Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.sys.mac.system > #102213 > unrolled thread

Fake Email From Apple

Back to article view | Back to comp.sys.mac.system

Contents

  Fake Email From Apple csampson@inetworld.net (Charles H. Sampson) - 2017-03-11 18:23 -0800
    Re: Fake Email From Apple nospam <nospam@nospam.invalid> - 2017-03-11 21:24 -0500
    Re: Fake Email From Apple Lewis <g.kreme@gmail.com.dontsendmecopies> - 2017-03-12 16:17 +0000
      Re: Fake Email From Apple dcohenspam@talktalk.net (Daniel Cohen) - 2017-03-14 09:48 +0000
        Re: Fake Email From Apple nospam <nospam@nospam.invalid> - 2017-03-14 06:00 -0400
        Re: Fake Email From Apple befr@eaglesoft.de (Bernd Fröhlich) - 2017-03-14 11:36 +0100
        Re: Fake Email From Apple Jolly Roger <jollyroger@pobox.com> - 2017-03-14 16:02 +0000
        Re: Fake Email From Apple dorayme <do_ray_me@bigpond.com> - 2017-03-15 07:28 +1100
    Re: Fake Email !From Apple David Ritz <dritz@mindspring.com> - 2017-03-12 12:50 -0500
      Re: Fake Email !From Apple nospam <nospam@nospam.invalid> - 2017-03-12 13:51 -0500
        Re: Fake Email !From Apple David Ritz <dritz@mindspring.com> - 2017-03-12 17:30 -0500
          Re: Fake Email !From Apple nospam <nospam@nospam.invalid> - 2017-03-12 18:33 -0400
            Re: Fake Email !From Apple dorayme <do_ray_me@bigpond.com> - 2017-03-13 16:38 +1100
        Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-12 22:45 +0000
          Re: Fake Email !From Apple Alrescha <alrescha@gmail.com> - 2017-03-12 18:55 -0400
            Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-13 00:39 +0000
              Re: Fake Email !From Apple Alrescha <alrescha@gmail.com> - 2017-03-12 21:03 -0400
                Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-13 01:28 +0000
                  Re: Fake Email !From Apple Alrescha <alrescha@gmail.com> - 2017-03-13 00:39 -0400
                    Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-13 17:37 +0000
                      Re: Fake Email !From Apple dempson@actrix.gen.nz (David Empson) - 2017-03-14 09:58 +1300
                        Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-14 21:05 +0000
                          Re: Fake Email !From Apple Alrescha <alrescha@gmail.com> - 2017-03-14 17:41 -0400
                            Re: Fake Email !From Apple Jolly Roger <jollyroger@pobox.com> - 2017-03-14 21:50 +0000
                              Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-15 05:20 +0000
                                Re: Fake Email !From Apple Jolly Roger <jollyroger@pobox.com> - 2017-03-15 15:07 +0000
                                  Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-15 16:07 +0000
                                    Re: Fake Email !From Apple Jolly Roger <jollyroger@pobox.com> - 2017-03-15 16:34 +0000
                                      Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-15 17:58 +0000
                                        Re: Fake Email !From Apple Jolly Roger <jollyroger@pobox.com> - 2017-03-15 19:32 +0000
                                        Re: Fake Email !From Apple Lewis <g.kreme@gmail.com.dontsendmecopies> - 2017-03-18 14:51 +0000
                          Re: Fake Email !From Apple dempson@actrix.gen.nz (David Empson) - 2017-03-15 13:21 +1300
                  Re: Fake Email !From Apple Nelson <nelson@nowhere.com> - 2017-03-13 04:28 -0400
                    Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-13 17:31 +0000
                      Re: Fake Email !From Apple Nelson <nelson@nowhere.com> - 2017-03-13 14:30 -0400
                        Re: Fake Email !From Apple Nelson <nelson@nowhere.com> - 2017-03-13 15:17 -0400
                          Re: Fake Email !From Apple "David B." <DavidB@nomail.afraid.invalid> - 2017-03-13 23:33 +0000
          Re: Fake Email !From Apple dempson@actrix.gen.nz (David Empson) - 2017-03-13 14:36 +1300
            Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-13 03:54 +0000
              Re: Fake Email !From Apple Alrescha <alrescha@gmail.com> - 2017-03-13 00:35 -0400
              Re: Fake Email !From Apple Nelson <nelson@nowhere.com> - 2017-03-13 05:04 -0400
                Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-13 17:27 +0000
              Re: Fake Email !From Apple Lewis <g.kreme@gmail.com.dontsendmecopies> - 2017-03-13 14:13 +0000
                Re: Fake Email !From Apple JF Mezei <jfmezei.spamnot@vaxination.ca> - 2017-03-13 11:59 -0400
              Re: Fake Email !From Apple dempson@actrix.gen.nz (David Empson) - 2017-03-14 09:58 +1300
                Re: Fake Email !From Apple Patty Winter <patty1@wintertime.com> - 2017-03-14 21:09 +0000
                  Re: Fake Email !From Apple JF Mezei <jfmezei.spamnot@vaxination.ca> - 2017-03-14 17:53 -0400
                    Re: Fake Email !From Apple Jolly Roger <jollyroger@pobox.com> - 2017-03-14 23:40 +0000
                  Re: Fake Email !From Apple dempson@actrix.gen.nz (David Empson) - 2017-03-15 13:21 +1300
          Re: Fake Email !From Apple Lewis <g.kreme@gmail.com.dontsendmecopies> - 2017-03-13 14:10 +0000
    Re: Fake Email From Apple JF Mezei <jfmezei.spamnot@vaxination.ca> - 2017-03-12 17:27 -0400

Page 2 of 3 — ← Prev page 1 [2] 3  Next page →

#102278 — Re: Fake Email !From Apple

Patty Winter <patty1@wintertime.com> wrote:

> In article <oa57k6$n4v$1@dont-email.me>, Alrescha  <alrescha@gmail.com> wrote:
> >On 2017-03-13 01:28:43 +0000, Patty Winter <patty1@wintertime.com> said:
> >
> >> How could the computer be trusted when the only way I've ever signed on
> >> to iCloud from it was via the browser?
> >
> >I do not think this is possible.  Are you saying you have never signed
> >into iCloud in System Preferences on this device?
> 
> I didn't even know that was possible. I consider iCloud to be a website
> and had never looked for any other way to log in to it than by going to
> icloud.com with a web browser. 

That may be your impression if your only use of iCloud on a Mac had been
on Mac OS X 10.6 Snow Leopard prior to your recent upgrade to Sierra.

In Mac OS X 10.7 Lion and later, iCloud has native integration with Mac
OS X services, like it does on iOS. That integration is handled via the
iCloud pane in System Preferences, which only exists in Lion and later,
because iCloud was introduced after Lion was released, and Apple doesn't
backport major architectural changes to earlier OS versions.

The original iCloud feature set included syncing of contacts, calendars
and Safari bookmarks. Other features were added in later OS X versions,
including Documents & Data which later became iCloud Drive, iCloud
Keychain, and the Continuity features like Handoff.

> I think maybe there's an option to sign in to iCloud when one sets up
> a Mac for the first time, so I may (or may not) have done that when I
> upgraded this MacBook to Sierra several months ago. Maybe that cookie
> is persistent but browser verifications aren't?

Signing in to iCloud during Setup Assistant, or in System Preferences,
results in your user account on the computer being linked to your Apple
ID. That is what established your computer as "trusted" as far as Apple
ID two factor authentication is concerned, and allowed it to receive
authentication requests.

-- 
David Empson
dempson@actrix.gen.nz

[toc] | [prev] | [next] | [standalone]

#102320 — Re: Fake Email !From Apple

In article <1n2vf9j.o92cga16csbtkN%dempson@actrix.gen.nz>,
David Empson <dempson@actrix.gen.nz> wrote:
>Patty Winter <patty1@wintertime.com> wrote:
>
>> I didn't even know that was possible. I consider iCloud to be a website
>> and had never looked for any other way to log in to it than by going to
>> icloud.com with a web browser. 
>
>That may be your impression if your only use of iCloud on a Mac had been
>on Mac OS X 10.6 Snow Leopard prior to your recent upgrade to Sierra.

I just upgraded my iMac, but I bought a MacBook Pro a couple of years
ago and have been using iCloud on that, so I've been through the whole
Yosemite-area OS series. Never had any need to log in to iCloud other 
than through a web browser.


>The original iCloud feature set included syncing of contacts, calendars
>and Safari bookmarks. Other features were added in later OS X versions,
>including Documents & Data which later became iCloud Drive, iCloud
>Keychain, and the Continuity features like Handoff.

Which I discovered when my MacBook "rang" one day after I got an iPhone. :-)


Patty

[toc] | [prev] | [next] | [standalone]

#102325 — Re: Fake Email !From Apple

On 2017-03-14 21:05:22 +0000, Patty Winter <patty1@wintertime.com> said:

> Which I discovered when my MacBook "rang" one day after I got an iPhone. :-)

This implies that however you did it, you are logged in in System 
Preferences at the system level, not just in a web browser.

A.

[toc] | [prev] | [next] | [standalone]

#102326 — Re: Fake Email !From Apple

Alrescha <alrescha@gmail.com> wrote:
> On 2017-03-14 21:05:22 +0000, Patty Winter <patty1@wintertime.com> said:
> 
>> Which I discovered when my MacBook "rang" one day after I got an iPhone. :-)
> 
> This implies that however you did it, you are logged in in System 
> Preferences at the system level, not just in a web browser.

Yep. She probably just forgot that the installer (setup assistant) asked
her for her iCloud credentials during setup, which logged her into iCloud
and is reflected in System Preferences. 

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[toc] | [prev] | [next] | [standalone]

#102348 — Re: Fake Email !From Apple

In article <eir6tsFjm6mU1@mid.individual.net>,
Jolly Roger  <jollyroger@pobox.com> wrote:
>Alrescha <alrescha@gmail.com> wrote:
>> 
>> This implies that however you did it, you are logged in in System 
>> Preferences at the system level, not just in a web browser.
>
>Yep. She probably just forgot that the installer (setup assistant) asked
>her for her iCloud credentials during setup, which logged her into iCloud
>and is reflected in System Preferences. 

I didn't forget. I mentioned it a couple of days ago.


Patty

[toc] | [prev] | [next] | [standalone]

#102364 — Re: Fake Email !From Apple

Patty Winter <patty1@wintertime.com> wrote:
> 
> In article <eir6tsFjm6mU1@mid.individual.net>,
> Jolly Roger  <jollyroger@pobox.com> wrote:
>> Alrescha <alrescha@gmail.com> wrote:
>>> 
>>> This implies that however you did it, you are logged in in System 
>>> Preferences at the system level, not just in a web browser.
>> 
>> Yep. She probably just forgot that the installer (setup assistant) asked
>> her for her iCloud credentials during setup, which logged her into iCloud
>> and is reflected in System Preferences. 
> 
> I didn't forget. I mentioned it a couple of days ago.

I was referring to your statement yesterday that you "Never had any need to
log in to iCloud other than through a web browser." ; )

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[toc] | [prev] | [next] | [standalone]

#102369 — Re: Fake Email !From Apple

In article <eit3m3Fbk8U1@mid.individual.net>,
Jolly Roger  <jollyroger@pobox.com> wrote:
>Patty Winter <patty1@wintertime.com> wrote:
>> 
>> I didn't forget. I mentioned it a couple of days ago.
>
>I was referring to your statement yesterday that you "Never had any need to
>log in to iCloud other than through a web browser." ; )

Right, which I said before I remembered that iCloud login is an
option when setting up a Mac for the first time (or after a major
OS upgrade).

I've never logged in to iCloud via System Preferences, though, which
was the option to a browser login mentioned by someone else. I didn't
even know that one could do that.


Patty

[toc] | [prev] | [next] | [standalone]

#102372 — Re: Fake Email !From Apple

On 2017-03-15, Patty Winter <patty1@wintertime.com> wrote:
>
> In article <eit3m3Fbk8U1@mid.individual.net>,
> Jolly Roger  <jollyroger@pobox.com> wrote:
>>Patty Winter <patty1@wintertime.com> wrote:
>>> 
>>> I didn't forget. I mentioned it a couple of days ago.
>>
>>I was referring to your statement yesterday that you "Never had any need to
>>log in to iCloud other than through a web browser." ; )
>
> Right, which I said before I remembered that iCloud login is an
> option when setting up a Mac for the first time (or after a major
> OS upgrade).

Okay.

> I've never logged in to iCloud via System Preferences, though, which
> was the option to a browser login mentioned by someone else. I didn't
> even know that one could do that.

I'd familiarize myself with the System Preferences > iCloud panel since
it gives you finer control of all iCloud services.

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[toc] | [prev] | [next] | [standalone]

#102390 — Re: Fake Email !From Apple

In article <eit8omF1c7nU1@mid.individual.net>,
Jolly Roger  <jollyroger@pobox.com> wrote:
>
>I'd familiarize myself with the System Preferences > iCloud panel since
>it gives you finer control of all iCloud services.

Thanks, I didn't realize that some Apple programs were storing data
in iCloud Drive. I've turned those off.


Patty

[toc] | [prev] | [next] | [standalone]

#102393 — Re: Fake Email !From Apple

On 2017-03-15, Patty Winter <patty1@wintertime.com> wrote:
>
> In article <eit8omF1c7nU1@mid.individual.net>,
> Jolly Roger  <jollyroger@pobox.com> wrote:
>>
>>I'd familiarize myself with the System Preferences > iCloud panel since
>>it gives you finer control of all iCloud services.
>
> Thanks, I didn't realize that some Apple programs were storing data
> in iCloud Drive. I've turned those off.

How come? I use iCloud Drive and like it, personally.

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[toc] | [prev] | [next] | [standalone]

#102546 — Re: Fake Email !From Apple

In message <oabvcr$2n0$1@dont-email.me> Patty Winter <patty1@wintertime.com> wrote:

> In article <eit8omF1c7nU1@mid.individual.net>,
> Jolly Roger  <jollyroger@pobox.com> wrote:
>>
>>I'd familiarize myself with the System Preferences > iCloud panel since
>>it gives you finer control of all iCloud services.

> Thanks, I didn't realize that some Apple programs were storing data
> in iCloud Drive. I've turned those off.

That large gaping hole between your eyes really taught your face a
lesson, huh?


-- 
If you write the word "monkey" a million times, do you start to think you're
Shakespeare? -- Steven Wright

[toc] | [prev] | [next] | [standalone]

#102341 — Re: Fake Email !From Apple

Patty Winter <patty1@wintertime.com> wrote:

> In article <1n2vf9j.o92cga16csbtkN%dempson@actrix.gen.nz>,
> David Empson <dempson@actrix.gen.nz> wrote:
> >Patty Winter <patty1@wintertime.com> wrote:
> >
> >> I didn't even know that was possible. I consider iCloud to be a website
> >> and had never looked for any other way to log in to it than by going to
> >> icloud.com with a web browser. 
> >
> >That may be your impression if your only use of iCloud on a Mac had been
> >on Mac OS X 10.6 Snow Leopard prior to your recent upgrade to Sierra.
> 
> I just upgraded my iMac, but I bought a MacBook Pro a couple of years
> ago and have been using iCloud on that, so I've been through the whole
> Yosemite-area OS series. Never had any need to log in to iCloud other
> than through a web browser.
> 
> 
> >The original iCloud feature set included syncing of contacts, calendars
> >and Safari bookmarks. Other features were added in later OS X versions,
> >including Documents & Data which later became iCloud Drive, iCloud
> >Keychain, and the Continuity features like Handoff.
> 
> Which I discovered when my MacBook "rang" one day after I got an iPhone. :-)

At a minimum, that means you must have signed in to your Apple ID as far
as FaceTime is concerned, probably by signing in to iCloud when you set
up the computer (it is one of the questions asked by Setup Assistant),
which would have turned on many iCloud features as well.

Have a look at System Preferences > iCloud on both computers. I expect
you will find it is signed in with your Apple ID, and may even have
multiple items ticked. Both computers are probably also signed into your
Apple ID in the Messages and FaceTime applications.


What are you using the iCloud web site for? If you are signed in to
iCloud at the system level, there is typically no point using the iCloud
web site from the same computer unless you need the Find my device
feature, or want to check the "truth" state of synced data to work out
which device isn't syncing correctly.

Every other feature of iCloud is handled by using applications on your
computer, if the appropriate iCloud features are enabled: Contacts,
Calendars, Reminders, Safari, Notes, Finder (for iCloud Drive), Photos,
Mail (if you have an icloud.com/me.com/mac.com address), other
applications which store documents in iCloud such as
Pages/Numbers/Keynote, etc.

-- 
David Empson
dempson@actrix.gen.nz

[toc] | [prev] | [next] | [standalone]

#102253 — Re: Fake Email !From Apple

On Sun, 12 Mar 2017 21:28:43 -0400, Patty Winter wrote
(in article <oa4skb$5b4$1@dont-email.me>):

> 
> In article <oa4qv8$1t7$1@dont-email.me>, Alrescha  <alrescha@gmail.com> 
wrote:
>> 
>> You wanted to authorize a copy of Firefox to talk to iCloud.
>> 
>> Two factor authentication means you need two things to authentic.  In 
>> this case, in order to authorize Firefox, you needed to know something 
>> (your Apple-ID password) and you needed to have something (a trusted 
>> device: your MacBook, or your iPhone).
> 
> So the computer was trusted but the browser wasn't? How could the
> computer be trusted when the only way I've ever signed on to iCloud
> from it was via the browser? And why wouldn't Firefox be trusted
> when I've been using it to access the Web (including iCloud) since 
> I bought this computer couple of years ago?


It depends on how they are recognizing the browser.  It they are using 
Canvas Fingerprinting 
(https://en.wikipedia.org/wiki/Canvas_fingerprinting), any change you 
make in your configuration looks like a different browser.

-- 
Nelson

[toc] | [prev] | [next] | [standalone]

#102273 — Re: Fake Email !From Apple

In article <0001HW.D4EBD07600818CC0B02919BF@news.astraweb.com>,
Nelson  <nelson@nowhere.com> wrote:
>On Sun, 12 Mar 2017 21:28:43 -0400, Patty Winter wrote
>(in article <oa4skb$5b4$1@dont-email.me>):
>
>> So the computer was trusted but the browser wasn't? How could the
>> computer be trusted when the only way I've ever signed on to iCloud
>> from it was via the browser? And why wouldn't Firefox be trusted
>> when I've been using it to access the Web (including iCloud) since 
>> I bought this computer couple of years ago?
>
>It depends on how they are recognizing the browser.  It they are using 
>Canvas Fingerprinting 
>(https://en.wikipedia.org/wiki/Canvas_fingerprinting), any change you 
>make in your configuration looks like a different browser.

What kind of "configuration change" would qualify? I may have bookmarked
a page a few days ago, but I can't think of any other recent changes to FF.


Patty

[toc] | [prev] | [next] | [standalone]

#102275 — Re: Fake Email !From Apple

On Mon, 13 Mar 2017 13:31:48 -0400, Patty Winter wrote
(in article <oa6l24$6sg$2@dont-email.me>):

> 
> In article <0001HW.D4EBD07600818CC0B02919BF@news.astraweb.com>,
> Nelson  <nelson@nowhere.com> wrote:
>> On Sun, 12 Mar 2017 21:28:43 -0400, Patty Winter wrote
>> (in article <oa4skb$5b4$1@dont-email.me>):
>> 
>>> So the computer was trusted but the browser wasn't? How could the
>>> computer be trusted when the only way I've ever signed on to iCloud
>>> from it was via the browser? And why wouldn't Firefox be trusted
>>> when I've been using it to access the Web (including iCloud) since 
>>> I bought this computer couple of years ago?
>> 
>> It depends on how they are recognizing the browser.  It they are using 
>> Canvas Fingerprinting 
>> (https://en.wikipedia.org/wiki/Canvas_fingerprinting), any change you 
>> make in your configuration looks like a different browser.
> 
> What kind of "configuration change" would qualify? I may have bookmarked
> a page a few days ago, but I can't think of any other recent changes to FF.

I'm not sure.  You can see some of the things it looks for as well as 
how "unique" you are here:

        https://browserleaks.com/canvas


In my case: only 3 of 176,794 user agents who have visited the site 
have the same signature.

I doubt if Apple is using it.  However, I found that some Google apps 
wont' work with Canvas-Defender activated which suggests that Google 
is.

I think Dave's suggestion that your cookie expired is the most likely. 
explanation.

-- 
Nelson

[toc] | [prev] | [next] | [standalone]

#102276 — Re: Fake Email !From Apple

On Mon, 13 Mar 2017 14:30:39 -0400, Nelson wrote
(in article <0001HW.D4EC5D8F00A29E72B02919BF@news.astraweb.com>):

> On Mon, 13 Mar 2017 13:31:48 -0400, Patty Winter wrote
> (in article <oa6l24$6sg$2@dont-email.me>):
> 
>> 
>> In article <0001HW.D4EBD07600818CC0B02919BF@news.astraweb.com>,
>> Nelson  <nelson@nowhere.com> wrote:
>>> On Sun, 12 Mar 2017 21:28:43 -0400, Patty Winter wrote
>>> (in article <oa4skb$5b4$1@dont-email.me>):
>>> 
>>>> So the computer was trusted but the browser wasn't? How could the
>>>> computer be trusted when the only way I've ever signed on to iCloud
>>>> from it was via the browser? And why wouldn't Firefox be trusted
>>>> when I've been using it to access the Web (including iCloud) since 
>>>> I bought this computer couple of years ago?
>>> 
>>> It depends on how they are recognizing the browser.  It they are using 
>>> Canvas Fingerprinting 
>>> (https://en.wikipedia.org/wiki/Canvas_fingerprinting), any change you 
>>> make in your configuration looks like a different browser.
>> 
>> What kind of "configuration change" would qualify? I may have bookmarked
>> a page a few days ago, but I can't think of any other recent changes to FF.
> 
> I'm not sure.  You can see some of the things it looks for as well as 
> how "unique" you are here:
> 
>         https://browserleaks.com/canvas
> 
> 
> In my case: only 3 of 176,794 user agents who have visited the site 
> have the same signature.

Follow up:  Actually, all three of those "users" are me since each 
visit counts as a different user :)

Take a look at all the other information gathering tools that are 
available to identify and track you at https://browserleaks.com/

For example, they can detect every plugin you have installed and it's 
version.

Again, I doubt Apple is doing this but how would you know?



-- 
Nelson

[toc] | [prev] | [next] | [standalone]

#102284 — Re: Fake Email !From Apple

On 13/03/2017 19:17, Nelson wrote:
> On Mon, 13 Mar 2017 14:30:39 -0400, Nelson wrote
> (in article <0001HW.D4EC5D8F00A29E72B02919BF@news.astraweb.com>):
>
>> On Mon, 13 Mar 2017 13:31:48 -0400, Patty Winter wrote
>> (in article <oa6l24$6sg$2@dont-email.me>):
>>
>>>
>>> In article <0001HW.D4EBD07600818CC0B02919BF@news.astraweb.com>,
>>> Nelson  <nelson@nowhere.com> wrote:
>>>> On Sun, 12 Mar 2017 21:28:43 -0400, Patty Winter wrote
>>>> (in article <oa4skb$5b4$1@dont-email.me>):
>>>>
>>>>> So the computer was trusted but the browser wasn't? How could the
>>>>> computer be trusted when the only way I've ever signed on to iCloud
>>>>> from it was via the browser? And why wouldn't Firefox be trusted
>>>>> when I've been using it to access the Web (including iCloud) since
>>>>> I bought this computer couple of years ago?
>>>>
>>>> It depends on how they are recognizing the browser.  It they are using
>>>> Canvas Fingerprinting
>>>> (https://en.wikipedia.org/wiki/Canvas_fingerprinting), any change you
>>>> make in your configuration looks like a different browser.
>>>
>>> What kind of "configuration change" would qualify? I may have bookmarked
>>> a page a few days ago, but I can't think of any other recent changes to FF.
>>
>> I'm not sure.  You can see some of the things it looks for as well as
>> how "unique" you are here:
>>
>>         https://browserleaks.com/canvas
>>
>>
>> In my case: only 3 of 176,794 user agents who have visited the site
>> have the same signature.
>
> Follow up:  Actually, all three of those "users" are me since each
> visit counts as a different user :)
>
> Take a look at all the other information gathering tools that are
> available to identify and track you at https://browserleaks.com/
>
> For example, they can detect every plugin you have installed and it's
> version.
>
> Again, I doubt Apple is doing this but how would you know?

Look here too!  www.browserreport.com

I was fascinated when I first discovered how much information I was 
giving away when I visited a web page! (Don't forget to scroll!)

-- 
Regards,

David

[toc] | [prev] | [next] | [standalone]

#102244 — Re: Fake Email !From Apple

Patty Winter <patty1@wintertime.com> wrote:

> In article <120320171351537547%nospam@nospam.invalid>,
> nospam  <nospam@nospam.invalid> wrote:
> >
> >enable 2 factor authentication and eliminate the risk.
> 
> A few minutes ago, I began a login iCloud on my MacBook. Same computer,
> same web browser as always, yet for some reason TFA got triggered.

Logging in to icloud.com triggers a TFA sequence if you have not yet
told icloud.com to trust that particular computer/browser.

Having a quick glance at the icloud.com cookies saved by Firefox, they
have an expiry date. Your cookie probably just expired so it needs a new
one, which means signing in again and a new TFA sequence.

There is a similar mechanism for iCloud logins: the computer or iOS
device retains a login token, but it will eventually expire, requiring
you to enter your Apple ID password again.

> My iPhone beeped to let me know about the code I needed. A moment later,
> the required six-digit code for my MacBook appeared on another device-- my
> MacBook. I typed it in and got logged in to iCloud. Never had to reach for
> the iPhone on the table.
> 
> Clearly, this is not how things are supposed to work.

That's normal. The TFA request goes to _all_ trusted devices signed in
to your Apple ID which are running new enough OS versions.

In this case, that includes the computer on which you are trying to log
in to icloud.com. The TFA request is from the OS (originating from a
push notification sent by Apple), not the browser.

The new browser connection is not trusted, but the computer's connection
(via your user account having signed in to iCloud and your Apple ID) is
trusted, so it got the authentication request.

Read this for general information on Apple's TFA scheme.

https://support.apple.com/HT204915

> Either Apple's security system knew that Firefox on this computer was
> trusted, and therefore shouldn't have demanded a verification code, or if
> it really thought that this system wasn't trusted, then it shouldn't have
> sent a verification code to it. It's as though one security database isn't
> talking to another one.

The point of TFA is that someone needs to know your Apple ID password
AND have one of your devices and to be able to get into your account. It
protects you against distant attackers who happen to get your Apple ID
password.

If that attacker goes one step further and finds you, stealing or
temporarily gaining access to one of your devices while it is in an
unlocked state and signed in to your Apple ID (or if your device's
password can be guessed or discovered), then TFA will no longer provide
any protection.

It doesn't matter that the authentication request goes to the same
computer, unless you are already compromised.

-- 
David Empson
dempson@actrix.gen.nz

[toc] | [prev] | [next] | [standalone]

#102248 — Re: Fake Email !From Apple

In article <1n2ttiy.y93d1m1klh7e9N%dempson@actrix.gen.nz>,
David Empson <dempson@actrix.gen.nz> wrote:
>Patty Winter <patty1@wintertime.com> wrote:
>
>> A few minutes ago, I began a login iCloud on my MacBook. Same computer,
>> same web browser as always, yet for some reason TFA got triggered.
>
>Logging in to icloud.com triggers a TFA sequence if you have not yet
>told icloud.com to trust that particular computer/browser.

I know. That's why I specified that it was the same computer and same 
web browser I've been using for a couple of years.


>Having a quick glance at the icloud.com cookies saved by Firefox, they
>have an expiry date. Your cookie probably just expired so it needs a new
>one, which means signing in again and a new TFA sequence.

How long do the cookies last?


>That's normal. The TFA request goes to _all_ trusted devices signed in
>to your Apple ID which are running new enough OS versions.
>
>In this case, that includes the computer on which you are trying to log
>in to icloud.com. The TFA request is from the OS (originating from a
>push notification sent by Apple), not the browser.
>
>The new browser connection is not trusted, but the computer's connection
>(via your user account having signed in to iCloud and your Apple ID) is
>trusted, so it got the authentication request.

But it wasn't a "new browser connection." So you must be right that
the TFA was triggered by an expired cookie.


>Read this for general information on Apple's TFA scheme.
>
>https://support.apple.com/HT204915

That's the same page I already cited. It only talks about "When you 
want to sign in to a new device for the first time"; it says nothing 
about the authentication expiring at some point.

I get now that there were two entities that could be authenticated
on my MacBook--the computer itself and Firefox. An impermanent cookie
explains why I got a TFA request even though both of those entities
had previously been verified as trusted "devices."


Patty

[toc] | [prev] | [next] | [standalone]

#102249 — Re: Fake Email !From Apple

On 2017-03-13 03:54:36 +0000, Patty Winter <patty1@wintertime.com> said:

> An impermanent cookie explains why I got a TFA request even though both 
> of those entities had previously been verified as trusted "devices."

I think the two entities are very different.

The browser is not a trusted device that gets sent TFA requests.  It is 
just a piece of software that you have granted permission to login.  A 
trusted device is just that - a piece of hardware you must have in your 
posession.

To illustrate the difference, I will speculate that you could backup 
and restore your OS to a different MacBook, and Firefox would continue 
to log in to iCloud for you.  But that new MacBook would not receive 
TFA requests until it was specifically added it to your list of trusted 
devices.

A.

[toc] | [prev] | [next] | [standalone]

Page 2 of 3 — ← Prev page 1 [2] 3  Next page →

Back to top | Article view | comp.sys.mac.system

csiph-web