In weekend v-am povestit despre problemele pe care un editor al Gizmodo si Wired le-a avut cu propriul cont iCloud care a fost compromis de un hacker care a exploatat serviciul tehnic al Apple pentru a obtine acces la cont. Hackerul a folosit informatii disponibile public pentru a convinge Apple ca el este detinatorul adevarat al contului si dupa ce a obtinut acces la cont a facut ce a vrut cu el. Cei de la Apple au fost contactati de editor si au recunoscut problema, insa au afirmat ca analizeaza povestea si si si vor ajusta corespunzator politica de ajutor pentru a evita asemena probleme in viitor.
We talked to Apple directly about its security policy, and company spokesperson Natalie Kerris told Wired, “Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password. In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected.”
On Monday, Wired tried to verify the hackers’ access technique by performing it on a different account. We were successful. This means, ultimately, all you need in addition to someone’s email address are those two easily acquired pieces of information: a billing address and the last four digits of a credit card on file. Here’s the story of how the hackers got them.
Pentru ca vorbele celor de la Apple nu sunt indeajuns de bune, cei de la Wired au incercat sa reproduca “hack-ul” facut editorului si din pacate au reusit. Cineva de la Wired s-a asumat identitatea altei persoane, a sunat la Apple si oferind doar o adresa de facturare plus ultimele 4 cifre ale cartii de credit asociate contului a reusit sa convinga reprezentantul Apple sa reseteze parola. Din pacate asemenea informatii pot fi obtinute de catre hackeri cu putin efort, deci daca Apple nu isi schimba politica, atunci multi vor avea probleme mari.
This post was last modified on aug. 7, 2012, 5:26 AM 05:26