NNSquad - Network Neutrality Squad
[ NNSquad ] How Apple screwed up their 2-factor authentication system
How Apple screwed up their 2-factor authentication system
http://j.mp/15g0sfF (ars technica)
"In its current implementation, Apple's two-factor authentication does
not prevent anyone from restoring an iOS backup onto a new (not
trusted) device," ElcomSoft CEO Vladimir Katalov wrote. "In addition,
and this is much more of an issue, Apple's implementation does not
apply to iCloud backups, allowing anyone and everyone knowing the
user's Apple ID and password to download and access information stored
in the iCloud. This is easy to verify; simply log in to your iCloud
account, and you'll have full information to everything stored there
without being requested any additional logon information."
- - -
--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
- Network Neutrality Squad: http://www.nnsquad.org
- PRIVACY Forum: http://www.vortex.com/privacy-info
- Data Wisdom Explorers League: http://www.dwel.org
- Global Coalition for Transparent Internet Performance: http://www.gctip.org
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad