Skip to main content

Apple Just Gave An Indian Hacker $100,000 For Finding A Flaw In Sign in with Apple

Apple unveiled the Sign in with Apple option back in June 2019 and the feature was received with somewhat positive attention. There’s a good reason for that positive response; it allows for a more secure authentication system as opposed to the social logins. Furthermore, this also enabled users to sign up with third-party apps and services without having to share their Apple ID email. However, an Indian security researcher in New Delhi recently discovered a critical flaw in the Sign in with the Apple system. This flaw would enable an attacker to take over an account simply by relying on an email ID.
Apple Gave A Hacker $100,000 For Finding A Flaw In Sign in with Apple
Apple, in return, has rewarded the security researcher generously. The tech giant paid the hacker $100,000 from Apple security bounty pot and this goes to show just how crucial this shocking discovery to Apple was. The good thing that came from all of this is that Apple has already taken care of the issue on its server-end and only after this was carried out did Bhavuk Jain – the genius who found the flaw – published his disclosure online on May 30.
Apple Gave A Hacker $100,000 For Finding A Flaw In Sign in with Apple
The potential flaw was only linked with the third-party apps that relied on Sign in with Apple without implementing any other security measures. It was a potential hazard owing to two reasons. It could have enabled a complete takeover of the user accounts of the third-party apps even if the user didn’t have a valid Apple ID. Furthermore, Apple was not able to catch this flaw during the development stages.
Apple Gave A Hacker $100,000 For Finding A Flaw In Sign in with Apple


Jain figured out that he could request authentication tokes for any email ID from Apple and those tokens would then be verified by making use of Apple’s public key. This means that an attacker could potentially gain access to the victim’s account. Jain also explained that an internal investigation was conducted by Apple that determined that no compromises had been made thus allowing it to fix the flaw before it caused any damage.

Comments

Popular posts from this blog

AIRBUS A380 CUSTOM ($500 MILLION) OWNED BY AL-WALEED BIN TALAL

Airbus A380 Custom ($500 million): This is the most expensive private jet in the world, owned by Al-Waleed Bin Talal from Saudi Arabia and a member of the Saudi royal family – House of Saud. Prince Al-Waleed bin Talal has the eighth-highest amount given to charity ($3.5 billion) among the greatest philanthropists. He’s the 50th richest man in the world. He has almost everything gold plated in the plane and comes with a solid gold throne in the middle. The jet is referred to as Kingdom in the Sky and comes with a Turkish bath, a garage where he can park his Rolls Royce and even a prayer room with electronic mat that automatically rotates to face Mecca.

10 BEST DISPOSABLE GLOVES FOR CORONAVIRUS

Note:  When buying anything online, please exercise good judgment especially in case of buying anything for protection against coronavirus also known as COVID-19. Please refer to the  CDC website  for accurate information. As the reaches of Coronavirus continue to spread across the globe, so has the need for care in how one engages with the outside world. Health personnel most especially have started to employ more as they come in contact with different kinds of people every day. If you are not a doctor however but you work in a line where you come in contact with different people and surfaces, you also have to exercise extreme caution in order to protect yourself from contracting the highly contagious virus. To guarantee your safety from Covid-19 then, we bring you the top ten of one of the most essential PPEs you will need in this season, the disposable gloves. Here they are: 1....

What would you do if You were Lock In A Hut For 7 Days, And All You Have Is A Laptop, Internet And ATM Card?

72IG PROGRAM is the Answer. What is this Program? The 72ig program is a training program by Toyin Omotoso hosted on the Expertnaire affiliate platform that trains you on how to make at least N750,000 per month recommending valuable digital products to those in need of them. Toyin was trained alongside the likes of Akin Alabi, Ronald Nzimora, Patrick Ogidi, Fisayo Akinlolu, and more by Dr. Sunny Obazu-Ojeagbase, Toyin has made his mark as a successful internet marketer from Nigeria. Toyin Omotosho When you join Expertnaire via the 72ig program, you automatically join the 72ig Affiliate Marketing program, meaning that if you sell the same product you get 50% commission per sale while ordinary affiliates get just 30%. MORE THINGS TO KNOW ABOUT THE 72IG PROGRAM Price:  You may be unlucky to get at N55,000, but N45,000 with a discount as found using the link below Pros : Created by a respected internet and direct response marketing expert with proven results. Concise, step-by-st...