12.5 C
New York
Saturday, May 30, 2020
Home News Now Patched 'Sign in With Apple' Bug Left Users Open to Attack

Now Patched ‘Sign in With Apple’ Bug Left Users Open to Attack

Researcher Bhavuk Jain in April discovered a critical Sign in With Apple vulnerability that could have resulted in a takeover of some user accounts. The bug was specific to third party apps that used Sign in With Apple and didn’t implement additional security measures.

Jain notes that Sign in With Apple works by authenticating a user through a JWT (JSON Web Token) or a code that’s generated by Apple’s server. Apple then gives users the option to share either the email tied to their Apple ID or a private relay email address,which creates a JWT that’s used to login a user.

Jain then discovered that once JWTs for both Apple ID emails and private relay email addresses were requested and the token’s signature was verified using Apple’s public key, it “showed as valid.” Should the bug have not been discovered, a JWT could be created and used to gain access to one’s account.

In an interview with The Hacker News, Jain spoke about the severity of the bug:

The impact of the this vulnerability was quite critical as it could have allowed a full account takeover. Many developers have integrated Sign in with Apple since it is mandatory for applications that support other social logins. To name a few that use Sign in with Apple – Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook).

According to Jain, Apple conducted an investigation and concluded that no accounts were compromised using this method before the vulnerability was patched. Jain was paid $100,000 by Apple under its Apple Security Bounty Program for reporting the bug.Tags: Apple security, Sign in with Apple
This article, “Now Patched ‘Sign in With Apple’ Bug Left Users Open to Attack” first appeared on MacRumors.com

Discuss this article in our forums

MacRumors-All?d=6W8y8wAjSf4 MacRumors-All?d=qj6IDK7rITs

Latest

Get a better grip on your phone at 75% off in the PopSockets Warehouse Sale

No one wants to be sporting a busted phone, but with how easily phone screens can break, it's a good

Gboard’s amazing but SwiftKey can beat it in a few niche ways

GboardGoogle greatnessFree at Google PlayProsSyncs to Google account automaticallyExcellent prediction and layoutEasy-to-navigate settingsWider support for sticker packsConsSwipe to delete words

Now Patched ‘Sign in With Apple’ Bug Left Users Open to Attack

Researcher Bhavuk Jain in April discovered a critical Sign in With Apple vulnerability that could have resulted in a takeover

Moto 360 review: Classic smartwatch, stunning new design

No, this isn't the Moto 360 from 2015. The new model looks like the original, but improves on its execution.