Hollywood’s A-listers, it seems, can finally rest easy: “The Fappening,” the crude online moniker for the celebrity hacking melee (Internet slang for masturbation, as it were) that’s leaked thousands of stolen personal photos of nude stars online, from Oscar winner Jennifer Lawrence to supermodel Cara Delevingne to pop princess Rihanna, seems to be drawing to a close.
Whereas the first three waves of these malicious, misogynistic invasions of privacy have included some of the most famous women in the world—Scarlett Johansson, Kim Kardashian, Kate Upton, Ariana Grande, and others—the latest leaks seem to indicate that the pervy legion of hackers behind this sordid episode seem to be running out of ammo. The latest list of alleged victims consists of Victoria’s Secret model (and Leonardo DiCaprio ex) Erin Heatherton, actress Winona Ryder, television star AnnaLynne McCord (90210), singer Ingrid Michaelson, the first male victim in reality star Nick Hogan (son of Hulk Hogan), and a gaggle of foreign models and commercial actors. The biggest victims seem to be The Vampire Diaries’ Nina Dobrev, with 147 personal images (all fully-clothed) of the actress leaking online, as well as indie actress Zoe Kazan, with 43 images.
The latest leaks come in the wake of a pending lawsuit filed Oct. 1 by Marty Singer, a powerful Hollywood attorney representing over a dozen celebrities whose iCloud accounts were hacked and whose nude photos were stolen. Singer fired off a letter to Google founders Larry Page and Sergey Brin, along with executive chairman Eric Schmidt and the company’s legal counsel, threatening to sue the Internet giant for over $100 million for not only “failing to act expeditiously and responsibly to remove the images,” but also for engaging in “blatantly unethical behavior” and “making millions and profiting from the victimization of women.”
Singer’s letter, which came from his law firm of Lavely & Singer, claims they’ve sent over a dozen Digital Millennium Copyright Act (DMCA) violation notices to Google over the past month to “remove the unlawful images,” but that many images nonetheless remain on Google-owned sites like BlogSpot and YouTube.
“Google knows that the Images are hacked stolen property, private and confidential photos and videos unlawfully obtained and posted by pervert predators who are violating the victims’ privacy rights and basic human decency by stealing and displaying confidential private photos and videos (most of which depict the women in private settings, while nude or semi-nude, engaging in private intimate conduct) without the permission of the owners of the Images,” said the letter. “Yet Google has taken little or no action to stop these outrageous violations, or to limit the Images from appearing in Google search results.”
The letter claims that while other sites like Twitter have been “immediately removing the Images and suspending the offending user accounts, Google is perpetuating the despicable conduct of these habitual pervert predators….by allowing them to continue to operate and post Images with impunity.”
It even compared Google’s handling of “The Fappening” to the NFL’s botched handling of Baltimore Raven Ray Rice’s elevator assault scandal and the child abuse allegations against Minnesota Vikings star running back Adrian Peterson.
“Because the victims are celebrities with valuable publicity rights you do nothing—nothing but collect millions of dollars in advertising revenue… as you seek to capitalize on this scandal rather than quash it. Like the NFL, which turned a blind eye while its players assaulted and victimized women and children, Google has turned a blind eye while its sites repeatedly exploit and victimize these women.”
A day after Singer’s threatening letter was fired off, Google responded with a statement of its own. The Internet corporation claimed that they’ve acted swiftly in closing “hundreds of accounts” responsible for hosting the stolen content.
“Of course people continue to post these images on the web, so—like other online services—we rely on people notifying us to help us take them down, whether by flagging content, or filing DMCA (Digital Millennium Copyright Act) requests,” read the statement. “We’re removing these photos for community guidelines and policy violations (e.g. nudity and privacy violation) on YouTube, Blogger and Google+. For search we have historically taken a different approach as we reflect what’s online—but we remove these images when we receive valid copyright (DMCA) notices.”
Following the first wave of celebrity leaks, Apple released a statement claiming that the hacked iCloud accounts and subsequent leaked photos came about via “a very targeted attack on user names, passwords, and security questions,” and that after over 40 hours of investigation, “none of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.”
As I previously wrote, the gaping hole in iCloud’s security, as many of the people sharing these hacked photos on Reddit and 4chan message boards have pointed out, is that whereas most sites lock you out after a certain number of failed attempts at guessing one’s password security question, iCloud lets you try an unlimited number of attempts. Furthermore, The Daily Dot claimed to have uncovered email correspondences between Apple and a prominent security researcher, Ibrahim Balic, warning the company through its online bug submission platform of the weakness of iCloud’s security and alleging it to be very susceptible to “brute force” attacks—cracking passwords by exhausting thousands and thousands of key combinations. Balic claimed that he was allowed to try over 20,000 password combinations on a given account. The email exchange between Balic and Apple began in March and continued through May, with an Apple official repeatedly questioning Balic’s findings.
Interestingly enough, in the midst of all these leaks, Apple CEO Tim Cook and Google CEO Eric Schmidt are engaged in a pissing contest of sorts over their respective practices regarding users' privacy and personal data. Just last month, Cook took a swipe at (presumably) Google over how offended he felt by certain Internet companies’ collection of users’ personal data for profit.
“I think everyone has to ask, how do companies make their money?” said Cook. “Follow the money. And if they’re making money by collecting gobs of personal data, I think you have a right to be worried, and you should really understand what’s happening to that data.”
Schmidt addressed Cook’s indirect criticism of his company this past week, saying, “Someone didn’t brief him [Cook] correctly on Google’s policies… we have always been the leader in security and encryption. Our systems are far more secure and encrypted than anyone else, including Apple. They’re catching up, which is great.”