And so mainstream news is up in arms about insecurity the cloud as a result of the over exposure of some already over-exposed celebrities. “Is the Cloud safe?” trumpeted the BBC news last night before we had the inevitable clip of their Technology correspondent Rory Cellan-Jones looking up at the sky outside of Broadcasting House before remarking that it wasn’t those sorts of clouds.
From reports coming out of Apple at the moment it looks like Occam’s Razor holds. Single authentication and rubbish passwords are the most likely cause of these latest hacks.
I’ve been banging on about two-factor authentication for quite some time now. I’m still amazed by how many people (particularly people who work in tech) don’t use it on common consumer services. Blame a combination of naivety, laziness and the complexity of setting the things up.
That last point is the one where service providers need to wake up. The reason why two-factor authentication isn’t a default or mandatory on any major service is because service providers are paranoid that it will introduce “friction” into sign-up processes. In short, the obsession with creating a mass user base that underpins the business model of so many of these services takes precedent over whether the service as a whole is secure for the individual and, because of the social nature of many of these services, the rest of us too.
Ultimately it will all break and the service providers will have to do something. And I personally would feel far happier if consumer cloud services allowed weak (but memorable) passwords but enforced second-factor authentication rather than what we usually have at the moment. Maybe these pictures of nude celebrities will take us a bit further along that better path…