Apple paid a developer $100,000 for founding a critical bug in "Sign in with Apple" process

Sign in with Apple image
Image: Apple


Developer Bhavuk Jain has found a method to steal an Apple user account by using a vulnerability in the "Sign in with Apple" process. Sign in with Apple is a method introduced by Apple last year as an alternative to other sign-in options like Sign in with Google, and Sign in with Facebook these methods will eliminate the process of creating an account and password while logging into several websites and apps.

But these methods will give the websites the email id information and can also send usage data to Google or Facebook for advertising purposes, So, Apple introduced "Sign in with Apple" method for protecting user privacy and information while also eliminating the hassle of creating several accounts for several website logins.

The uniqueness of Sign in with Apple is that it will give the user the option to hide their email id and will provide an autogenerated email id to the website that the user is trying to login in. Because of this, there is no chance of spam mails in the user's inboxes and users can opt-out whenever they want if they suspect something suspicious.

But there a bug in this Sign in with Apple process and it was found by Bhavuk Jain, a developer who was awarded $100,00 for finding the bug and reporting it to Apple. This is how "Sign in with Apple" works, when a user clicks sign in with apple, apple will generate a unique email id if the user opts to hide their email id, later apple will generate a code or use  JWT (JSON Web Token) to authorize a user, the provided email id by Apple is what a website or app will use to log in the user.

This will make users feel safe knowing that there account information is safe and they don't have to worry if there is a data breach on one of the websites that they've logged in. 




"I found I could request JWTs for any Email ID from Apple and when the signature of these tokens was verified using Apple’s public key, they showed as valid. This means an attacker could forge a JWT by linking any Email ID to it and gaining access to the victim’s account," Jain wrote on his blog explaining the bug.

Jain confirms that Apple did an investigation of their logs and found that there is no misuse or account compromised due to this vulnerability in Sign in with Apple.

Via, Gizmodo

Comments

Post a Comment

Comment your thoughts and feedback

The Windows 10 2004 update has led to Hard drive management problems for some users
Microsoft Teams is now extending to home users
Google's "Nearby Sharing" is coming to PCs, MACs and Chromebooks
A $5 billion lawsuit filed against Google for tracking user's information in incognito mode
iOS users can now Audio Tweet on Twitter

Contact Us.

Name

Email *

Message *