3 June, 2013 | AppAdvice - http://appadvice.com/
Report: Apple's Two-Step Authentication Doesn't Protect iCloud DataApple launched a new two-step authentication system for iCloud back in March, and rolled the feature out internationally a couple of months later. According to a new report, however, iDevice users should be aware that Apple’s two-step authentication does not protect iCloud backups, and nevertheless leaves users vulnerable to the kind of hack which last year controversially struck Wired’s Matt Honan.
3 June, 2013 | GigaOM - http://gigaom.com/
Apple two-factor security efforts “half-hearted,” says security researcherLike many large tech companies, Apple has recently introduced a two-step security measure for Apple users. But Elcomsoft software finds that iCloud data and device backups are left unprotected, and that the company needs to do more to improve user protection.
1 June, 2013 | Mobile & Apps - http://www.mobilenapps.com/
Apple IDs vulnerable even after 'two-factor authentication'Apple was looking at its new two-factor authentication to improve the security for the Apple ID and iCloud access, but it seems like the Cupertino-based tech giant has to work harder to provide better protection to its users' data.
31 May, 2013 | Ars Technica - http://arstechnica.com/security/
iCloud users take note: Apple two-step protection won’t protect your dataIf you think your pictures, contacts, and other data are protected by the two-step verification protection Apple added to its iCloud service in March, think again. According to security researchers in Moscow, the measure helps prevent fraudulent purchases made with your Apple ID but does nothing to augment the security of files you store. To be clear, iCloud data is still secure so long as the password locking it down is strong and remains secret. But in the event that your account credentials are compromised—which is precisely the eventuality Apple's two-factor verification is intended to protect against—there's nothing stopping an adversary from accessing data stored in your iCloud account. Researchers at ElcomSoft—a developer of sophisticated software for cracking passwords—made this assessment in a blog post published Thursday.
31 May, 2013 | CNNMoney - http://money.cnn.com/
Apple's new security system has holesApple recently beefed up its authentication system in an effort to thwart hackers, but a new report shows the security measure is lacking in one huge area. Back in March, Apple (AAPL, Fortune 500) unveiled an optional "two-factor authentication" login method for its Apple ID. It's a basic security tool already used by Google (GOOG, Fortune 500), Facebook (FB) and Dropbox that requires both a password and a piece of data, such as a string of numbers sent via text message. Twitter also recently unveiled such a system following a series of prominent hacks of Twitter accounts. But security software company ElcomSoft explained in a blog post Thursday that Apple's new security measures protect users only in a few situations: app and music purchases, managing an Apple ID account or receiving customer support related to Apple ID. It does nothing to protect other important information, like photos and other files stored on its iCloud service.
31 May, 2013 | Infosecurity - http://www.infosecurity-magazine.com/
Apple’s two-factor authentication is not very thoroughBack in February, Norwegian hackers were raiding teenage girls’ iCloud accounts, downloading photos and offering them for sale. By March, Apple had introduced and started to roll out optional two-factor authentication to improve security. But it’s not that good, reports Elcomsoft.
31 May, 2013 | SC Magazine, Australia - http://www.scmagazine.com.au/
Apple 2FA doesn't cover iCloudAttackers can bypass Apple's two-factor authentication to download and install a victim's iPhone and iPad backups, a security firm has revealed. The Cupertino company deployed two-factor authentication for Apple identities in March, requiring a second form of verification for account management and iTunes or App Store purchases. But it did not extend the security across its iCloud service, meaning an attacker with a target's username and password in hand could still download and restore an iOS backup.
31 May, 2013 | SlashGear - http://www.slashgear.com/
iCloud not protected by Apple’s two-factor authentication, say researchersApple introduced two-factor authentication (or two-step verification if you’d like to call it that) with iCloud back in March, adding an extra layer of security to its cloud backup system. However, security researchers say that iCloud is still vulnerable to a break-in if your password is stolen.
31 May, 2013 | The Register - http://www.theregister.co.uk/
Apple's two-factor security isn't as good as Microsoft or Google's, say expertsBut according to research from security biz Elcomsoft, Apple did a "half-hearted job" of implementing its verification system, "leaving ways for the intruder to access users’ personal information, bypassing the (optionally enabled) two-factor authentication". Specifically iOS Backups and iCloud data is not protected by two-factor authentication.
31 May, 2013 | redOrbit.com - http://www.redorbit.com/
Apple’s Two-Step iCloud Authentication Deemed Unsecure By Third-Party Security FirmApple recently rolled out two-step authentication check for iCloud to protect users from having their account info changed without an additional, one-time password. They were a tad late to the game, however, as companies like Dropbox, Google, Facebook, Twitter and others have already implemented this additional security step for their users.