acm-header
Sign In

Communications of the ACM

Home/News/Apple Fixes Bug That Could Have Given Hackers Full.../Full Text
ACM TechNews

Apple Fixes Bug That Could Have Given Hackers Full Access to User Accounts

By Ars Technica
June 3, 2020
Comments
View as: Print Mobile App Share:
The developer who found the flaw was awarded $100,000.

The Sign in with Apple tool just fixed a bug that made it possible for attackers to gain unauthorized access to email accounts.

Credit: Associated Press

The Sign in with Apple tool, which allows users to log in to third-party apps without revealing their email addresses, has fixed a bug that could enable attackers to gain access to those accounts.

App developer Bhavuk Jain reported the zero-day vulnerability in the privacy-enhancing tool to Apple as part of the company's bug bounty program, and received a $100,000 reward.

Sign in with Apple logs in users with either a JSON Web Token (JWT) or a code generated by an Apple server, which is then used to generate a JWT.

Users can share the Apple email ID with a third party or keep it hidden, and in the latter instance, Apple creates a JWT that contains a user-specific relay ID.

Jain found that an attacker could forge a JWT by linking any email ID to it, which would provide access to the victim's account.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account