Six Lines

FaceTime Security Hole

Posted by Aaron Massey on 21 Oct 2010.

Apple released a FaceTime client for OS X yesterday allowing Mac users to video chat with other FaceTime-capable devices, like the iPhone 4. However, the Mac client has a serious security hole in it:

FaceTime for Mac was released yesterday with an apparently slack-jawed, if not exactly gaping, security hole. Macworld Germany has noted that once a user has logged into FaceTime for Mac with his or her Apple ID, the password on the account can be changed from FaceTime without knowledge of the old password, leaving the account ripe for the picking by any passersby of the physical computer.

One of these days Apple is going to have to get their act together and take security seriously.