- Hulu’s ‘Into the Dark’ scores with Christmas-themed ‘A Nasty Piece of Work’ Today 6:00 AM
- West Virginia corrections employees suspended after Nazi salute photo surfaces Thursday 8:02 PM
- Here are the 15 best Eddie Murphy movies available to stream Thursday 7:56 PM
- Ex-InfoWars video editor admits to making up Islamophobic stories Thursday 6:55 PM
- WhatsApp accounts deleted amid Kashmir internet blackout Thursday 6:21 PM
- Guy gets mocked for tattoo of Baby Yoda drinking White Claw Thursday 6:18 PM
- Spotify Wrapped has people asking just how much it knows about us Thursday 5:50 PM
- Instagram account allegedly asked for inappropriate photos of children Thursday 5:16 PM
- How to stream ‘Boys vs. Bears on Thursday Night Football Thursday 4:33 PM
- Woman caught her boyfriend cheating through his Fitbit Thursday 4:29 PM
- The Pete Buttigieg ‘High Hopes’ dance was designed by an intern Thursday 4:17 PM
- TikTok admits to hiding content made by fat, LGBTQ, and disabled users Thursday 3:58 PM
- ‘Merry Happy Whatever’ is an unoriginal sitcom with plenty of holiday cheer Thursday 3:55 PM
- The ‘Pod Save America’ Bros are losing it over Joe Biden’s newest ad Thursday 3:28 PM
- Van Halen had a wholesome response in defense of Billie Eilish Thursday 3:15 PM
Major bug in Apple’s computer OS leaves your passwords dangerously exposed
If you’re an Apple fan, this isn’t great news.
A team of researchers from Indiana University, Peking University, and the Georgia Institute of Technology claim to have busted the keychain wide open—and according to the team, Apple hasn’t fixed the bug since being alerted to it in October 2014.
In a pair of videos and a lengthy research paper, Luyi Xing, Xiaolong Bai, Tongxin Li, XiaoFeng Wang, Kai Chen, and Xiaojing Liao detail a process in which a malicious app—like the one the team built and snuck past Apple’s App Store review process—can access extremely sensitive data such as the passwords and access tokens of other apps, including Apple’s own iCloud and Mail and even Google Chrome.
“We completely cracked the keychain service—used to store passwords and other credentials for different Apple apps—and sandbox containers on OS X,” Lead researcher Luyi Xing told the Register, “and also identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps.”
According to the researchers, Apple has known about this security issue since late 2014. The company asked for a 6-month delay before the team made its discovery public. But Apple then went silent and still has not patched the holes.
The overwhelming dominance of Microsoft‘s Windows operating system has made it the prime target for hacking and malware over the past two decades. But as Apple’s OS X becomes more and more popular, these kinds of exploits will only grow more common. Now it’s up to Apple to respond with the appropriate fixes.
Photo via dlg_images/Flickr (CC BY SA 2.0)
Mike Wehner is a former tech editor for the Daily Dot who now writes for BGR. His work has appeared everywhere from Yahoo to CNN, and there’s a good chance his Apple Watch is dead right now.