Apple was already five months at the height of brute force vulnerability in iCloud




Apple had been since late March informed of a vulnerability iCloud, allowing malicious attacks could come through brute force. Behind the password of users Nevertheless, it took until August before Apple came up with a solution.

The developer living in London Ibrahim Balic Apple released on March 26, at the height of the vulnerability and he received an answer, the same day writes news Daily Dot based on the emails from the developer. Moreover developer who is no stranger to Apple: Manufacturer thanked him earlier for reporting an XSS bug.

An Apple employee approached him again in May asking for more information and seemed poorly informed about what Balic meant. When the iPhone-maker’s vulnerability learned from a script on Github, a fix within a short time was possible.

The vulnerability meant that users could guess the Find My iPhone service on iPhone devices. Unlimited passwords If attackers had overtaken that password, they could thus also login to other services of iCloud. The vulnerability came out when Apple was under fire after photos from iCloud accounts of American actresses and other celebrities out came . It is unknown whether the vulnerability is exploited to steal., Some or all photos

Following the case of the stolen naaktselfies celebrity has the iCloud administrator took action. For example, users will be notified when someone from a different device than conventional logs and encourages users to use. Two-stage authentication


In: Technology & Gadgets Asked By: [15572 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »