Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Foxconn's Servers Hacked, Exposing Vendor Usernames and Passwords

Peace said:
oops.

Serious ?

username : Apple

password : foxconn2

Wow.

Epic fail.

/looks around for an epic fail graphic.
Click to expand...

This absolutely blew my mind. That was the first thing I noticed. Surely, that can't be real, could it? While I'm positive there are many other security measures in place, could this really be the user and password combo they actually, really used? My jaw literally dropped when I saw that screenshot. (Don't worry, I picked it up.)

I've heard of high-profile folks, companies, and countless people using simple username / password combos, but I thought those days were long gone. Looks like Dictionary Hackers are going to be making a comeback soon. I hope no one else has gotten lazy with passwords these days...

MattInOz said:
New password - foxconn3
Click to expand...

That seriously made me LOL. My first thought was that foxconn1 must have ben hacked and changed already. :p
 
Relax dude...

WestonHarvey1 said:
Kind of like when a woman dresses provocatively she deserves to be raped? Or when you leave the front door unlocked you deserve to have your family murdered?
Click to expand...

Technically, the answer is "yes"" and "no". Of course no one deserves to be purposefully abused or taken advantaged of, that's just ridiculous, and I think you're overreacting to what I wrote.

I'll use your own analogies to further my earlier point: if you live in a unsafe neighborhood, then why would you leave the door unlocked knowing trouble lurks nearby?! And if you're a woman dressed provocatively strolling through a seedy part of town, surely it's fair to say that's none-too-wise to do if you wish to avoid attracting the wrong type of attention there & then, no? It's just common sense to take note of your surroundings and not be foolish about the reality of where you're at, ideal world or not.

It's a harsh point I was making earlier but the fact is Foxconn is supposed to have these basic security issues accounted for, and they're too big of a partner of Apple to screw up this badly. Like I said before, they're fortunate that the hackers actually weren't intent to do more damage. Hopefully Foxconn learned from this.
 
blue22 said:
Technically, the answer is "yes"" and "no". Of course no one deserves to be purposefully abused or taken advantaged of, that's just ridiculous, and I think you're overreacting to what I wrote.

I'll use your own analogies to further my earlier point: if you live in a unsafe neighborhood, then why would you leave the door unlocked knowing trouble lurks nearby?! And if you're a woman dressed provocatively strolling through a seedy part of town, surely it's fair to say that's none-too-wise to do if you wish to avoid attracting the wrong type of attention there & then, no? It's just common sense to take note of your surroundings and not be foolish about the reality of where you're at, ideal world or not.

It's a harsh point I was making earlier but the fact is Foxconn is supposed to have these basic security issues accounted for, and they're too big of a partner of Apple to screw up this badly. Like I said before, they're fortunate that the hackers actually weren't intent to do more damage. Hopefully Foxconn learned from this.
Click to expand...

But what if these dumps contain information on the next iphone and ipad...could ruin the launches.
 
WestonHarvey1 said:
Kind of like when a woman dresses provocatively she deserves to be raped? Or when you leave the front door unlocked you deserve to have your family murdered?

Seriously, why were these passwords not redacted on this post, and why are people admitting to trying to use them? Fairly sure that's illegal.
Click to expand...

You're really going to compare a woman being raped to a ****** password like foxconn2 ? Really?

Not even in the same league.
 
fins831 said:
But what if these dumps contain information on the next iphone and ipad...could ruin the launches.
Click to expand...

Well, I suppose then Apple will be "re-evaluating" their use of Foxconn for future product launches.



AbSoluTc said:
You're really going to compare a woman being raped to a ****** password like foxconn2 ? Really?

Not even in the same league.
Click to expand...

Thank you. Glad I'm not the only one who took note of that obnoxious analogy.
 
Peace said:
According to the hackers tweets this happened 23 hours ago.

They even warned 13 days ago it was gonna happen.

@swaggsec
Click to expand...

Just goes to show you Internet Explorer is not safe, and were these systems running windows 95?
 
Jan. 26th :


1/26/12 6:08 PM
Going to be a good week. @DestructiveSec Owned, and Big leak coming soon. Note: Make sure your browser is up to date. #HackingWithSwagger

--—---------
 
In terms of them having chosen an overly simplistic password, I remember Apple used to have a publicly viewable domain at private.apple.com, with folders for some of their suppliers. I think I wrote about it on MacRumors at one point, but this was in the early 2000s. I kind of even remember there being a Foxconn folder, but it could be a false memory. Maybe it was Flextronics. Hard to recall.
 
Oh God, you know, it's not just the weak password or the sloppy security on Foxconn's part...

They stored the damned password in plain text! YOU NEVER, EVER STORE PASSWORDS AS PLAIN TEXT! It doesn't look like these guys just bruteforced a hashed password. It looks like plain friggin' text. Unbelievable.
 
troop231 said:
Windows 3.1 actually with the first version of Internet Explorer :p
Click to expand...

Oh.........Hahah .......:rolleyes:

I would love to see a 10% Market share for Apple compared to the 90% Windows share reversed just to see OSX DESTROYED with security flaws.

You know why it ain't ??? It isn't worth it to the hackers...You Hear that ?? You aren't worth it !

BTW-- Foxconn servers run on a UNIX system .....so ....you know....shut up:D
 
Durendal said:
Oh God, you know, it's not just the weak password or the sloppy security on Foxconn's part...

They stored the damned password in plain text! YOU NEVER, EVER STORE PASSWORDS AS PLAIN TEXT! It doesn't look like these guys just bruteforced a hashed password. It looks like plain friggin' text. Unbelievable.
Click to expand...

Well foxconns CEO had a good password.

screen-shot-2012-02-08-at-9-57-09-pm.png
 
I thought the only purpose of Internet Explorer was to download another web browser... I honestly didn't know it could go to anything other than Mozilla.com...
 
This is almost like a spy show where the hero/spy has 30 sec. to unlock the targets laptop password and at first tries several different combos until s/he looks around and sees the family photo on the desk and uses the persons family birthdate/maiden name/whatever. :D
 
HangmanSwingset said:
I thought the only purpose of Internet Explorer was to download another web browser... I honestly didn't know it could go to anything other than Mozilla.com...
Click to expand...

www.google.com/chrome

----------
Demigod Mac said:
25% of users in China still use IE6. Take a look:
http://www.ie6countdown.com/

Also: Storing plaintext passwords instead of salted hashes? Tut tut.
Click to expand...

these are the people with pirated versions of WinXP which never dare to upgrade anything due to fear of the black screen M$ imposed on (detected by KB970133 or sth like that) pirated machines.
 
AidenShaw said:
LOL!
Click to expand...

And you know the sadiest part is I was dead serious about it. It is really scary how many companies still use IE 6 for all there internal company stuff because they are to cheap to recode everything for more modern standards.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back