"Webster Phreaky, will Mr Webster Phreaky please report for comment duty on this article, thank you."

One of the nifty things that I discovered in Ireland is the 3V card. Acts like a disposable visa card, every time you buy credit you are given a new visa number. It does make one more secure when buying from unknown or untrustworthy sites.

Although its not an answer. Apple should be more secure.

What are they buying from itunes? DRM'd songs and TV episodes? Don't these idiots know that they can get the same stuff off bittorrent without resorting to credit card fraud?

Or am I missing something?

yea cos when i think of online security the first thing that enters my head is apple

what does this say about a) the level of security awareness of apple staff; and b) the level of security awareness of apple users...

and what ever happened to email/https based confirmation when changing account details?

i will never use any of this retarded consumer [cr]apple tatt (does this make me a hateboi..?)

This is one reason (apart from the ridiculous subscription fee) that I declined to open a .mac account with all its useful stuff like online storage, web gallery and remote desktop.

Even as a Mac owner I don't trust the buggers with security.

... they didn't send the old password to the crook, but instead generated a new random password and sent that.

So even though it is bad amateurish practice to gleefully surrender peoples accounts to strangers like that, we know that at least a) the crook cannot get the original password which might be used elsewhere (like net banks) and b) you know something fishy is up when the password unexpectedly changes.

Paris, because she knows the importance of controlling who has access to what.

Oh, I'm sorry I guess a > 10 char length mixed alpha numeric password is a little easy to crack ;)

From the article:

"McAuley didn't suffer financially because his debit card was protected by a $0 liability guarantee. He doesn't store any card details on his UK account, which isn't covered by an equivalent indemnity. In the UK, credit card holders are only liable to the first £50 of any purchase."

It's a slightly confused paragraph which doesn't make it exactly clear what the situation is here - does Mr McAuley have two iTunes accounts (a US and a UK one), and the fraud was committed against his US account??

Regardless, UK credit card holders aren't liable for any fraudulent transactions that are committed on their credit card account.

Or as a PC would say to a Mac "Nice day for Phishing is it ? "

Yep that's right. If you really want to know how they are doing this, then they have the software to do it without having to go to apples website!! Apple installs the mobile me software to all windows platforms!! Check my article out for more information!!

http://www.tech-linkblog.com/2008/07/apple-installs-software-without-your-knowledge.html/

iTunes is how *everything* from Apple gets distributed; apps, webcasts, etc. In theory, that's because every Mac has iTunes and it's easy to use the system to push out updates and such (that remain separate from the 'Software Update' under the Apple menu).

Several developers have had various gripes about the mechanism, but AFAIK it's always been seen as satisfactory - assuming Apple maintain control and adequate security. Seems that those assumptions may need a refresh.