We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

AP Photo/Marcio Jose Sanchez
all gone now

Apple has patched up an iCloud flaw that allowed access to any account

The flaw allowed anyone to bypass Apple’s security system and repeatedly guess a user’s iCloud password without getting locked out.

A SECURITY FLAW on iCloud has been patched after the creator of a hacking tool claimed it could bypass its security.

iDict, which was released on New Year’s Day, claimed it could exploit a flaw in Apple’s security and guess a user’s password repeatedly.

As a way of preventing brute force attacks, sites allow a certain number of attempts for logins until it locks someone out, but the maker of iDict claimed its tool bypassed this.

By using a list of commonly used passwords, it would be able to keep guessing until it hit the right one. Its creator, @pr0x13, claimed they had released the tool publically “so Apple will patch it,” and called the bug “painfully obvious.”

The problem was fixed the next day (2 January) with its creator tweeting that those using it were causing iCloud accounts to be locked.

When iCloud was attacked in 2014, accounts of celebrities like Jennifer Lawrence, Mary Elizabeth Winstead, and Kate Upton were compromised and numerous nude photographs were leaked as a result.

After the incident, Apple’s CEO Tim Cook said that it would introduce two-step verification and alert users whenever someone tries to restore their iCloud account.

Read: One of the world’s most valuable tech startups brought in €10 billion in 2014 >

Read: Netflix may finally be cracking down on international users who try to access US Netflix >

Your Voice
Readers Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.