07-07-2010, 09:09 AM | #31 | |
Groupie
Posts: 190
Karma: 1248
Join Date: Nov 2009
Location: Milton Keynes UK
Device: Sony PRS-600 Touch, iPhone
|
Quote:
The interesting part to me is that it's very hard for your ordinary punter to get a clear feel for the real state of the issue over the noise of axes being ground. |
|
07-07-2010, 09:36 AM | #32 |
eBook Enthusiast
Posts: 85,544
Karma: 93383043
Join Date: Nov 2006
Location: UK
Device: Kindle Oasis 2, iPad Pro 10.5", iPhone 6
|
Logon credentials being obtained by phishing is a much more plausible idea than the security system of the iTunes Store being broken.
|
Advert | |
|
07-07-2010, 09:55 AM | #33 |
Groupie
Posts: 190
Karma: 1248
Join Date: Nov 2009
Location: Milton Keynes UK
Device: Sony PRS-600 Touch, iPhone
|
Unless you're TNW, in which case it's yet more evidence of Apple's abject failure to protect its customers, because obviously this points to a systemic flaw in iTunes security.
As opposed to someone taking advantage of careless password/login management to break your credentials. Note as well that TNW conveniently doesn't highlight the built-in delay before the app supplier gets paid, which means claims of users losing hundreds of dollars are pretty unlikely. My point is, to ordinary folk, the mixture of reporting and editorialising obscures the reality. |
07-07-2010, 10:14 AM | #34 |
Groupie
Posts: 190
Karma: 1248
Join Date: Nov 2009
Location: Milton Keynes UK
Device: Sony PRS-600 Touch, iPhone
|
|
07-07-2010, 11:59 AM | #35 |
eBook Enthusiast
Posts: 85,544
Karma: 93383043
Join Date: Nov 2006
Location: UK
Device: Kindle Oasis 2, iPad Pro 10.5", iPhone 6
|
Dear me. A touch of paranoia there?
|
Advert | |
|
07-07-2010, 12:21 PM | #36 | |
Ebook Reader
Posts: 605
Karma: 3205128
Join Date: Nov 2009
Location: Texas
Device: Kindle 3, HTC Evo, HTC View
|
Quote:
- there were +/- 400 accounts from one developer that were hacked, but during the holiday there were multiple developers hacking iTunes. - no one said it was a phishing attack. There were accounts of people who hadn't used iTunes in months or years having their accounts compromised. Also the one youtube video about someone touting how secure his system was, until the bank called him. I suspect it's too early to write this off as a "minor thing" as Apple would like you to believe. |
|
07-07-2010, 12:39 PM | #37 | |
Groupie
Posts: 190
Karma: 1248
Join Date: Nov 2009
Location: Milton Keynes UK
Device: Sony PRS-600 Touch, iPhone
|
Quote:
Since this story first broke on Sunday, I've followed up every instance I can find. As I said in my first post in this thread, there are few verifiable facts. I am not 'writing it off' and, as I said, it's very serious for those affected. But all the evidence I can find suggests that this is indeed limited to a few hundred accounts. There's no evidence out there either way as to whether this results from phishing or not. And "Apple says it so it can't be true' isn't evidence - it's prejudice. |
|
07-07-2010, 01:09 PM | #38 |
Groupie
Posts: 157
Karma: 2160
Join Date: Feb 2009
Location: Vancouver, BC
Device: iPad 64GB wifi (Sony 505 RIP)
|
So it only takes 400 purchases to take unknown Vietnamese (it was cyrilic-titled books in the Canadian store) book apps from total obscurity to he top of the charts? And since several iTune stores in different country showed remarkably similar behavior on the 4th, were these 400 accounts spread around the world making the total # of sales required to move from obscurity to the top even smaller than 400?
I didn't realize that sales were that slow... There is obviously a lot of speculation and no plausible details coming from the only people who truly know--Apple. I've read all the same reports but also used my head... There is no frigging way it was only 400. That is spin that is being happily gobbled up and repeated by those more susceptible to Apple's charm. |
07-07-2010, 01:34 PM | #39 |
eBook Enthusiast
Posts: 85,544
Karma: 93383043
Join Date: Nov 2006
Location: UK
Device: Kindle Oasis 2, iPad Pro 10.5", iPhone 6
|
I believe it was only top of the charts in that application category. Given that the category is a rather obscure one, it really doesn't take that many sales to promote something up the "chart".
|
07-07-2010, 01:54 PM | #40 | |
<Insert Wit Here>
Posts: 1,017
Karma: 1275899
Join Date: Jan 2008
Location: Puget Sound
Device: Kindle Oasis, Kobo Forma
|
Quote:
Posting up apps and then using hacked accounts to funnel money to themselves has been going on for awhile. It's news now because this was a larger effort done all in one weekend. The accounts themselves were probably cracked awhile back and the passwords kept around for a single attack. Doing this and attacking on a Saturday that is part of an extended holiday weekend just means it takes that much longer in order for the owner of the account to regain control of it. It's the same tactic gold sellers are using in WoW right now. A big chunk of accounts get taken over every holiday weekend as they get 3 days to exploit the accounts before they get returned to their owners instead of 2. They'll save up quite a few accounts to make that extra day worth it. I'm not terribly surprised this is happening. Zombie networks make brute forcing weaker passwords feasible, and there's profit in selling these accounts to others. In the end, the guys running the botnets to get these passwords are the ones making the real profit, while scammers like this one pay for the passwords and then get caught trying to use them. |
|
07-07-2010, 03:53 PM | #41 | |
Interested Bystander
Posts: 3,725
Karma: 19728152
Join Date: Jun 2008
Device: Note 4, Kobo One
|
Quote:
As others have said, but you don't seem to have bothered to check first, the apps were amongst the top sellers in a very low selling part of the app store, not the entire store. |
|
07-07-2010, 04:54 PM | #42 | |
Groupie
Posts: 157
Karma: 2160
Join Date: Feb 2009
Location: Vancouver, BC
Device: iPad 64GB wifi (Sony 505 RIP)
|
Quote:
The Elements, Cat in the Hat, Toy Story 2 (and 3) read along, Dr Seus' abcs... I realize most, if not all the popular apps in that section are educational and/or kid's apps and most readers of this forum are adults... Although...never mind... I'm not as certain as some of you seem to be that 400 accounts worldwide were enough to knock those apps off the top. But I do know that repeating the same assumption 4 times in a thread is not a substitute for facts. I'll need to see the numbersn before I'll believe that 400 hacks was is enough to affect several countries' iTune stores in the manner they were affected. Until I see that, I prefer the theory that this is just spin for damage control. There are a lot of iTunes customers with very little computer or technical knowledge and there is a lot of money at stake here that depends on trusting that iTunes is safe and that this was a tiny aberration. |
|
07-07-2010, 05:16 PM | #43 |
Disgusted with LDBoblo
Posts: 84
Karma: 166
Join Date: Aug 2008
Device: nook
|
Such is the state of modern "journalism." Pathetic, really. It's become the profession for those who couldn't possibly do anything useful. Every time I listen to a gaggle of reporters asking someone questions, I just want to vomit at the utter stupidity.
|
07-07-2010, 05:44 PM | #44 | |
Grand Sorcerer
Posts: 7,452
Karma: 7185064
Join Date: Oct 2007
Location: Linköpng, Sweden
Device: Kindle Voyage, Nexus 5, Kindle PW
|
Quote:
Apples response to use the security code on the backside of a card has no effect if it was phishing. Why is phishing more plausible than more conventionally stolen credit card numbers? I would say that if something happens involvin a lot of customers a broken security system seems more plausible. That is because you have knowledge that the thing has happened. Or, I do not see why your guess about what happened is better than other guesses. |
|
07-08-2010, 01:17 AM | #45 |
eBook Enthusiast
Posts: 85,544
Karma: 93383043
Join Date: Nov 2006
Location: UK
Device: Kindle Oasis 2, iPad Pro 10.5", iPhone 6
|
Why? Simply because almost all computer security breaches are carried out via "social engineering", rather than technically "hacking" the system.
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Massive hacking of iTunes accounts happening right now! | vaughnmr | News | 64 | 07-08-2010 08:50 PM |
1st time owner - Advice on personalizing, improving, hacking? | Jonahcz | Sony Reader | 7 | 05-14-2008 10:50 PM |