Jeff Bezos’ security consultant suspects an unidentified “government entity.” UPDATE: An independent cybersecurity expert says not so fast.
From the Washington Post’s Manuel Roig-Franzia:
Gavin de Becker told us that he does not believe Jeff Bezos’ phone was hacked. He thinks it’s possible that a government entity might have got hold of his text messages.
Washington Posts @RoigFranzia says Bezos’ team thinks it’s possible that the text leaks were politically motivated and that a “government entity” accessed the Bezos texts and hoo boy that’s certainly something pic.twitter.com/MQuzNFbCed
— Andrew Lawrence (@ndrew_lawrence) February 8, 2019
Cue the full MSNBC video:
My take: No Apple angle yet, but this story is still developing. We don’t know what device, if any, Bezos used for intimate communications. He’s not a guy who spends a lot of time on a smartphone. His tweet last night was reportedly sent from an iPhone, but I couldn’t find any photos of him using one in the wild.
Meanwhile, if you haven’t read what Bezos posted on Medium last night, what are you waiting for? Here’s the link: No thank you, Mr. Pecker. For a first blog post, it’s not bad.
For what it’s worth, I have new admiration for the man. As Kara Swisher put it:
I don’t love
@JeffBezos in general, but I LOVE Jeff Bezos in particular here.
UPDATE: The Apple angle.
From Errata Security’s How Bezo’s dick pics might’ve been exposed by Robert Graham:
If the sexy images were sent via email, then likewise simply knowing her email password would grant somebody access to them. GMail makes it really easy to access old emails that you don’t care about anymore. You can likewise enable “two-factor authentication” to protect your email account, with a better factor that just text messages to your phone.
If she has an iPhone, and the pics were sent as normal text messages, then hacking her Apple account might reveal them. By default, iPhone’s back these up to the cloud (“iCloud”). But not so fast. Apple has strong-armed their customers to enable “two-factor authentication”, so the hacker would need to intercept the message.
But Apple text messages don’t always go across the phone system. When it’s two iPhones involved, or Apple-to-iPhone, such messages go across their end-to-end encrypted iMessage service, which even state actors like the NSA and FBI have trouble penetrating. Apple does a better job than anybody protecting their phones, such that even if I knew the password to your account, I’m not sure I could steal your sexting images.
Graham’s full take is worth a read. His point is that it’s relatively easy to guess a celebrity’s passwords by piggybacking on the work of professional hackers. You’ll want to get your own copy of Collection #1.