[OT] time to change your iTunes password?

Keith Clarke keith.clarke at clarkeandclarke.co.uk
Fri Jan 7 13:00:33 EST 2011 

...I still wonder whether this is evidence of Apple security being compromised (big problem for all) versus a simple numbers game exploiting user stupidity/laziness (more fool them). 

A web-crawler captures publicly listed email addresses, these then get tested as iTunes logins, coupled with the top-10 worst passwords. The surprising stat would be if there are merely 50,000 iTunes users that are that sufficiently stupid and/or lazy? 

There are probably more than 50,000 youtube videos showing monitors in the background that are covered in post-its with passwords and banking details! :-) 

On 7 Jan 2011, at 17:28, Bob Sneidar wrote:

> I think hacking is a term that is used loosely to mean any kind of security compromise. It's used mostly by the media who are communicating with a market that in the lowest common denominator would not be able to define the difference between a hack and a crack, or a virus and a trojan. That is why I believe this is the result of some kind of key logging trojan. If someone found a way to successfully hack an iTunes store account, the number would not be 55,000 it would be more like 5,000,000. 
> 
> Bob
> 
> 
> On Jan 7, 2011, at 9:13 AM, Keith Clarke wrote:
> 
>> Maybe but is there actual proof of hacking - or could this be the far more likely human trait of stupidity? 
>> Perhaps these 50,000 accounts just belong to the numpties whose password = 'password', '12345' or similar? 
>> 
>> On 7 Jan 2011, at 16:57, Colin Holgate wrote:
>> 
>>> 
>>> On Jan 7, 2011, at 11:50 AM, Bob Sneidar wrote:
>>> 
>>>> The same password in AES-256 would take 1.2 million years. 
>>> 
>>> 
>>> From Wikipedia:
>>> 
>>> A device that could check a billion billion (1018) AES keys per second would in theory require about 3×1051 years to exhaust the 256-bit key space.
>>> _______________________________________________
>>> use-livecode mailing list
>>> use-livecode at lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>> 
>> 
>> _______________________________________________
>> use-livecode mailing list
>> use-livecode at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
> 
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode

More information about the use-livecode mailing list