Re: Apple's faith-based security taking a hammering

[Joel Esler <joel.esler () me com>]

On Sep 13, 2011, at 11:18 PM, Nick FitzGerald wrote:
> Valdis to Joel Esler:
>
> > > Oh, I'm a fanboy.  Anyone knows that.  I'm also a believer in the factor that
> > > "most humans are stupid" and set their passwords to "password".
> >
> > Am I the only one surprised that unintentional mis-spellings of "password" aren't higher
> > up the "most frequently used password" lists?
>
> Although I tend to have some sympathy with Joel's position, fortunately 
> (?) most password creation software/interfaces is actually produced by 
> people with a few more security clues than your typical Mac fan boy, 
> and require the entry and re-entry of passwords during the creation 
> process.  This presumably puts a significant crimp on the rate of 
> creation of unintentionally mis-spelled passwords.

My thought behind the whole thing is that iTunes accounts are getting hacked by brute force of the password.  I have no 
proof that /this/ is the way these hacks are taking place, just a theory.

J

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.