Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
oops.

Serious ?

username : Apple

password : foxconn2

Wow.

Epic fail.

/looks around for an epic fail graphic.

This absolutely blew my mind. That was the first thing I noticed. Surely, that can't be real, could it? While I'm positive there are many other security measures in place, could this really be the user and password combo they actually, really used? My jaw literally dropped when I saw that screenshot. (Don't worry, I picked it up.)

I've heard of high-profile folks, companies, and countless people using simple username / password combos, but I thought those days were long gone. Looks like Dictionary Hackers are going to be making a comeback soon. I hope no one else has gotten lazy with passwords these days...

New password - foxconn3

That seriously made me LOL. My first thought was that foxconn1 must have ben hacked and changed already. :p
 
Relax dude...

Kind of like when a woman dresses provocatively she deserves to be raped? Or when you leave the front door unlocked you deserve to have your family murdered?

Technically, the answer is "yes"" and "no". Of course no one deserves to be purposefully abused or taken advantaged of, that's just ridiculous, and I think you're overreacting to what I wrote.

I'll use your own analogies to further my earlier point: if you live in a unsafe neighborhood, then why would you leave the door unlocked knowing trouble lurks nearby?! And if you're a woman dressed provocatively strolling through a seedy part of town, surely it's fair to say that's none-too-wise to do if you wish to avoid attracting the wrong type of attention there & then, no? It's just common sense to take note of your surroundings and not be foolish about the reality of where you're at, ideal world or not.

It's a harsh point I was making earlier but the fact is Foxconn is supposed to have these basic security issues accounted for, and they're too big of a partner of Apple to screw up this badly. Like I said before, they're fortunate that the hackers actually weren't intent to do more damage. Hopefully Foxconn learned from this.
 
Technically, the answer is "yes"" and "no". Of course no one deserves to be purposefully abused or taken advantaged of, that's just ridiculous, and I think you're overreacting to what I wrote.

I'll use your own analogies to further my earlier point: if you live in a unsafe neighborhood, then why would you leave the door unlocked knowing trouble lurks nearby?! And if you're a woman dressed provocatively strolling through a seedy part of town, surely it's fair to say that's none-too-wise to do if you wish to avoid attracting the wrong type of attention there & then, no? It's just common sense to take note of your surroundings and not be foolish about the reality of where you're at, ideal world or not.

It's a harsh point I was making earlier but the fact is Foxconn is supposed to have these basic security issues accounted for, and they're too big of a partner of Apple to screw up this badly. Like I said before, they're fortunate that the hackers actually weren't intent to do more damage. Hopefully Foxconn learned from this.

But what if these dumps contain information on the next iphone and ipad...could ruin the launches.
 
Kind of like when a woman dresses provocatively she deserves to be raped? Or when you leave the front door unlocked you deserve to have your family murdered?

Seriously, why were these passwords not redacted on this post, and why are people admitting to trying to use them? Fairly sure that's illegal.

You're really going to compare a woman being raped to a ****** password like foxconn2 ? Really?

Not even in the same league.
 
But what if these dumps contain information on the next iphone and ipad...could ruin the launches.

Well, I suppose then Apple will be "re-evaluating" their use of Foxconn for future product launches.



You're really going to compare a woman being raped to a ****** password like foxconn2 ? Really?

Not even in the same league.

Thank you. Glad I'm not the only one who took note of that obnoxious analogy.
 
According to the hackers tweets this happened 23 hours ago.

They even warned 13 days ago it was gonna happen.

@swaggsec

Just goes to show you Internet Explorer is not safe, and were these systems running windows 95?
 
Jan. 26th :


1/26/12 6:08 PM
Going to be a good week. @DestructiveSec Owned, and Big leak coming soon. Note: Make sure your browser is up to date. #HackingWithSwagger

--—---------
 
In terms of them having chosen an overly simplistic password, I remember Apple used to have a publicly viewable domain at private.apple.com, with folders for some of their suppliers. I think I wrote about it on MacRumors at one point, but this was in the early 2000s. I kind of even remember there being a Foxconn folder, but it could be a false memory. Maybe it was Flextronics. Hard to recall.
 
Oh God, you know, it's not just the weak password or the sloppy security on Foxconn's part...

They stored the damned password in plain text! YOU NEVER, EVER STORE PASSWORDS AS PLAIN TEXT! It doesn't look like these guys just bruteforced a hashed password. It looks like plain friggin' text. Unbelievable.
 
Windows 3.1 actually with the first version of Internet Explorer :p

Oh.........Hahah .......:rolleyes:

I would love to see a 10% Market share for Apple compared to the 90% Windows share reversed just to see OSX DESTROYED with security flaws.

You know why it ain't ??? It isn't worth it to the hackers...You Hear that ?? You aren't worth it !

BTW-- Foxconn servers run on a UNIX system .....so ....you know....shut up:D
 
Oh God, you know, it's not just the weak password or the sloppy security on Foxconn's part...

They stored the damned password in plain text! YOU NEVER, EVER STORE PASSWORDS AS PLAIN TEXT! It doesn't look like these guys just bruteforced a hashed password. It looks like plain friggin' text. Unbelievable.

Well foxconns CEO had a good password.

screen-shot-2012-02-08-at-9-57-09-pm.png
 
I thought the only purpose of Internet Explorer was to download another web browser... I honestly didn't know it could go to anything other than Mozilla.com...
 
This is almost like a spy show where the hero/spy has 30 sec. to unlock the targets laptop password and at first tries several different combos until s/he looks around and sees the family photo on the desk and uses the persons family birthdate/maiden name/whatever. :D
 
I thought the only purpose of Internet Explorer was to download another web browser... I honestly didn't know it could go to anything other than Mozilla.com...

www.google.com/chrome

----------

25% of users in China still use IE6. Take a look:
http://www.ie6countdown.com/

Also: Storing plaintext passwords instead of salted hashes? Tut tut.

these are the people with pirated versions of WinXP which never dare to upgrade anything due to fear of the black screen M$ imposed on (detected by KB970133 or sth like that) pirated machines.
 

And you know the sadiest part is I was dead serious about it. It is really scary how many companies still use IE 6 for all there internal company stuff because they are to cheap to recode everything for more modern standards.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.