In association with heise online

22 October 2010, 16:10

FaceTime beta is a backdoor to Apple accounts

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

FaceTime Logo As reports, until recently, the beta version of FaceTime, Apple's video telephone software for Mac OS X, was quite careless with users personal data. When the just released FaceTime application was launched, the security question and the answer, along with the previous user's birthday, from a previous log-in, could be accessed without having to log-in to that account. In combination with the Apple ID, which was also displayed, the password could be reset, providing complete access to the account currently registered making it possible, for instance, to go shopping in the iTunes Store with another user's account.

The issue was problematic when more than one user shared the same computer, such as is the case with a publicly used Mac. Even if a user had properly logged out, the account could still be accessed because the application automatically put the password into the log-in dialogue. Apple reacted quickly and remedied the problem within the server. Now, a click on "View details" brings the user back to the general settings page.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit