FaceTime beta is a backdoor to Apple accounts

FaceTime Logo

As macnotes.de reports (German language link), until recently, the beta version of FaceTime, Apple’s video telephone software for Mac OS X, was quite careless with users personal data. When the just released FaceTime application was launched, the security question and the answer, along with the previous user’s birthday, from a previous log-in, could be accessed without having to log-in to that account. In combination with the Apple ID, which was also displayed, the password could be reset, providing complete access to the account currently registered making it possible, for instance, to go shopping in the iTunes Store with another user’s account.

The issue was problematic when more than one user shared the same computer, such as is the case with a publicly used Mac. Even if a user had properly logged out, the account could still be accessed because the application automatically put the password into the log-in dialogue. Apple reacted quickly and remedied the problem within the server. Now, a click on “View details” brings the user back to the general settings page.

Source.

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: