By John Gruber
CoverSutra Is Back from the Dead — Your Music Sidekick, Right in the Menu Bar
Owen Williams, reporting for The Next Web:
An alleged breach in Apple’s iCloud service may be to blame for countless leaks of private celebrity photos this week.
On Monday, a Python script emerged on GitHub (which we’re not linking to as there is evidence a fix by Apple is not fully rolled out) that appears to have allowed malicious users to ‘brute force’ a target account’s password on Apple’s iCloud, thanks to a vulnerability in the Find My iPhone service. Brute-force attacks consist of using a malicious script to repeatedly guess passwords in an attempt to discover the correct one.
★ Monday, 1 September 2014