FaceTime for Mac Has Huge Security Hole

Okay, okay, it’s a beta and we all know betas tend to have glitches big and small. Users poke, prod, and discover issues and the results of our testing trickles back to the software developers who squash bugs for a living. That’s the drill, but this seems a biggie to let slip out the door.

We clearly anticipate this one getting fixed really, really quickly. Via Mac Rumors we find that FaceTime for Mac displays your account information once you’re logged in. What kind of account information? you ask. How about your date of birth as well as your security question and its answer? How about that on display?

face time for mac kid

Now, granted, someone has to have physical access to your computer to see this information, but looking over your shoulder in a coffee shop isn’t that hard to pull off. And with this information, they can change your password and lock you out of your own account while they run rampant. Apparently, you can even reset your password in FaceTime without being first prompted to enter the original password.

What’s that? You say you’ll just log out of FaceTime when you’re done? Not so fast there, kids. FaceTime for Mac Beta is just so darned helpful that it remembers the last accessed account and autopopulates the information when you (or someone else) signs on. So you don’t even need to have FaceTime open to let anyone who gets their hands on your machine have full rein of anything you use your Apple ID for, like iTunes and the App Store.

Ain’t it grand being an early adopter?


Leave a Reply