[OT] time to change your iTunes password?

Bob Sneidar bobs at twft.com
Fri Jan 7 10:50:48 CST 2011


I'm going to go out on a limb here and say that these people got a trojan on a Windows machine which logged their keyboard while the users were accessing their iTunes accounts. Otherwise I think it would have been a whole helluvalot more. 

Everything Apple does with security is AES based. I have not heard of anyone trying to "crack" an AES hash. I went to a security conference once, where they announced that to crack an MD5 hash (think Windows XP/2000 Logins) a fairly complex password could be brute forced in anywhere from 5 minutes to two hours. The same password in AES-256 would take 1.2 million years. 

Bob


On Jan 7, 2011, at 7:14 AM, Richard Gaskin wrote:

> While only 50,000 of the several million accounts have been hacked, it may be good to err on the safe side and review the recent transactions for your account and update the password; I just did both here.
> 
> 
> Hacked iTunes accounts sold online
> <http://china.globaltimes.cn/society/2011-01/609351.html>
> 
> More:
> <http://www.google.com/search?q=Hacked+Apple+iTunes+accounts+sell+in+China>
> 
> 
> --
> Richard Gaskin
> Fourth World
> LiveCode training and consulting: http://www.fourthworld.com
> Webzine for LiveCode developers: http://www.LiveCodeJournal.com
> LiveCode Journal blog: http://LiveCodejournal.com/blog.irv
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode




More information about the use-livecode mailing list