
Bouquet to Jain, but ...
... a massive brickbat to Apple for this obvious design flaw getting past the test stage, let alone the design stage. That is ridiculously basic.
Security researcher Bhavuk Jain has landed a $100,000 payday after he reported a critical flaw in Apple’s sign-in system that could be exploited to access countless accounts on sites from Dropbox and Spotify to Airbnb. In April, Jain discovered the vulnerability in “Sign in with Apple” – a single-sign-in service launched last …