Create an Account
username: password:
 
  MemeStreams Logo

Wired News: Apple Squashes E-Store ID Bug
search
Home Agent Weblogs Social Network Post Help About

Dementia
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Dementia's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Wired News: Apple Squashes E-Store ID Bug
Topic: Technology 2:32 pm EDT, May  5, 2003

] Null said he discovered the vulnerability at Apple.com
] using the "view source" option in his Web browser while
] visiting a section of the online store designed to help
] people who have forgotten their passwords.
]
] After submitting his e-mail address, as requested by the
] system, Null said he noticed that Apple was hiding a
] string of letters and numbers in the source code to one
] of the pages designed to confirm users' identities.
]
] By cutting and pasting that "hash" into a separate page
] for specifying the new password, Null was able to change
] his password without answering the secret question used
] to authenticate him.

Well, at least Apple didn't want to arrest the guy.

Wired News: Apple Squashes E-Store ID Bug

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0