Scam of the day – January 6, 2015 – iCloud security problem fixed

The security vulnerability with Apple’s iCloud exposed by a hacker who calls himself Prox13 about which I reported to you just the day before yesterday has been promptly fixed by Apple.  According to Prox13, the vulnerability enabled a tool called iDict to be used to hack iCloud accounts effectively avoiding both security questions and two-factor authentication.  What was unusual about this particular vulnerability was that when “white hat” hackers find out about vulnerabilities in the various computer programs we use, they generally contact the company’s directly in order to assist in the orderly remedying of the problem without alerting “black hat” hackers to the vulnerability which they, in turn would be able to exploit.  Prox13 did not appear to be interested in using the tool for bad purposes, however, he went public with his discovery rather than contact Apple directly to warn them of the problem.

TIPS

You may remember that the recent nude celebrity photo hacking dealt with iCloud, however, the fault, in those hackings was not with Apple, but rather with the individual celebrity iCloud users who did not take their own proper security precautions, such as using the very effective dual factor authentication, which would have prevented the hackers from gaining access to the celebrities photos.  This is also a good lesson to all of us to use complex passwords, strong security questions and dual factor identification whenever offered to protect our own security.

Leave a Reply

Your email address will not be published. Required fields are marked *