„Hacking CloudKit – How I accidentally deleted your Apple Shortcuts“
Erinnert ihr euch noch an den März, als plötzlich die iCloud-Links zu allen bislang erstellten Kurzbefehlen für ein paar Tage verschwanden?
CloudKit, the data storage framework by Apple, has various access controls. These access controls could be misconfigured, even by Apple themselves, which affected Apple’s own apps using CloudKit. This blog post explains in detail three bugs found in iCrowd+, Apple News and Apple Shortcuts with different criticality uncovered by Frans Rosén while hacking Cloudkit. All bugs were reported to and fixed by the Apple Security Bounty program.