Apple promises to upgrade iCloud security after celebrity nude photos hack

Apple CEO Tim Cook promises iCloud security improvements, which will be implemented in two weeks

Apple CEO Tim Cook has promised to improve the security of its iCloud service after more than 100 celebrities were hacked, with the attackers publishing nude photos they found on the notorious 4Chan website.

These measures will include alerts to warn users of potential breaches of their iCloud account via both email and "push notices" to devices. Triggers for the new warnings might include changes to passwords, moving iCloud data to new devices or if another device tries to log into an account.

Apple will also make more widespread use of two-factor authentication, which typically involves sending a one-time code to someone's mobile phone, in addition to the use of a password.

The new measures will be implemented in the next two weeks.

There are, however, a number of disadvantages associated with two-factor authentication.

First, if a phone is lost or stolen the attacker can easily have access to the device to which the authentication code is being sent. Second, many companies use mobile phone numbers in order to build up their databases of personal information and as a unique identifying number to track people - Apple will need to assure users that it will only use the mobile phone number for security, and nothing else.

Finally, it is unclear whether these measures will defeat forensic software that is commonly used to crack iPhone and iCloud security. These include software suites from Russian security software vendor Elcomsoft that is widely used by law enforcement agencies around the world to crack iCloud security.

It has been suggested that the hackers in the celebrity iCloud hack used pirated copies of Elcomsoft's forensic software in order to uncover the celebrity's iCloud passwords and thereby to access their personal data.