undefined | Better HN

0 pointsswang11y ago0 comments

You are wrong. Apple says there was no "security breach" except their lack of security for the FindMyIphone website caused the breach.

Mainly they exploited the fact that the FindMyIphone website did not throttle the number of login attempts. So you can do it as many times as possible. Apple deflected this by "denying" that any usernames or passwords were leaked, but in reality it is their fault that the accounts were compromised.

0 comments

djrogers11y ago

Except the FMI flaw is only tenuously linked to the breach - with more evidence pointing away from it (i.e. timeline of how long the photos have been offered for sale, disclosures by other photo-hackers, etc) than toward it.

There was early speculation that the flaw was at fault, but no confirmation from anyone.

Go ahead though - blame that bug, because Apple.

j / k navigate · click thread line to collapse

0 pointsswang11y ago0 comments

You are wrong. Apple says there was no "security breach" except their lack of security for the FindMyIphone website caused the breach.

0 comments

djrogers11y ago

There was early speculation that the flaw was at fault, but no confirmation from anyone.

Go ahead though - blame that bug, because Apple.

j / k navigate · click thread line to collapse