Article first published as Facetime For Mac Reveals Huge Security Hole on Technorati.
I feel bad that I’ve been picking on Steve Jobs so much lately but for all his recent verbal sparring with Google and RIM over the “mess” of their respective platforms, Jobs would be wise to check his inflated ego at the door.
Less than 24 hours after the much anticipated “Back To The Mac” Keynote that saw the merging of OS X with iOS, and the announcement of the Mac App Store, Engadget is reporting on a rather gaping security hole in the recently released Facetime for Mac Beta that puts your personal data, including account security questions, answers, and even your date of birth on public display.
According to reports, anyone with access to your laptop can easily change your password and/or security question for your account without having to know the answers to either of the above to begin with. Signing out of Facetime provides no peace of mind either since the app generously stores your password, and recalls the information once you’re logged in, making it all too easy for would-be hackers to sign in to your account with relative ease and wreak havoc.
So much for that Walled Garden mentality.
MacLife’s J Keirn-Swanson, who reported on the security lapse, offered this bit of advice for those of us camping out at our local Starbucks:
Now, granted, someone has to have physical access to your computer to see this information, but looking over your shoulder in a coffee shop isn’t that hard to pull off. And with this information, they can change your password and lock you out of your own account while they run rampant. Apparently, you can even reset your password in FaceTime without being first prompted to enter the original password.
Ouch. And if you think that’s bad, completely independent of Apple, developer Zach Holman has brought a whole new layer to the saga with his newest endeavor. To describe it, I’ll paraphrase Jobs’ comment about the marriage of iOS and OS X from the Keynote yesterday. “What would happen if Facetime and Chat Roulette hooked up?” The answer? Facelette.
I don’t know what’s worse: the aforementioned security hole, or the idea of chatting with random strangers on Facetime while such a security hole compromises and exposes your personal data. Though to be fair, if Chat Roulette has taught us anything since its 2009 inception it’s that exposing yourself, however you look at it, isn’t exactly new territory.
I’m just sayin.’