Printed from http://www.electronista.com

Apple promptly fixes Facetime for Mac beta security flaw

updated 06:15 am EDT, Fri October 22, 2010

Embarrassing vulnerability patched pronto

Apple's new FaceTime for Mac beta launch has been marred by an embarrassing security flaw that has been promptly patched server-side. German site MacNotes spotted the flaw and noted that once a user logged into FaceTime for the first time, another user could log into the primary user's account even with the app closed and then restarted. Furthermore, the flaw could allow a malicious user who had access someone else's Mac to change their password, hack their Apple ID and potentially their Apple Store account too.

Early reports also suggest that even in Beta form, the app is somewhat unpolished for an Apple release. However, Apple's response to the security flaw has been extremely rapid and the exploit has now been closed. [via Cocoa Touch Apps]



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Geoduck

    Junior Member

    Joined: Jan 2010

    +7

    Not a surprise

    That's why it's called Beta.

  1. eldarkus

    Fresh-Faced Recruit

    Joined: Feb 2004

    +3

    @Geoduck

    I was thinking the exact same thing...

  1. prl99

    Dedicated MacNNer

    Joined: Mar 2009

    +1

    where is it?

    I downloaded the beta from the Facetime website and it's still the original one from 10/20, ver 0.9, 92. I checked the ADC site and it's not there.---from another site:


    Since the update changes how FaceTime for the Mac accesses Apple’s servers, there’s no need for users to re-download the application t see the security changes.

  1. pairof9s

    Mac Enthusiast

    Joined: Jan 2008

    +5

    RE: where is it?

    So I take it you read the part you quoted from another site, right?!

    Your answer lies deep within the quote. ;-)

    /

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -1

    Re: Not a surprise

    No, that's not why they call it a beta. If it were in true 'beta' form, it would be feature complete and just working out bugs. And such things as these types of issues would have cropped up long ago.

    It's actually more of an alpha build, if anything.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -2

    Who knew

    Guess that's what one gets for not paying attention. Apparently Apple is making their Apple Store accounts more and more a crux for using their software, meaning they can gather more and more information on people. No wonder it is set up as completely different than iChat. With iChat you don't have to go through Apple to talk.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

SMS Audio Sync Sport on-ear headphones

When hitting the gym or going out for a trail run, headphones can cause a number of problems. From the ear buds getting slimy with swe ...

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Sponsor

toggle

Most Commented

 
toggle

Popular News