Emasontweni ambalwa, sibonile ukuthi kumawebhusayithi ahlukene kanye nezinsizakalo ze-intanethi ezivela eceleni singakwazi "ukungena ngemvume" ne-yethu I-Apple ID. Iqiniso ukuthi ngiqala ukumbona, ngishwabanise ikhala lami futhi bengingahlekisi. Ngalezi zinto sengivele ngine-akhawunti ye-Gmail "engenamsebenzi", lapho anginandaba uma ngithola ugaxekile ngoba angikaze ngikubuke.
Uma kuliqiniso ukuthi lapho i-Apple isilufake lolu hlelo, iqinisekise ukuthi insiza yewebhu eyisebenzisayo ayitholi idatha yomsebenzisi noma iyivumele ukuthi ithumele ogaxekile. Kepha mina, uma kungenzeka, angihleleli ukuyisebenzisa. Manje siyazi ukuthi bekukhona ifayela le- ukwephulwa kwezokuphepha kulolu hlelo futhi inkampani iklomelise kakhulu owathola iphutha.
Ukuba sengozini kwezokuphepha nge- "Sign in with Apple" bekungavumela abaduni ukuthi basebenzise ngokugcwele ama-akhawunti womsebenzisi afinyelelwe ngalolu hlelo. Ngenhlanhla, le bug yabonwa ngumcwaningi wezokuphepha osuselwa e-India Bhavuk jain.
Ibhonasi engu- $ 100.000
Nayi inzuzo yami yokuqala enamadijithi ayi-6 kusuka ku- @I-apula. Okuthunyelwe kwebhulogi kuzovuka ngesonto elizayo. #bugbounty pic.twitter.com/QygxvtGYJb
- Bhavuk Jain (@ bhavukjain1) Kwangathi 24, 2020
Eposini le-blog elithunyelwe ngempelasonto, uJain uqaphele ukuthi wazise i-Apple ngobungozi ngo-Ephreli. Ngokushesha kusuka kuCupertino baqinisekise iphutha futhi laxazululwa. Ngenxa yohlelo lwe-Apple lwe-bug bounty, usosayensi wekhompyutha uklonyelisiwe Amadola ka-100.000 njengokubonga okutholakele okubalulekile okutholakele.
Iphutha lifaka inkinga ngamathokheni wewebhu akhiqizwe lapho kusetshenziswa uhlelo «Ngena ngemvume nge-Apple»Ezinsizakalweni zewebhu ezivela eceleni. UJain uqaphele ukuthi ukuba sengozini kwenza ukuthi noma ngubani akwazi ukucela amathokheni nganoma iyiphi i-ID ye-imeyili ye-Apple. Zingasetshenziswa njengamathokheni ukuqinisekisa ubunikazi. Lokhu kuzovumela abahlaseli ukuthi bachithe ithokheni ngokuyixhumanisa ne-ID ye-Apple. Ukusuka lapha, umfokazi uzoba nokufinyelela okugcwele nge-Apple iD.
Abathuthukisi abaningi bahlanganise "Ukungena ngemvume nge-Apple" lapho kudingeka khona i-akhawunti futhi sebenayo eminye imininingwane yokungena emphakathini. Ngokwesibonelo, I-Facebook, iDropbox, iSpotify, i-Airbnb, iGiphy njll
Lezi zinhlelo zokusebenza bezingaba sengozini ekuthathweni kwe-akhawunti ephelele uma ngabe bezingekho ezinye izindlela zokuphepha ezikhona ngenkathi umsebenzisi eqinisekiswa. Ngokusho kukaJain, u-Apple wenze uphenyo wakuthola lokho ayikho i-akhawunti eye yathikanyezwa ngenxa yalokhu kungena ngemvume ngaphambi kokulungisa ukwephulwa kwezokuphepha.