melhor esquema de segurança do mundo.

Iniciado por Bud Spencer, 09 de Julho de 2008, 16:12

tópico anterior - próximo tópico

Bud Spencer

http://blog.karppinen.fi/2008/07/apple-jus...my-apple-i.html

Resumindo, de acordo com este cara:

Mandaram um e-mail para a apple, de um endereço do yahoo, pedindo a senha do e-mail dele da seguinte maneira:

Citaram forget my password of mac,did you give me password on new email marko.[redacted]@yahoo.com

E forneceram!

CitarI tried to log in to Apple Developer Connection this morning to find out that my password had been changed and the email associated with my account was now a yahoo.com address that wasn't mine. Luckily, my "security question" was still the same, so I was able to reset the password and email address back.

Based on the emails that have appeared in my .Mac mailbox, this was accomplished by sending this classy one-liner to Apple:

am forget my password of mac,did you give me password on new email marko.[redacted]@yahoo.com

To which Apple reacted by doing the only reasonable thing – saying Sir, Yes Sir! and handing my account over. Here's the email I just sent Apple:

Dear ADC,

You have reset my password based on a request by someone other than me. Rather than checking if the requester was actually me by comparing the information in their personal profile, you have allowed a third party access my Apple ID for no reason whatsoever.

I tried to log in today and saw that my password had been changed, and the email address associated with my account changed to "marko.[redacted]@yahoo.com".

Apparently based on a single-line email inquiry, you have allowed a third party access to:
- My personal details
- My personal email
- All the files stored on my iDisk
- Everything I've synchronized to .Mac, including my Address Book, Bookmarks, Keychain items, etc.
- My credit card details as stored in my Apple Store profile
- My iTunes Music Store Account
- My ADC Premier membership, including the software seed key and other assets
- The iPhone Developer Program's Program Portal, including details of our development team

Frankly, this makes me so angry that I can't see straight. Did it not occur to you at all that someone at "marko.[redacted]@yahoo.com" was not actually me? For example, because the names didn't match?

Can you even begin to appreciate the amount of work I need to do to re-secure all the information that you have compromised? How do you propose to restore confidence that I, or indeed anyone, should ever store anything confidential on your systems again?

With best regards,
Marko Karppinen
Removido pela Moderação.

Bolowors

Caramba! Que ridiculo! É inadmissivel que um erro elementar desses aconteça com uma empresa do porte da apple! Seria engraçado se nao fosse tragico...
Registered Linux user number #474240