The Verge is reporting that the Apple ID login system has been compromised and passwords can be reset using only the user's email address and date of birth. Users who have activated the new two-step verification process are not affected by the hack.
We've been made aware of a step-by-step tutorial (which remains available as of this writing) that explains in detail how to take advantage of the vulnerability. The exploit involves pasting in a modified URL while answering the DOB security question on Apple's iForgot page. It's a process just about anyone could manage, and The Verge has confirmed the glaring security hole firsthand.
Out of concerns for user security, The Verge did not share any information about how to perform the hack, and Apple has not publicly commented on the issue.
Users who attempted to activate two-step verification but are put into a three-day waiting period are vulnerable to the attack, and concerned users can log into their Apple ID accounts and change their birthdate to something less easily guessed.
The two-step verification system for Apple ID accounts was introduced yesterday and is supposed to provide users with a login sequence that is nearly impossible to hack for someone without physical access to the user's devices.
Oh no, a bug in Apple's software. That's far worse than Google doing things like oh, let's say tracking you for marketing purposes. Glad you've got your priorities. :rolleyes:
Yea. I would say it is far worse. One involves your financial information, address and potential identity theft.
The other involves targeting ads based on your searches.
Glad you understand how different the two things are.
Oh no, a bug in Apple's software. That's far worse than Google doing things like oh, let's say tracking you for marketing purposes. Glad you've got your priorities. :rolleyes:
One involves a bug, a 'security hole' that will quickly be patched and shouldn't have existed.
The other involves a truly immoral company who track you without your knowledge.
Glad you understand how different the two things are.
Really? without your knowledge? When you sign up for their services - you accept their TOS.
And tracking you is different than exposing actual personal information. Unless you want to start spreading some FUD that Google exposes your PERSONAL information to 3rd parties.
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...
A week after Apple updated its App Review Guidelines to permit retro game console emulators, a Game Boy emulator for the iPhone called iGBA has appeared in the App Store worldwide. The emulator is already one of the top free apps on the App Store charts. It was not entirely clear if Apple would allow emulators to work with all and any games, but iGBA is able to load any Game Boy ROMs that...
Apple's hardware roadmap was in the news this week, with things hopefully firming up for a launch of updated iPad Pro and iPad Air models next month while we look ahead to the other iPad models and a full lineup of M4-based Macs arriving starting later this year. We also heard some fresh rumors about iOS 18, due to be unveiled at WWDC in a couple of months, while we took a look at how things ...
Best Buy this weekend has a big sale on Apple MacBooks and iPads, including new all-time low prices on the M3 MacBook Air, alongside the best prices we've ever seen on MacBook Pro, iPad, and more. Some of these deals require a My Best Buy Plus or My Best Buy Total membership, which start at $49.99/year. In addition to exclusive access to select discounts, you'll get free 2-day shipping, an...
Apple today said it removed Game Boy emulator iGBA from the App Store for violating the company's App Review Guidelines related to spam (section 4.3) and copyright (section 5.2), but it did not provide any specific details. iGBA was a copycat version of developer Riley Testut's open-source GBA4iOS app. The emulator rose to the top of the App Store charts following its release this weekend,...
Apple's first set of new AI features planned for iOS 18 will not rely on cloud servers at all, according to Bloomberg's Mark Gurman. "As the world awaits Apple's big AI unveiling on June 10, it looks like the initial wave of features will work entirely on device," said Gurman, in the Q&A section of his Power On newsletter today. "That means there's no cloud processing component to the...
Top Rated Comments
Yea. I would say it is far worse. One involves your financial information, address and potential identity theft.
The other involves targeting ads based on your searches.
Glad you understand how different the two things are.
Yes, yes it is worse.
Really? without your knowledge? When you sign up for their services - you accept their TOS.
And tracking you is different than exposing actual personal information. Unless you want to start spreading some FUD that Google exposes your PERSONAL information to 3rd parties.