iCloud service. The Chief Executive promised that the company will implement new alerts to notify users when something seems amiss on their iCloud accounts, while at the same time still categorically denying the company's complacency in securing users' data.
Presently, iCloud already alerts users when someone, whether the user or someone else, is trying to change their iCloud password or when logging in for the first time on a new or unknown Apple device. The new alert will add one more to that set, notifying users when their iCloud data is being "restored" to a new device. That new feature may have been prompted by reports that hackers used forensics software to masquerade as a valid Apple device and restore backed up data on iCloud, thereby getting access to explicit photos of actresses which triggered this whole drama.
Cook, however, denies allegations and speculations that hackers were able to break into Apple's security in order gain access to those files. Instead, he says that the offenders were simply able to get a hold of those high-profile accounts using their own username and passwords, gathered either from phishing scams or by answering security questions correctly. He also denied that the company has been lax in implementing security and points out features like Touch ID and two-step authentications that are already in place. The only problem is, users don't use them.
He admits that they could have done a better job at raising awareness, something that this new iCloud alert feature seeks to address. He also says that Apple will expand its authentication processes to require more authorization before being able to access critical information or change account settings. These security measures could very well be implemented when iOS 8 and the new iPhone 6 formally launch this month.
Naturally, there are those who doubt these measures. Some claim that, when given a choice between ease of use and security, Apple will err on the side of the former, Secondly, the new alerts are seemingly only a band aid, as it will only alert the user after the fact, when someone already has access to their iCloud credentials in the first place.
SOURCE: Wall Street Journal