Published in News

Apple's password pandemonium

by on28 March 2024

Jobs' Mob in another security snafu

Fruity cargo cult Apple's so-called 'secure' devices have been caught in a phishing frenzy, leaving customers reeling from a barrage of password reset prompts.

It's chaos in Cupertino as users are bombarded with constant notifications, rendering their shiny gadgets as useful as bricks until they tap 'Allow' or 'Don't Allow' more times than there are pints in a pub.

Just when you think you've dodged the bullet, scammers ring you up, masquerading as Apple support, claiming your account has been compromised. "Just verify this one-time code," they say as if Apple's security wasn't already as leaky as a sieve.

Security expert Kishan Bagaria has thrown a spanner in the works, suggesting Jobs’ Mob has a gaping hole in its system. In August 2019, Bagaria reported to Apple a bug that allowed an exploit he dubbed "AirDoS" because it could be used to let an attacker infinitely spam all nearby iOS devices with a system-level prompt to share a file via AirDrop -- a file-sharing capability built into Apple products.

While Apple patched it up after a leisurely four-month tea break. Bagaria reckons the scammers have outfoxed Apple's rate limit on password resets.

"It's a legit Apple rate limit bug," he declares, and who are we to argue?

While everyone expects software to have security lapses from time to time, Jobs Mob has made it its business to claim that it is more secure than any other software out there—particularly Windows. It also has a nasty habit of dragging its feet when flaws are found, leaving its users exposed.

Last modified on 28 March 2024
Rate this item
(1 Vote)