MacResource My Category Tips and Deals v
Cupertino rushing to fix Apple ID security breach

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode
Cupertino rushing to fix Apple ID security breach
Mike Johnson Offline
Posting Freak
*****
Posts: 4,915
Threads: 267
Joined: Dec 2024
Reputation: 0
#1
03-23-2013, 12:45 AM
Just a couple days after rolling out an optional two-step ID verification system, somebody published step-by-step instructions on how to change the password on another person's Apple ID account, starting with nothing more than the victim's email address and date of birth.

Apple has shut down its password reset system as an immediate response to prevent exploitation as they work on a fix.

http://www.theverge.com/2013/3/22/413624...e-of-birth
Find
Reply
Speedy Offline
Posting Freak
*****
Posts: 54,633
Threads: 1,943
Joined: May 2025
Reputation: 2
#2
03-23-2013, 01:43 AM
LMFAO.
Find
Reply
Mike Johnson Offline
Posting Freak
*****
Posts: 4,915
Threads: 267
Joined: Dec 2024
Reputation: 0
#3
03-23-2013, 02:42 AM
Just so we're clear, the exploit doesn't work against anybody using the new 2-step process. It's the old procedure that is vulnerable.

Those of us who haven't moved our accounts to the new secure process should be okay, since Apple took out the password reset mechanism. For now, you won't be able to change your password, but neither will a hacker.
Find
Reply
RAMd®d Offline
Posting Freak
*****
Posts: 52,371
Threads: 2,806
Joined: May 2025
Reputation: 4
#4
03-23-2013, 02:50 AM
http://www.theverge.com/2013/3/22/413772...ty-exploit
Find
Reply
Article Accelerator Offline
Posting Freak
*****
Posts: 13,563
Threads: 175
Joined: May 2025
Reputation: 0
#5
03-23-2013, 05:22 AM
Speedy wrote:
LMFAO.

Let it all out, Speedy. It's therapeutic.
Find
Reply
samintx Offline
Posting Freak
*****
Posts: 21,123
Threads: 7,559
Joined: May 2025
Reputation: 0
#6
03-23-2013, 01:31 PM
How long ago was it Mac users were touting with Macs you don't have the security and trojan problems you do with WIN????
Find
Reply
JoeH Offline
Unregistered
Posts: 15,842
Threads: 95
Joined: May 2025
#7
03-23-2013, 04:47 PM
samintx wrote:
How long ago was it Mac users were touting with Macs you don't have the security and trojan problems you do with WIN????

A. This problem is not with the Mac OS. It is an Apple corporate server security issue.

B. You still don't have anywhere close to the Windows security and trojan problems with the Mac OS. Most of the security issues there are still fall into the PEBKAC area, many users should not have easy access to privileges or Admin passwords. But that also applies to Windows users, and there are a lot more trojan and malware for Windows to snare them.
Find
Reply
TheCaber Offline
Unregistered
Posts: 5,314
Threads: 111
Joined: May 2025
#8
03-24-2013, 04:51 PM
PEBKAC == Problem Exists Between Keyboard And Chair

Security, like quality, must be designed into the OS and its interfaces, and propagated to the applications that run on the OS. It is not something to be slapped on after implementation, like a coat of paint.

Microsoft has never let security stand in the way of sales anything.
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)