Apple Backend: Your account will soon need to be migrated to federated authentication. You can start the process immediately or wait for the account to automatically migrate on August 28, 2020. To learn more
A, the
IOS groups exploded this afternoon, and everyone was Posting this screenshot below.
A bold red banner appeared in apple’s background — “Your account will soon need to be migrated to federated authentication. You can start the process immediately or wait for your account to automatically migrate on August 28, 2020.”
When I first saw this news, I thought that the web page of this user was hijacked, and I logged in to take a look and found that my account was also “caught”. In the morning, I logged in to Apple’s background and didn’t see it. It seems to be something that just happened in the afternoon.
I googled it and found a discussion online. As of 15:49 PM, 125 people have experienced the same problem in the Apple community, and the number is still increasing, so it seems that this incident has a wide impact.
“Apple may have sent the wrong notification,” said a V2EX user. “The link for more information is the address of Apple’s internal documentation platform for employees.” That’s an idea.
Second, the clues
1. What is Quip
Apple clicked on the link above the notification to “learn more” in the background and went to a website they’d never seen beforeQuip(quip-apple.com). The site requires a login and says “Apple uses your network username and password to login to Quip.”
Click “Continue with AppleConnect”, it cannot be accessed.
To return to the login page, click “Sign in with Email” at the bottom, prompting you to enterWork emails.
“Are you sure this is your work email? “, check the confirmation of the line prompt, “I confirm the use of QQ.com, do not take colored glasses look at me. Foreigners are interesting.
After clicking “Sign in or Register”, a familiar thing appears – black chrysanthemum! All of a sudden a little excited, I was wondering if apple’s website was hijacked, so relieved, that’s Apple style…
The next thing that came out confirmed that. “Please enter apple.com email address” is displayed.
Quit Quip and Google Quip. According to Wikipedia, Quip is an online collaborative office for documents and forms created by the founders of Google Maps.
2. What is joint validation
I found the explanation for “joint verification” in Apple’s business administration manual and campus administration manual.
You can associate Apple Business Administration with a Microsoft Azure Active Directory (AD) instance through federated validation. Once associated, your users can use their MS Azure AD username and password as an administrative Apple ID. You only need to use the same username and password to log in to the MS Azure AD service.
[Important] Federation authentication requires that a user’s “user principal name” matches their E-mail address. The User principal Name alias is not supported.
Apple has developed two sets of systems for schools and enterprises: Apple campus educational management and Apple Business Management. These two sets of systems are used for batch management of Apple devices (Mac, iPad, etc.), such as batch installation of App, system restoration, and distribution of books. Few people use it in China, and few people know it.
MS Azure AD can be understood as a set of user systems for Microsoft.
Joint authentication is the equivalent of third-party login. You log in to an Apple device with your Microsoft account and password, and Apple generates an Apple ID for you.
Third, summary
1. This was most likely an Apple blunder, and a notice that should have been sent internally was sent to apple developers instead. 2. For now, as developers, we don’t have to do anything and see how Apple reacts later.
We can guess from the following aspects:
- First of all, Quip is an online office collaboration software, which, based on the details above, is most likely owned by Apple and used by employees.
- Second, Apple is not so vulnerable in terms of security that it is unlikely to be hijacked.
- Again, It’s not unheard of for Apple to make such “big mistakes”. Last year, for example, Apple sold Chinese developers in yuan as dollars, resulting in a sixfold increase in revenue to Chinese developers. So the probability of human error is much greater than the probability of apple’s system security issues.
- Then, apple usually gives months ‘notice of major announcements. This “News and Updates “didn’t have notifications, and apple’s background notifications were so sudden that it didn’t make sense.
- Finally, I guess based on the concept of “joint certification” found in Apple business management system. Apple needs to batch management audit accounts or equipment, should have a similar “Apple business management system” system, this system doing recently account migration (” joint certification “), may be Apple engineer mistake code is sent to the online test environment, or should have been sent to the internal of the notice sent to led to the occurrence of the incident.
In the end, I emailed Apple to ask about it, trying to force it to admit it was a bug. [head]
Four, subsequent
The next morning, Apple customer service sent me an email back, asking me to provide more detailed information, such as screenshots and so on. It seems that Apple customer service did not know about this matter. I just checked back into apple’s background and the notification had disappeared. It did appear to be an internal apple error.
In addition, a post at the beginning of the article asking questions in the Apple community received an “official” response (below). It seems the webmasterAugust 25When I replied, I didn’t seem to know what had happened because Apple was already in the airOn August 21I deleted the notice this morning. [head]
If you found this article helpful, please give it a thumbs up. If you have any questions you can follow my public number I leave a message. Please indicate the source of reprint, thank you!
