- No, that guy didn’t really fly alone on a Delta flight Saturday 4:31 PM
- Fans are paying to meet their favorite YouTubers online through pilot program Saturday 2:54 PM
- Behold: 12 straight hours of ‘Stranger Things” Alexei drinking a Slurpee Saturday 2:05 PM
- Influencer couple under fire for using holy water to splash genitals in Bali Saturday 1:29 PM
- These are the 10 best villains DC comics has ever conceived Saturday 1:11 PM
- The Daily Wire accused of stealing art design from pop artist for its merchandise Saturday 12:09 PM
- Instagram model Rianne Meijer on keeping it real with her followers Saturday 10:52 AM
- How to stream Chelsea vs. Leicester City Saturday 8:30 AM
- Florida man arrested after allegedly texting girlfriend his mass shooting plans Saturday 8:27 AM
- How to stream Real Madrid vs. Celta Vigo Saturday 8:20 AM
- How to stream Seahawks vs. Vikings in NFL preseason action Saturday 8:00 AM
- How to stream Steelers vs. Chiefs in NFL preseason action Saturday 6:30 AM
- Chuck E. Cheese recycles pizza is the conspiracy theory that won’t die Saturday 6:30 AM
- How to stream Cowboys vs Rams in NFL preseason action Saturday 6:00 AM
- Cómo ver el UFC 241: Daniel Cormier vs. Stipe Miocic Saturday 6:00 AM
Major bug in Apple’s computer OS leaves your passwords dangerously exposed
If you’re an Apple fan, this isn’t great news.
A team of researchers from Indiana University, Peking University, and the Georgia Institute of Technology claim to have busted the keychain wide open—and according to the team, Apple hasn’t fixed the bug since being alerted to it in October 2014.
In a pair of videos and a lengthy research paper, Luyi Xing, Xiaolong Bai, Tongxin Li, XiaoFeng Wang, Kai Chen, and Xiaojing Liao detail a process in which a malicious app—like the one the team built and snuck past Apple’s App Store review process—can access extremely sensitive data such as the passwords and access tokens of other apps, including Apple’s own iCloud and Mail and even Google Chrome.
“We completely cracked the keychain service—used to store passwords and other credentials for different Apple apps—and sandbox containers on OS X,” Lead researcher Luyi Xing told the Register, “and also identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps.”
According to the researchers, Apple has known about this security issue since late 2014. The company asked for a 6-month delay before the team made its discovery public. But Apple then went silent and still has not patched the holes.
The overwhelming dominance of Microsoft‘s Windows operating system has made it the prime target for hacking and malware over the past two decades. But as Apple’s OS X becomes more and more popular, these kinds of exploits will only grow more common. Now it’s up to Apple to respond with the appropriate fixes.
Photo via dlg_images/Flickr (CC BY SA 2.0)
Mike Wehner is a former tech editor for the Daily Dot who now writes for BGR. His work has appeared everywhere from Yahoo to CNN, and there’s a good chance his Apple Watch is dead right now.