- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Apple denies iCloud breach for The Fappening
Posted on 9/2/14 at 1:55 pm to gmrkr5
Posted on 9/2/14 at 1:55 pm to gmrkr5
quote:
Social engineering of some sort was used to obtain the IDs but a flaw in find my iphone allowed for the brute force attempts to occur. apple should have locked the IDs after multiple failed tries but it did not.
It's still unclear whether the lockout bug had anything to do with it. If it did, I would consider it a "breach", and if Apple doesn't, they just had a "I did not have sexual relations with that woman" moment. (Which BTW Tim Cook could truthfully say.)
Posted on 9/2/14 at 1:57 pm to Spock's Eyebrow
quote:
There are 26 lower-case letters, 26 upper-case letters, 10 digits and, depending on the web site, as many as a couple of dozen special characters (some sites won’t let you use certain characters). If you create a password with 6 digits, there are a million possibilities. If you use, however, six lower-case letters, the number jumps to over 300 million. And if you use a combination of upper- and lower-case letters, you get 2 billion different combinations. Add in special characters and the number of possibilities is in the hundreds of billions.
all of these things can easily be enforced at the point where people are creating their password for the first time.
Posted on 9/2/14 at 2:04 pm to Spock's Eyebrow
quote:
It's still unclear whether the lockout bug had anything to do with it.
you cant brute force an account that does not suffer from a "lockout bug" unless you are a REALLY good guesser
quote:
a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet.
i mean they are basically describing the components of a brute force attack right here^^^
you social engineer your way into finding the correct answers to the security questions then you have the ID. once you have the ID you brute force the account effected by the "lockout bug"
This post was edited on 9/2/14 at 2:06 pm
Popular
Back to top
Follow TigerDroppings for LSU Football News