Developer reported iCloud brute-force password hack to Apple nearly six month ago

By Shawn Knight ยท 5 replies
Sep 25, 2014
Post New Reply
  1. The iCloud security incident that made headlines early this month could possibly have been prevented. That's because London-based software developer Ibrahim Balic claims to have reported a brute-force iCloud password attack to the Cupertino-based company nearly six months ago.

    Read more
  2. Oh look! Theyre protecting icloud accounts now with their imaginations and innovations as well.
  3. hitoshianatomi

    hitoshianatomi TS Rookie

    Apple should also do something about the big vulnerability that their Touch ID brings:Biometrics operated with a password in the OR/disjunction way offers a lower security than when only the password is used.

    Biometrics can theoretically be operated together with passwords in two ways, (1) by AND/conjunction or (2) by OR/disjunction. I would appreciate to hear if someone knows of a biometric product operated by (1). The users of such products must have been notified that, when falsely rejected with the devices finally locked, they would have to see the device reset.

    Touch ID and other biometric products are operated by (2) so that users can unlock the devices by passwords when falsely rejected, which means that the overall vulnerability of the product is the sum of the vulnerability of biometrics and that of a password. It is necessarily larger than the vulnerability of a password, say, the devices with Touch ID and other biometric sensors are less secure than the devices protected only by a password.
  4. Iliko

    Iliko TS Rookie

    Is not enough ground to sue Apple for negligence?
  5. I'd ignore him too if he called me "scoot"!
    Girus likes this.
  6. hitoshianatomi

    hitoshianatomi TS Rookie

    I am not a lawyer. I am only talking about what appears to be a worrying fact. I hope that Apple will either admit it or deny it with logical reasoning.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...