Linked by Thom Holwerda on Mon 1st Apr 2013 12:25 UTC
Apple "Last Friday, The Verge revealed the existence of a dead-simple URL-based hack that allowed anyone to reset your Apple ID password with just your email address and date of birth. Apple quickly shut down the site and closed the security hole before bringing it back online. The conventional wisdom is that this was a run-of-the-mill software security issue. [...] It isn't. It's a troubling symptom that suggests Apple's self-admittedly bumpy transition from a maker of beautiful devices to a fully-fledged cloud services provider still isn't going smoothly. Meanwhile, your Apple ID password has come a long way from the short string of characters you tap to update apps on your iPhone. It now offers access to Apple's entire ecosystem of devices, stores, software, and services."
Permalink for comment 557257
To read all comments associated with this story, please click here.
RE: Ironic
by BallmerKnowsBest on Mon 1st Apr 2013 14:20 UTC in reply to "Ironic"
BallmerKnowsBest
Member since:
2008-06-02

Rather ironic to see a security article posted here at this very minute, when I've been presented with the admin side panel above the right column of news since late last night, for no reason. Apparently I'm "logged in as root" and could do all sorts of things to OSNews and there was no hacking involved. It just came up a few hours back and it's still there now. I've made no attempt to use it, but am I the only one who sees it? It appears on both my Mac and my iPad.


And if that weren't crazy enough, I hear that Maddox is having a kid and shutting down his site!

http://thebestpageintheuniverse.net/c.cgi?u=second_chance_af

Reply Parent Score: 3