Sign In

Communications of the ACM

ACM TechNews

Apple Fixes Bug That Could Have Given Hackers Full Access to User Accounts


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The developer who found the flaw was awarded $100,000.

The Sign in with Apple tool just fixed a bug that made it possible for attackers to gain unauthorized access to email accounts.

Credit: Associated Press

The Sign in with Apple tool, which allows users to log in to third-party apps without revealing their email addresses, has fixed a bug that could enable attackers to gain access to those accounts.

App developer Bhavuk Jain reported the zero-day vulnerability in the privacy-enhancing tool to Apple as part of the company's bug bounty program, and received a $100,000 reward.

Sign in with Apple logs in users with either a JSON Web Token (JWT) or a code generated by an Apple server, which is then used to generate a JWT.

Users can share the Apple email ID with a third party or keep it hidden, and in the latter instance, Apple creates a JWT that contains a user-specific relay ID.

Jain found that an attacker could forge a JWT by linking any email ID to it, which would provide access to the victim's account.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account