Skip to main content

Security hole allows anyone to reset an Apple ID with email and DOB

 Gaping security holes are a pretty terrifying thing, especially when they involve something as sensitive as your Apple ID. Sadly it seems that immediately after making the paranoid happy by instituting two-step authentication a pretty massive flaw in Cupertino's system was discovered and first reported by The Verge. Turns out you can reset any Apple ID password with nothing more than a person's email address and date of birth -- two pieces of information that are pretty easy to come across.
There's a little more to the hack, but it's simple enough that even your non-tech savvy aunt or uncle could do it. After entering the target email address in the password reset form you can then select to answer security questions to validate your identity. The first task will be to enter a date of birth. If you enter that correctly then paste a particular URL into the address bar (which we will not be publishing for obvious reasons), press enter, then -- voilà -- instant password reset! Or, at least that's the story. While we were attempting to verify these claims Apple took down the password reset page for "maintenance." Though we've received no official confirmation from Apple, it seems the company is moving swiftly to shut down this particularly troublesome workaround before word of it spreads too far.

 

Comments

Popular posts from this blog

LG’s first flexible OLED phone due before the year is out

LG plans to launch a flexible OLED smartphone before the end of the year, the company’s VP of mobile has confirmed, though it’s unclear to what extent the work-in-progress handset will actually flex. The OLED panel in question is the handiwork of LG Display according to VP of LG mobile Yoon Bu-hyun, the WSJ  reports, with the proposed device set to launch sometime in Q4. LG Display’s work on flexible OLEDs has been underway for some time, though the company’s efforts have perhaps been overshadowed somewhat by rival Samsung’s YOUM development. Last year, according to a Korea Times report, LG Display was preparing for
Flexible displays are the Future of IT Industry! A part from 4k and smart home appliances, the CES 2013 saw a lot of attention being drawn towards bendable, flexible displays. The elasticised display idea isn’t something new as we have seen hoards of device concepts being crafted around flexible, bendable and even foldable displays. These concept devices give us a futuristic feel, be it a flexible phone to be worn around the wrist or a phone that opens up to turn into a tablet or PSP-like device. But how far is this future? Nokia has been toying with the idea ever since we remember. The technology sounds very fascinating and the possibilities and the extent to which bendable displays could be used are vast and leave us spellbound. However, these have always been concepts and we haven’t seen any device materialise in the real world. There have been several technologies that were conceived in these years and all have been put to their practical use. But the bendable d

Xarius: Charge Your Mobile From Air

Xarius is a portable energy generator that allows to charge electrical appliances by the use of windpower in areas without electricity. Its lightweight and compact design makes the wind turbine to a perfect companion on backpacking trips with little luggage. It is composed of a foldable three-wing-system and an internal energy generator. The integrated rope makes it easy to adapt to any environment.Hooks are attached to both of its ends to tighten the rope and open the wings at the same time using the resulting tension. For convenient charging the battery is permanently installed, so that the electrical device can be charged inside the tent. The LED on the hook shows the current charge of battery. The pulsating orange indicates that the wind turbine has to recharge. Even at low wind speeds the blades begin to rotate autonomously.