It's not a functioning activation server. They just use it to gather your ID and password, then hit the real activation server with your phone to activate it. Not very useful in this regard but still harmful since they can use your iTunes credentials for follow-up attacks.This is why I suspect there may be 2 different hacks. The other one is more "useful" for bulk activation since they may not need your credentials to do so (I don't know yet).
Probably Ill-advised ?The iTunes for Windows vulnerability has nothing to do with iOS and Mac.They can steal your credentials if you're using iTunes for Windows activation, by setting up a fake activation server and tricking the router to send you to the fake server.
Yap. 2 separate issues unless iTunes Windows does not verify *all* server certs. I haven't heard anyone say that yet. Only activation server cert so far.iTunes Win doesn't know if the activation server cert is authoritative because it skipped the check for whatever reason, so the connection stays up.
They are afraid of hackers poisoning the DNS on the WiFi router to route you to the fake activation server.Even if the Wifi channel is encrypted, it can still serve you bad data from the wrong server in this scenario. The hackers will decrypt your requests on this fake server.This is possible because allegedly, iTunes for Windows doesn't verify the activation server cert. iOS and Mac do, and so will call out the fake servers.
That's the MITM activation server attack.They have to set up a fake activation server to do so when the phone is powered up (to check activation status).It doesn't say other iTunes for Windows usage such as regular logins and music playback are affected. They may or may not be.iPhone/Mac to iCloud servers communication are not affected by this iTunes Win issue.
If these are the exploits, then I think Apple and partners may already know about them a long time.They allow third parties to deactivate locked phones, enabling resale, support servicing, ... with some checks.If they fix these, those third parties will need to find other means.They may not be user data threatening. We'll see.The iTunes for Windows activation server cert check should be fixed though. That one is user facing.
It is possible that there are 2 different hacks. The iTunes for Windows hole only allows limited activation. You need (to steal) the user's ID and password to activate the phone.The bulk activation one may exploit something else. May not be SSL related. It may allow someone to bulk activate any phone without user credentials.In any case, Apple have full info for the mechanisms now. Probably will have a drop soon.There is no proof of user data compromise yet. These sound...