The Jennifer Lawrence Leak: Who Is at Risk Now?

The larger security problem, it seems, comes from a general misunderstanding about how a smartphone differs from, say, a large online forum. Most discreet people know not to upload nude photos onto the Internet but are unaware that a photograph shared privately, through a text message or e-mail, is hardly private at all. “Storing data on a phone carries an inherent risk,” Felten wrote. “The complexity of the software on our phones, and the network and cloud infrastructure to which they connect, makes it difficult to identify, let alone secure, all of the points of vulnerability. It’s prudent to assume that anything on your phone is potentially at risk.”

I wonder how much of this was caused by the simple fact that iCloud Photo Streams have always had a messy and confusing mental model. If you send a photo to someone directly from the Messages app, for example, by default it saves that image to the photo album. If it’s saved to the photo album, by default it uploads to your Photo Stream. Just like that, the image you meant to send to someone is also both in your camera roll and in iCloud. If you notice that private photo in your photo album and delete it, it’s not deleted from your Photo Stream, too. You have to switch over to that set of photos and also delete it there. It’s a mess.

Of course it’s possible some of these photos were meant to be kept, but I’m sure some, and maybe most, were meant to be ephemeral. I’ve never met a non-techie that understands what Photo Streams are, and it wouldn’t surprise me if that same confusion is why some of these photos were hackable in the first place.