Update on that .Mac security thing
Published on 10 Dec 2007 at 1:46 am.
No Comments.
Filed under Uncategorized.
Regular readers should remember my little post titled “My Mac’s security is being compromised by .Mac.” If you don’t remember it, go ahead and read it now. After reading the comments and some other posts on the web about similar issues I began to think it might be expected behavior, but I always questioned it…
Who would expect adding an email account would cause file sharing not to ask for a password?
And I concluded that even if it were expected, it was boneheaded. Before I ever posted the issue here I sent it to Apple. I admit I didn’t give Apple much time to fix it but I felt like it was a very minor issue. I knew it only happened on a local network (Bonjour) so I wasn’t worried that anyone would use this information to exploit a remote machine in any way.
A few days ago I received a reply from Apple. The reply reads in part:
Regarding the issue you reported, after further investigation it has been determined that this is a known issue. We take any report of a potential security issue very seriously. It is being addressed, and we would like to thank you for taking the time to pass it along to us.
So there you have it. Its a known issue, and its being addressed. I hope to see the fix sooner than later because it still really bugs me. Of course in February I won’t be .Mac member anymore and I’ll once again be safe from myself or anyone who happens to commandeer my MacBook.
