+ Reply
Page 1 of 2 12 LastLast
Results 1 to 20 of 21

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Jailbroken Apple TV 2 Bug Lets User Access Stranger's Photostream Via MobileMe Account

is a discussion within the

Mac News

forums, a part of the

General Apple/Mac

section;
...
  1. #1
    MMi Staff Writer Phillip Swanson's Avatar
    Join Date
    Apr 2011
    Location
    Michigan
    Posts
    1,342
    Thanks
    0
    Thanked 79 Times in 46 Posts

    Default Jailbroken Apple TV 2 Bug Lets User Access Stranger's Photostream Via MobileMe Account


    ModMyi user Brandyn Baker ran into an interesting Apple TV glitch that allows him to view a complete strangers photo stream.

    Baker has his Apple TV 2 (firmware 4.4.4) Jailbroken using Seas0nPass like many of you. However, while attempting to sync his Mobile Me account he accidentally entered the wrong email address.

    The thing is, the wrong one was someone else's and I can see all their pictures from photo stream! I tried it with some other original names and it worked again...
    After numerous google searches I wasn’t able to find a topic or thread about this specific bug. A number of complaints surfaced from users unable to sync their MobileMe accounts with Apple TV, but none accidentally happened across someone else’s account entirely.

    Apple has yet to respond to our emails regarding the bug.

    Any other MMi members out there experience this bug? Has anyone been in contact with Apple about it?

    Source: Brandyn Baker
    Last edited by Phillip Swanson; 01-06-2012 at 06:01 PM.

  2. The Following User Says Thank You to Phillip Swanson For This Useful Post:

    brandyn baker (01-06-2012)

  3. #2
    iPhone? More like MyPhone
    Join Date
    Mar 2008
    Posts
    152
    Thanks
    4
    Thanked 4 Times in 3 Posts

    Wow

  4. #3
    szr
    szr is offline
    iPhone? More like MyPhone szr's Avatar
    Join Date
    Aug 2009
    Posts
    293
    Thanks
    111
    Thanked 23 Times in 19 Posts

    I assume this only allows one to view photos, but not actually edit anything.

  5. The Following User Says Thank You to szr For This Useful Post:

    brandyn baker (01-06-2012)

  6. #4
    Green Apple havoc0351's Avatar
    Join Date
    Sep 2007
    Location
    Camp Pendleton, CA
    Posts
    93
    Thanks
    5
    Thanked 14 Times in 10 Posts

    Quote Originally Posted by szr View Post
    I assume this only allows one to view photos, but not actually edit anything.
    I sure hope so. This is one hell of a bug. I hope no one has any "private" pictures on their photo stream...

  7. The Following User Says Thank You to havoc0351 For This Useful Post:

    brandyn baker (01-06-2012)

  8. #5
    My iPhone is a Part of Me kuhndsn's Avatar
    Join Date
    Sep 2007
    Location
    Travel-Entire US as well as EU
    Posts
    599
    Thanks
    77
    Thanked 115 Times in 71 Posts

    Phillip Swanson 06:47 PM Today
    "Apple has yet to respond to our emails regarding the bug".

    Why would apple respond? Since the device is Jailbroken if they did respond it would be in the form of why they don't allow Jailbroken devices. Thus if this turns out to be true and was because of a JB tweak only supports their strong stance against JBing

    No prob with mine. However, my apple tv is not Jailbroken
    Last edited by kuhndsn; 01-06-2012 at 08:25 PM.

  9. #6
    MMi Staff Writer Phillip Swanson's Avatar
    Join Date
    Apr 2011
    Location
    Michigan
    Posts
    1,342
    Thanks
    0
    Thanked 79 Times in 46 Posts

    Quote Originally Posted by kuhndsn View Post
    Phillip Swanson 06:47 PM Today
    "Apple has yet to respond to our emails regarding the bug".

    Why would apple respond? Since the device is Jailbroken if they did respond it would be in the form of why they don't allow Jailbroken devices. Thus if this turns out to be true and was because of a JB tweak only supports their strong stance against JBing

    No prob with mine. However, my apple tv is not Jailbroken
    Thats the issue though, is this a bug because of the jailbreak or simply a MobileMe Apple TV bug. Most likely it is because of the jailbreak, but it still begs clarification.

  10. #7
    Green Apple
    Join Date
    Dec 2011
    Posts
    36
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by kuhndsn View Post
    Phillip Swanson 06:47 PM Today
    "Apple has yet to respond to our emails regarding the bug".

    Why would apple respond? Since the device is Jailbroken if they did respond it would be in the form of why they don't allow Jailbroken devices. Thus if this turns out to be true and was because of a JB tweak only supports their strong stance against JBing

    No prob with mine. However, my apple tv is not Jailbroken
    It's Apple's responsibility to protect personal iCloud info, whether it's from JB'd devices. UnJB'd devices, or anywhere really.

  11. The Following User Says Thank You to Gaijinboy For This Useful Post:

    brandyn baker (01-06-2012)

  12. #8
    Drinks the Kool Aid Captinsmooth's Avatar
    Join Date
    Mar 2010
    Location
    New York
    Posts
    1,322
    Thanks
    131
    Thanked 351 Times in 199 Posts

    I think apple won't respond because its obvious the jailbreak is the cause of this breach. I also think its very irresponsible to be reporting this huge security flaw at modmyi, that's obviously due to the jail break. Its great, now people have to worry about there photo stream being accessed. What happen to Modmyi? There use to be a interest in protecting users, now its what ever news you can break.....

  13. #9
    What's Jailbreak? msb2011's Avatar
    Join Date
    Jul 2011
    Location
    Toronto, Ontario, Canada
    Posts
    26
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by kuhndsn View Post
    Phillip Swanson 06:47 PM Today
    "Apple has yet to respond to our emails regarding the bug".

    Why would apple respond? Since the device is Jailbroken if they did respond it would be in the form of why they don't allow Jailbroken devices. Thus if this turns out to be true and was because of a JB tweak only supports their strong stance against JBing

    No prob with mine. However, my apple tv is not Jailbroken
    Why wouldnt they respond. They must i mean regardless of jailbreak no body should be able to acess someone else mobile me account. This is a huge security flow with apple.

    Quote Originally Posted by Captinsmooth View Post
    I think apple won't respond because its obvious the jailbreak is the cause of this breach. I also think its very irresponsible to be reporting this huge security flaw at modmyi, that's obviously due to the jail break. Its great, now people have to worry about there photo stream being accessed. What happen to Modmyi? There use to be a interest in protecting users, now its what ever news you can break.....
    This is protecting users. Now we know what do at least for short term so that some junky out there cant acess our private pics.
    Last edited by msb2011; 01-06-2012 at 09:33 PM.

  14. #10
    iPhone? More like MyPhone Agent929's Avatar
    Join Date
    Oct 2011
    Location
    USA
    Posts
    271
    Thanks
    2
    Thanked 2 Times in 2 Posts

    Quote Originally Posted by kuhndsn View Post

    Why would apple respond? Since the device is Jailbroken if they did respond it would be in the form of why they don't allow Jailbroken devices. Thus if this turns out to be true and was because of a JB tweak only supports their strong stance against JBing
    That's bull. A security issue is still a security issue. If my information can be pulled onto somebody elses account, I would be pissed. It doesn't matter how they got it, Apple is suppose to secure my stuff.



    Mr. Swanson....geez I really wouldn't have put that up there until the bug got fixed. Don't you think that will get users starting to try this? Which I may add is illegal??

  15. #11
    My iPhone is a Part of Me luvmytj's Avatar
    Join Date
    Jul 2008
    Location
    New York
    Posts
    648
    Thanks
    32
    Thanked 66 Times in 52 Posts

    Quote Originally Posted by Captinsmooth View Post
    I think apple won't respond because its obvious the jailbreak is the cause of this breach. I also think its very irresponsible to be reporting this huge security flaw at modmyi, that's obviously due to the jail break. Its great, now people have to worry about there photo stream being accessed. What happen to Modmyi? There use to be a interest in protecting users, now its what ever news you can break.....
    Yeah, I gotta agree with you. Ya know everyone is on their jailbroken ATV's entering random emails now...

  16. #12
    Green Apple brandyn baker's Avatar
    Join Date
    Nov 2010
    Location
    Claremore, Oklahoma
    Posts
    63
    Thanks
    6
    Thanked 4 Times in 4 Posts

    i forgot to add that some of them had locked albums so ther IS a way to secure your pictures. and to the person that said its becuase i was jailbroken is wrong! i could do this without the jailbreak as well... so dont jump to conclusions bro!

    you cant edit anything and if the user has a lock on the album you need the password, so there is a way to further protect yourself!

    you cant acces them if your album has a password for the album!
    Last edited by brandyn baker; 01-06-2012 at 11:18 PM.

  17. #13
    What's Jailbreak?
    Join Date
    Jan 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Unless I'm missing something this is not a bug at all!
    From the video it looks like all that's happening is viewing another user's public MobileMe galleries.
    You can do this out of the box on an AppleTV, or on an iOS device using Apple's own Gallery app! So not so much a bug as an deliberate feature.
    An nothing to do with iCloud's photostream.

  18. #14
    Green Apple
    Join Date
    Dec 2010
    Posts
    32
    Thanks
    0
    Thanked 5 Times in 2 Posts

    Quote Originally Posted by Lamppost View Post
    Unless I'm missing something this is not a bug at all!
    From the video it looks like all that's happening is viewing another user's public MobileMe galleries.
    You can do this out of the box on an AppleTV, or on an iOS device using Apple's own Gallery app! So not so much a bug as an deliberate feature.
    An nothing to do with iCloud's photostream.
    Yeah what he said. After a bit of digging around myself, it's an apparent feature. You don't have to have mobileme to even be able to look at peoples photo. So while this may be little worrisome, it's nothing to worry about. It's just a feature of MobileME.

  19. #15
    Green Apple
    Join Date
    Jul 2008
    Posts
    63
    Thanks
    7
    Thanked 9 Times in 9 Posts

    apple need to fix it fast or i would say goodbye to Mobile me or even apple new beta products

  20. #16
    Green Apple
    Join Date
    Jan 2009
    Location
    London, UK
    Posts
    72
    Thanks
    4
    Thanked 4 Times in 3 Posts

    Quote Originally Posted by Delerowen View Post
    Yeah what he said. After a bit of digging around myself, it's an apparent feature. You don't have to have mobileme to even be able to look at peoples photo. So while this may be little worrisome, it's nothing to worry about. It's just a feature of MobileME.
    Absolutly true, just go to the MobileMe gallery app on the app store and read the description,

    and I quote...

    "To view a friends gallery, simply choose their name from your contacts or enter their MobileMe member name and you'll get instant access to their PUBLICLY SHARED PHOTO'S, too."

    Apple don't need to do anything, if you haven't set up your photo stream properly or are taking photos you don't want publicly shared you should be taking more care and reading the full description of the service!

    People are just moaning because they're to lazy to read what the service actually does!

  21. #17
    iPhoneaholic AUZambo's Avatar
    Join Date
    Jul 2010
    Posts
    469
    Thanks
    47
    Thanked 38 Times in 28 Posts

    Interesting. I'll have to give it a shot.

    *EDIT for 2 reasons:
    1. Could the developers of this site please fix the bug that causes only one of the posts to show up when you click the article link from the main page? It doesn't happen all the time, but it happens frequently enough that it's annoying!

    2. I guess I won't be giving it a shot since it appears to be a feature available to all ATV2 owners....which makes me wonder why Apple hasn't responded to questions about this with something like, "You big dummy. That's a feature built into the device, whether it's jailbroken or not."
    Last edited by AUZambo; 01-07-2012 at 06:34 AM.

  22. #18
    Green Apple
    Join Date
    Sep 2008
    Posts
    31
    Thanks
    0
    Thanked 1 Time in 1 Post
    Bahahahahahhaha you're all stupid and gullible

    l2put photos on private
    iPhone 4, iOS 5.0.1 Jailbroken
    iPad 2, iOS 5.0.1 Clean

    Windows 7

  23. #19
    What's Jailbreak? dz302's Avatar
    Join Date
    Apr 2008
    Posts
    22
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by Phillip Swanson View Post
    Thats the issue though, is this a bug because of the jailbreak or simply a MobileMe Apple TV bug. Most likely it is because of the jailbreak, but it still begs clarification.
    Your amazing Phil. Why would you think it "begs" clarification? The security issue is on only jb'n units and your holding
    Apple accountable to research this? You emailed Apple and they have yet to answer you? lol Heads will roll at Apple
    if corporate should find out you've been kept waiting. Painful Phil, very painful.

    dz

  24. #20
    What's Jailbreak?
    Join Date
    Oct 2011
    Location
    NSW Australia
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Some people are so stupid.

    It's Apples responsibility to fix an iCloud vulnerability. If a jailbroken ATV can access a non-jailbroken ATV's stream, then Apples at fault here, and needs to patch it up.

    @people saying its jailbreakers fault.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts