All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Upgrade the memory of your 2020 iMac up to 128GB
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$1998 $1798
SAVE $200

$4499 $2999
SAVE $1500

$1799 $1599
SAVE $200

$3498 $2998
SAVE $500

$2198 $1748
SAVE $450

$898 $698
SAVE $200

$2999 $1699
SAVE $1300

$799 $529
SAVE $270

$2397 $2197
SAVE $200

$130 $100
SAVE $30

$2397 $2197
SAVE $200

$1697 $1597
SAVE $100

$2998 $2798
SAVE $200

$2198 $1748
SAVE $450

$1799 $1599
SAVE $200

$2198 $1898
SAVE $300

If Apple Can’t Get the Basics Right, How Can you Expect Security? — “We Hacked Apple for 3 Months: Here’s What We Found”

Apple cannot get the basics right.

Apple T2 Chip: Unfixable Security Flaw that Gives Attacker Full Control

But security is among the most difficult challenges of software development—far more difficult than ordinary features.

We Hacked Apple for 3 Months: Here’s What We Found

Between the period of July 6th to October 6th myself, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes worked together and hacked on the Apple bug bounty program.


During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources.

There were a total of 55 vulnerabilities discovered with 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity reports. These severities were assessed by us for summarization purposes and are dependent on a mix of CVSS and our understanding of the business related impact.

As of October 6th, 2020, the vast majority of these findings have been fixed and credited. They were typically remediated within 1-2 business days (with some being fixed in as little as 4-6 hours).

MPG: should give anyone pause. Then consider state actors.



Save the tax, we pay you back, instantly!
View all handpicked deals...

FUJIFILM GFX 50R Medium Format Mirrorless Camera
$4499 $2999
SAVE $1500

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__