Am I the only one concerned that an iCloud backup translating into information d... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ryao on Feb 21, 2016 \| parent \| context \| favorite \| on: San Bernardino County tweets it reset attacker iCl... Am I the only one concerned that an iCloud backup translating into information disclosure is a major security weakness in Apple's platform? Also, since Apple remembers old iCloud passwords to prevent reuse for a year, what stops them from setting it to the original value in their database? Even if there were information lost in their database when the password changed, surely they have backups, right?

GhotiFish on Feb 21, 2016 | [–]

backups I can see being a problem. Though just because you can prevent people from using duplicate passwords doesn't mean you can reset it to that password. Just use a hash.

camillomiller on Feb 21, 2016 | [–]

I don't think they can do that

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact