|
Title: Latest iCloud crack can't beat a good password Post by: HCK on January 09, 2015, 09:00:18 am Latest iCloud crack can't beat a good password
<article> <section class="page"> <p>You’ve likely read about iDict (https://github.com/Pr0x13/iDict), a very publicly released cracking tool designed to compromise iCloud accounts using brute-force techniques—techniques that try a series of passwords in quick succession in the hope of finding the correct one. According to reports, the vulnerability was patched by Apple within a few days. (Apple has declined to comment, however.)</p><p>The developer released the code without providing details in advance to Apple, which is unusual. The standard practice is to disclose this information privately in order to give a company time to patch the vulnerability.</p><p>iDict relied on what the author claimed was a “painfully obvious” problem with how Apple dealt with repeated password failures through a particular URL. This kind of issue is similar to reports that came out after last summer’s iCloud “hack,” (http://en.wikipedia.org/wiki/2014_celebrity_photo_hack) which involved a combination of unthrottled password attempts against iCloud and attempts to answer security questions based on celebrities’ biographies and other sources.</p><p class="jumpTag"><a href="/article/2866467/latest-icloud-crack-cant-beat-a-good-password.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Latest iCloud crack can't beat a good password (http://www.macworld.com/article/2866467/latest-icloud-crack-cant-beat-a-good-password.html#tk.rss_all) |