I come to
/. for the comments, but with the new Beta, I can't even see anything! It just says:
''Shazbot! We ran into some trouble getting the comments. Try again... na-nu, na-nu!
It seems like the "developers" need to take some advice from people who actually know what they are doing. I'm happy to help explain what graceful degradation means if they like...
I very recently had the same situation that is described in the articles happen to my iTtunes Account. I received 2 emails for gift cards purchased through the iTunes store. As I was on vacation with no PC and thus no iTunes access, and not buying gift cards, I knew something was up. At first, I was thinking they were actually spam/phishing emails, as they listed the last 4 digits of a Credit Card that didn't match any of my Credit cards. Without iTunes, all I could do was access my Apple ID account through the web on my phone, and when logged into my account, I saw that my billing information had been changed.
Luckily I had moved about 3 weeks before, and updated my billing info with my credit card, and not in iTunes (or I suspect I would have had several more app/gift card purchases on my own card.) The strange part was that they didn't change my password at all, or any security related questions. It seems as all they did was change my billing info to some one else's and buy $100 worth of gift cards (Who knows what they were used for...).
I changed my iTunes Password, and contacted Apple Technical support, and all I got was a standard form letter about how I could dispute the charges on my credit card (even though I had pointed out that it *wasn't* my credit card info). They locked my account and after a short investigation they enabled it with no indication of anything other than their form letter.
I will freely admit that my password was vulnerable to a dictionary attack, as in the past, I wasn't too worried about someone buying me lots of music, but have since changed it. However, I had no indication that someone was attempting to access my account. If someone was indeed using a dictionary attack on my account, I would have hoped Apple would notice several thousand invalid logins on an account and do something about it.
I suspect there is someone named Jason in Seattle, who is wondering why they have a $100 purchase from iTunes on their MasterCard...
MSDOS is not dead, it just smells that way. -- Henry Spencer