Hacked Celebrity Photos

4Chan doesn't have them, so they aren't yet in the public domain. But anyway, no confirmation that they were "nude" pictures - they were just "private" pictures.
In related news, she was at the table next to us at the pub about a month ago.

If you take a photo on your phone it goes to the cloud so she may have a lot she doesn't want seeing. Even if they are not rude photos, everything generally backs up there.

I'm interested in the thinking in general behind this. I've been in IT for 20-odd years and have seen it all from massive companies getting screwed to small companies moaning that they lost everything because their mate in IT kept the backup on a USB drive that was in his jeans pocket then washed and dried. And when the business had a break in / fire / delete as appropriate it's all gone. Forever.

I have an 8TB NAS at home that has all of my photos on and video's of my daughter through her life to date. In a bout of paranoia i bought a TB of storage on Onedrive as part of office and uploaded the lot. I still keep a copy on the NAS etc. but what if the house burns to the ground and i didn't have it in Microsofts 'safe' hands?

You can go mental thinking about who backs up the backups and who backs that up?

Unless you have something you would get into trouble for then what's the issue?

Highly encrypted portable hard-drive....

I would imagine any normal pics like that end up public on Facebook and Twitter anyway for most people these days.

Yes I have kids, don't take any dodgy photos of them. Anybody hacks my cloud they'd probably just end up confused.

Pippa response to that:

'I thought everyone had a crack in their arse?'

In other words, you've got to use discretion.

I keep a tremendous amount of data online with my accountant. Their data storage backup is impressive. Offline, different locations and backed up, ie the physical storage medium swopped, monthly. It costs of course, but it is reassuring.

I've got two locations for my confidential data both away from home. I had a flood in my house last Tuesday and not storing my backup HDDs at home was reinforced as a good idea.

Before updating the drives I disconnect from the internet, do a virus check of the computer and then connect the external HDDs. There is a fault with my system in that I only do it every calendar month as it takes time, and not an inconsiderable number of HDDs.

I get the mickey taken out of me a bit but I've been hit by a hacker. They got access to my email account and changed the renewal details on a URL. They took possession of it and then generously allowed me to buy it back at $10,000 first offer, although my host reckoned that I could get it for 'hundreds'. Strangely the email address was Yahoo/BT and this was 18 months ago. Isn't coincidence funny.

Don't use the same password for an email account and any other account. I'd read that but, of course, felt it didn't apply to me. No need to tell me I was an idiot and brought it all on myself. I've worked that out already.

Since then I've changed all my security systems and techniques.

I just meant this (cloud storage) is a brand new thing offered to a population who are still getting their head round the fact that the internet exists at all. It's inevitable people will not understand the implications of it all, and when these products are sold as being simple, convenient and secure, should we really be blaming the user when it turns out those claims aren't met?

Even when these hacks are exposed and tens of millions of account details get released into the wild, I don't think users really understand what that means but again, that's not necessarily all their fault.

The developers go to great lengths to make these things convenient for us, and it's abundantly clear that users will take convenience over security. With that in mind, shouldn't these systems force us to use more secure methods?

I mean, we know for a fact passwords are generally rubbish, and telling people doesn't really change anything. The software developers know this, so they know millions of accounts are vulnerable to being hacked, but they make stronger security solutions such as 2-step verification optional. Why?

Don't get me wrong, if your password is 'password123', it's hard to be sympathetic when you inevitably get hacked, but I think we should be pointing a lot of the blame at the providers of these services, instead of the people who use them. People are doing exactly what we know they will do, so the service providers have a responsibility to look after them accordingly.

Whilst I agree that people can be muppets w passwords and such, it really isn't as simple (IMO) as people suggest!

From memory, I think Apple insist on a new password that you have NEVER used before whenever you need to reset it? Others do similar and if we are 'forced' to use upper and lower case along with random characters and symbols, new passwords become very hard to remember without writing them down or storing them somewhere?

Across several banks, work systems and sites such as PH, how do most cope?

One good friend (IT bod funnily enough) uses phrases for passwords and has set patterns for upper and lower case (1st, 3rd and 7th for example.) You end up with (eg)

The Quick Brown Fox Jumps Over The Lazy Dog becomes:

TqBfjoTld

He then uses set alternates or substitutions - a=@ etc.

A real pain it seems but how on earth do you remember loads of password/phrases to avoid a cascade if someone hacks the system itself?

Blaming 'stupid users' isn't always fair..... 😂

Until someone hacks your "password manager" - then your online life is effectively over.