Over-the-phone AppleID resets, suspended

Over-the-phone AppleID resets, suspended

After the incident last week where former Gizmodo employee Mat Honan’s Twitter, GMail, Apple accounts were compromised along with his Mac and iPhone being remotely wiped, Apple has taken a step to silence the criticism.

An anonymous Apple employee acknowledged the existence of such a suspension, and has suggested that this most definitely will be a small look into tighter customer verification that Apple is looking into deploying across their services.

On Tuesday, Amazon had also made it more

difficult for an account to be compromised, abandoning their old requirements of the name, e-mail, and address of the customer. These steps all seem to be in response to a demonstration of the very serious implications of varying security standards in account verification as a result of the incident last week.

Since the incident, many sites have attempted to replicate similar results via an over-the-phone password result to great success. Like us, many sites/bloggers have noticed that as of yesterday, Apple has temporarily froze the ability for over-the-phone password resets, and have been prompting users to reset online.

These verification methods that allowed impersonation of other customers’ accounts seem to display a major flaw in the standards of our very free web, and has sparked much discussion/controversy.
Information such as addresses, phone numbers, and even the last 4 digits of one’s credit card can be easily found on the internet. In fact, social engineering via over-the-phone resets help malicious users to gain information that may, to one company not be critical, but serve as the primary verification standard for others.

No doubt we will see more startups in the future attempt to solve this issue, and perhaps, the government will even attempt to regulate this area.

Tags: , , , , , , ,

About the author

for3v3rforgott3n is a programmer, graphics artist, web designer and internet security expert.

Website: http://technewsgalore.com

Leave a Reply