A security researcher in Delhi, India, reported that Apple paid him $100,000 through its bug bounty program for finding a vulnerability in its Sign in with Apple feature that could have resulted in the takeover of users' third-party website and app accounts.
In a May 30 blog post, researcher Bhavuk Jain explains how he detected the bug that could have fully compromised third-party user accounts , regardless their whether or not users had a valid Apple ID. Apple has since reportedly corrected the flaw, although it has not publicly addressed the bounty payment.
The computer company’s sign-in works similarly to 0Auth 2.0. According to Jain, there are two ways to authenticate a user: 1) a JWT (JSON Web Token) or 2) a code generated by the Apple server. The code then generates a JWT.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.