Massive Epic Celebrity Nude Leak

By Sonne
in Real World News

 Share

Recommended Posts

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted

These Celebs need better passwords

 

mJ}FrO]t-MCjH)B-G&` anyone?

 

a celeb you'd think they would realize they are going to be the target of attack and for god sake keep your nude photos in something like like a trucrypt container, not the god damn cloud.

 

Having said that, Jennifer Lawrence does have nice ######.

  • timster and The Evil Overlord
  • Like 2
Grand Master

Nagisan

Posted
Posted

and? :shifty:  what's underage any way :p Laws vary by country

While true, "underage" is not the same as age of consent. For example, in the US it is illegal for any person under the age of 18 to view, or perform in, a pornographic film, even if the age of consent is (for example) 16 in that state.

 

I'm sure other countries have their own laws pertaining to minimum age for someone to view, or perform in, pornography (photography included), and it's not always the same as age of consent (or even age of majority, which is the age you are legally considered a adult).

Grand Master

+Frank B. Subscriber²

Posted
  • Subscriber²
Posted

And? It's illegal, buddy.

You realise that not everything that's illegal in the US is illegal in other countries, right?

I don't condone the photo leak. But going 'Oh no, she was only 17 when the photo was taken - avert your eyes!' is downright ridiculous.

  • pallipdrsn0, Depicus and The Evil Overlord
  • Like 3
Grand Master

timster

Posted
Posted

Does that mean, that according to US law, the underage girl is also guilty of production and possibly distribution (if she sent them to someone) of child porn?

yes. lock her up and treat her like a real criminal. because hurrr durrr it's the law and we most follow every single law to a tee!

 

*not sure if you caught the sarcasm, but I was being sarcastic.

Grand Master

HawkMan

Posted
Posted

These Celebs need better passwords

 

mJ}FrO]t-MCjH)B-G&` anyone?

 

a celeb you'd think they would realize they are going to be the target of attack and for god sake keep your nude photos in something like like a trucrypt container, not the god damn cloud.

 

Having said that, Jennifer Lawrence does have nice ######.

 

what do you think is the safer password,, that impossible to remember mess you put up there or "onedaythehorseateallthecheeseforthewin"

Grand Master

Skiver Veteran

Posted
  • Veteran
Posted

what do you think is the safer password,, that impossible to remember mess you put up there or "onedaythehorseateallthecheeseforthewin"

 

Given all of this you can question the safety around it also but.... Soemthing like LastPass generates random passwords based on how you set it so that you don't need to remember it.

 

However to truly answer your question, in the world of decrypting passwords, the quoted password as far as my eyes can tell have no repeating letters (case differences do make a difference) whereas yours does, therefore if someone's method decrypted the first character, they can then safely work out at least another 2 from the entire password. I'm not working it all out however I suspect by getting to roughly half way they would have the vast majority if not all of your password decrypted completely.

 

So yes, his is safer. People seem to think that passwords are "guessed" where more often then not they are decrypted from a websites own password vault. in which I know I've said elsewhere related to this topic, when you couple that with people using the same passwords for mulitple sites means it gets very easy to get access to other things like iCloud for instance.

Grand Master

Praetor

Posted
Posted

Given all of this you can question the safety around it also but.... Soemthing like LastPass generates random passwords based on how you set it so that you don't need to remember it.

 

However to truly answer your question, in the world of decrypting passwords, the quoted password as far as my eyes can tell have no repeating letters (case differences do make a difference) whereas yours does, therefore if someone's method decrypted the first character, they can then safely work out at least another 2 from the entire password. I'm not working it all out however I suspect by getting to roughly half way they would have the vast majority if not all of your password decrypted completely.

 

So yes, his is safer. People seem to think that passwords are "guessed" where more often then not they are decrypted from a websites own password vault. in which I know I've said elsewhere related to this topic, when you couple that with people using the same passwords for mulitple sites means it gets very easy to get access to other things like iCloud for instance.

 

actually, no; according to Gibson (https://www.grc.com/haystack.htm) the password Hawkman posted is not only easier to remember but also safer because it has more characters, meaning the space to search is much, much bigger then the Warwagon one. And it has less entropy as well.

Grand Master

Skiver Veteran

Posted
  • Veteran
Posted

actually, no; according to Gibson (https://www.grc.com/haystack.htm) the password Hawkman posted is not only easier to remember but also safer because it has more characters, meaning the space to search is much, much bigger then the Warwagon one. And it has less entropy as well.

 

Using that website, and unless I have missunderstood, it's aimed at brute forcing which is lets take a bunch of passwords and guess. So it's saying if you had an application that would come up with structures it would take longer yes.

 

But if you read what I wrote I'm talking about the ability of decrypting passwords, something that would be used IN a brute force attack. So we are technically talking two different things.

Grand Master

Praetor

Posted
Posted (edited)

Using that website, and unless I have missunderstood, it's aimed at brute forcing which is lets take a bunch of passwords and guess. So it's saying if you had an application that would come up with structures it would take longer yes.

 

But if you read what I wrote I'm talking about the ability of decrypting passwords, something that would be used IN a brute force attack. So we are technically talking two different things.

 

The fact that the password Hawkman posted has 38 characters and a search space of 6.11 x 10^53 makes it extremely difficult to decrypt; the Warwagon one, on the other hand, as "only" 19 characters but a higher entropy (85) then Hawkman's (26); still the search space is less (4.61 x 10^36).

 

Both are very strong, but one is much more easier to remember :)

Grand Master

HawkMan

Posted
Posted

the quoted password as far as my eyes can tell have no repeating letters (case differences do make a difference) whereas yours does, therefore if someone's method decrypted the first character, 

 

Doesn't really matter, how would they know they decrypted the first letter ? 

 

the only way to decrypt the password is to decrypt the whole thing, the decryptor doesn't know there is no special characters and because of it's length it needs to be brute forced, that means, it has to start with a single letter password(well probably 4 but for simplicity) it needs to check that character against every single possibility, then it has to go to two characters, and check every single possibility of the first one with every single possibility on the second one.  

 

Now witht he amount of characters in that password. without a quantum computer of some significance, you're not going to be able to break it. 

 

As for lastpass, that's all well and good, but what when you have to log into a service on a device/system where lastpass isn't a possibility, say... oh iCloud on your iDevice ;)

Veteran

Setnom

Posted
Posted

I'm so very sorry that this happened to women I really like, like Jennifer Lawrence or Kate Upton. Privacy is important.

Nevertheless, as a man I don't feel ashamed to say I was delighted to see the pictures. Those two women are beautiful.
Grand Master

Skiver Veteran

Posted
  • Veteran
Posted

Doesn't really matter, how would they know they decrypted the first letter ? 

 

the only way to decrypt the password is to decrypt the whole thing, the decryptor doesn't know there is no special characters and because of it's length it needs to be brute forced, that means, it has to start with a single letter password(well probably 4 but for simplicity) it needs to check that character against every single possibility, then it has to go to two characters, and check every single possibility of the first one with every single possibility on the second one.  

 

Now witht he amount of characters in that password. without a quantum computer of some significance, you're not going to be able to break it. 

 

As for lastpass, that's all well and good, but what when you have to log into a service on a device/system where lastpass isn't a possibility, say... oh iCloud on your iDevice ;)

 

Maybe my understanding of password decryption tools are wrong but I was under the impression the tools were smart enough to work out when more than one character were the same therefore knowing that once it's got one character, if there are others with the same value then it makes a safe assumption to repeat that part, therefore making it quicker.

 

I've not used LastPass for Android but I know it's available so I would assume it's available for iOS too which would give you the answer to your iDevice :). Sure it's a premium feature but given the nature of this topic, these victims can probably afford it! In fact I bet LastPass would probably jump at the chance to get anyone of these on board as a "I know use LastPass" to secure my data kinda advertisement and offer it for free.

Grand Master

cork1958

Posted
Posted

i hope this will tarnish cloud reputation even more :laugh:.

And I seriously hope to see various lawsuit due this breach :rofl:.

 

I just loves seeing big corps getting sued.

 

No doubt. Always thought that cloud crap was one of the dumbest things ever, but everybody is falling all over themselves to think it's the coolest thing ever!

  • Torolol and pallipdrsn0
  • Like 2
This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • It's about to become harder to turn off your Samsung TV, thanks to Instagram

      By ad47uk · Posted

      I have a TV, but it is not used for normal linear TV, only streaming and it is not a Samsung and the best bit is, I don;'t and never have had a Instagram account. The only thing I have to do with Meta is Faceache and I only keep that just for the messaging part.
    • Valve finally confirms Steam Machine prices, starts at $1049 for 512GB option

      By Co-ords · Posted

      What about HL3?
    • Valve finally confirms Steam Machine prices, starts at $1049 for 512GB option

      By ShadeOfBlue · Posted

      But building your own.. what? You can't build anything like the Steam Machine yourself. Even trying to get close costs a good deal more. Even just the CPU cooler in their price comparison is as big as the entire Steam Machine. If you want a regular gaming PC, then by all means, build that. If you want a a small console-like PC for the living room that is good for gaming, I'm not sure what else is a better deal. In the GN review, they only mentioned a small form factor Dell, which is like twice the size and hundreds of dollars more expensive.
    • Valve finally confirms Steam Machine prices, starts at $1049 for 512GB option

      By ShadeOfBlue · Posted

      Those are some popular multiplayer games. But hardly "all". Just those that don't work on Linux currently due to specific anti-cheat implementations. I think it's also fair to point out the literally thousands of games that don't work on the PS5. And it's not locked at 1080p. That's the default, which you can change.
    • Ubuntu Livepatch arrives on Arm64 to eliminate system reboots for kernel updates

      By zikalify · Posted

      Ubuntu Livepatch arrives on Arm64 to eliminate system reboots for kernel updates by Paul Hill Canonical has just announced that its Livepatch service now supports computers with Arm64 processors. For those who are not familiar, Livepatch allows users to apply important kernel updates without any service interruption or rebooting. While home users will benefit from this, it’s even more important for critical machines that absolutely should not be going offline at all. The feature is available as part of Ubuntu Core 26 for Arm64 and Ubuntu Core 20 and onwards for AMD64. According to Canonical, this will improve the security of systems that aren’t security-maintained daily or weekly, and it helps organizations work towards Cyber Resilience Act (CRA) compliance. If you are familiar with Ubuntu, you probably know that most packages can be updated without having to restart the system. There is one big exception to this, and that’s the kernel; it typically requires you to reload the system to boot into the new kernel. With Livepatch, Canonical has done something so that you don’t need to restart to begin using the new kernel. Aside from Ubuntu Core 26, users with Arm64 chips running Ubuntu 26.04 LTS can also use Livepatch. If you want to learn more about Livepatch, check out its product page. There, you can also find a button to join Ubuntu Pro (it’s free for several home devices) so that you can enable Livepatch. By linking your computer to Ubuntu Pro, you will also extend the life of your Ubuntu install from five years to ten years. If you are running Ubuntu, let us know in the comments if you have been looking forward to this feature on your ARM-based computer. If you’ve had a compatible AMD64 machine for a while and never used this feature, let us know why in the comments!

  • Recent Achievements

    • One Month Later
      nates earned a badge
      One Month Later
    • Week One Done
      Almohandis earned a badge
      Week One Done
    • Rookie
      dorf went up a rank
      Rookie
    • First Post
      mike_rumble earned a badge
      First Post
    • Dedicated
      tuben earned a badge
      Dedicated

  • Popular Contributors

    1. 1
      +primortal
      497
    2. 2
      +Edouard
      205
    3. 3
      PsYcHoKiLLa
      94
    4. 4
      Michael Scrip
      89
    5. 5
      neufuse
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!