Slashdot Mirror
Apple Allegedly Knew of iCloud Brute-Force Vulnerability Since March
blottsie writes Apple knew as early as March 2014 of a security hole that left the personal data of iCloud users vulnerable, according to leaked emails between the company and a noted security researcher. In a March 26 email, security researcher Ibrahim Balic tells an Apple official that he's successfully bypassed a security feature designed to prevent "brute-force" attacks. Balic goes on to explain to Apple that he was able to try over 20,000 passwords combinations on any account.
No, he was entering passwords wrong. You're only supposed to enter one password not 20,000. The latter is not part of crApple's UX design.
i'm busted. my password was 20000.
No worries. You were just using the web page wrong.
Well, sir, there's nothing on Earth
Like a genuine, bona-fide
Electrified, six-inch iPhone 6 Plus.
What'd I say?
iPhone 6 Plus!
What's it called?
iPhone 6 Plus!
That's right! iPhone 6 Plus!
iPhone 6 Plus.
iPhone 6 Plus.
iPhone 6 Plus.
I saw those leaks they had me wowed.
We've made some changes to iCloud.
Is there a chance the phone could bend?
Not on your life, my hipster friend.
What about us brain-dead slobs?
You'll just worship Mr. Jobs.
What's the point of that huge bezel?
Just more space for fans to revel.
16 gigs is too little space.
Pay the upcharge to keep pace.
I swear this phone's your only choice,
Throw up your hands and raise your voice.
iPhone 6 Plus!
What's it called?
iPhone 6 Plus!
Once again.
iPhone 6 Plus!
But iOS is still shitty and broken.
Sorry, Slashdot, the mob has spoken.
iPhone 6 Plus!
iPhone 6 Plus!
iPhone 6 Plus!
iPhone 6 Plus!
iPho, d'oh!
I know not of this celebgate. Perhaps I know it by a different name?
20,000 is not a brute force attack. That will only succeed if your password was 3 characters long.
I find it hard to believe anyone was actually vulnerable to this.
20,000 not brute force?!! Would you call it "subtle and refined"?