Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Linux Apple Technology

Linux Users Are Unable To Manage Their Apple ID on Applecom (9to5mac.com) 101

For some reason, Apple's website where you can manage your Apple ID (appleid.apple.com) is blocking users of Linux browsers from accessing it. From a report: Having access to the website is important to manage things such as payment information, two-factor authentication, and other account details. Even though the number of Linux users accessing the website must be relatively small compared to other operating systems, some iPhone users who use Linux on the desktop noticed the issue. This behavior was first explained by user Alexander Martin on Mastodon. He discovered that when the browser reports itself as being a Linux browser, Apple's website will block the access by throwing a "Bad Gateway" error.
This discussion has been archived. No new comments can be posted.

Linux Users Are Unable To Manage Their Apple ID on Applecom

Comments Filter:
  • But not Android (Score:3, Informative)

    by Anonymous Coward on Friday February 22, 2019 @10:23AM (#58163736)

    If the user-agent contains both Linux and Android, it's allowed.

    Sounds more like some intern fucked up.

    • by Cito ( 1725214 )

      I was gonna ask or suggest trying the user-agent switcher plugin for Firefox and if it'd work.

      I know I use that plugin for Firefox on my android tablet set for Linux desktop to avoid mobile themed redirected sites since they don't look good on a large tablet screen.

      But last and only apple device I ever owned was an iPod touch 3rd generation.

    • Re:But not Android (Score:4, Insightful)

      by jythie ( 914043 ) on Friday February 22, 2019 @10:58AM (#58163964)
      Yeah.. I suspect some horrible mess of nested if-then-else clauses with some fall throughs or cases with errors in them.
    • In the end, this will probably affect 25 people. Making sure things work with Linux is probably a job given to interns.
      • Re:But not Android (Score:5, Informative)

        by Anonymous Coward on Friday February 22, 2019 @11:44AM (#58164254)

        In the end, this will probably affect 25 people. Making sure things work with Linux is probably a job given to interns.

        This statement demonstrates the kind of utter ignorance that is the source of such problems.

        Nothing is needed for any web site to "work with Linux" -- the problem is that such sites arbitrarily reject web browsers with user agent data that claims the OS is Linux. If you run Linux and change your web browser's user agent info to spoof OSX, then the site suddenly works on that browser.

        I would bet that this affects a lot more than 25 people, as not only are there plenty of Linux users with Iphones, but there also must be one or two savvy Windows and OSX users who employ user agent obfuscating plug-ins on their web browsers.

      • Re:But not Android (Score:5, Interesting)

        by Albanach ( 527650 ) on Friday February 22, 2019 @11:48AM (#58164276) Homepage

        Fortune.com [fortune.com] reported over 700 million iPhones in use in 2017 with an expected billion within a few years.

        If only a tenth of one percent of those iPhones were owned by someone who uses Linux on their desktop. you have a million folk impacted.

        Sure, Linux is a niche, but when you're the size of Apple, even small percentages quickly become big numbers. Let's be conservative ans say just 20% of Linux users buy their iPhone new - that still points to 140 million in revenue, not including any app store sales.

        • I run only Linux at home. I have an iPhone. I don't go to appleid.apple.com. I manage my apple ID on my phone. I think a lot of folks do this. I said 25 users will be affected, but maybe it's actually less.
          • One here. Let's start counting by replying to your post.
            • Ha, great idea. ok, 1. Anyone others?

              Honestly I feel like Linux users already have dealt with shit for so many years that we're all quite thick-skinned when it comes to things not working smoothly. And when there's some shit situation where things don't work, a typical Linux user will simply carry on in another way.
          • by paulatz ( 744216 )
            So when your iPhone get stolen, how do you manage to lock it remotely?
      • It cost me several hours last time I worked from home. Have you had >25 replies from people affected yet?

        I tried things like brand new FF profiles but couldn't work out why a server-side error would be caused by my browser. In desperation fired up my chromebook. Tweaking a mac-users slides in keynote online is no fun on a 10" screen.

    • Alexander Martin, the fosstodon.org person who discovered the issue writes:

      It sniffs your User-Agent.
      If it says Linux, Bad Gateway error.
      IT WORKS WITH A WINDOWS UA
      IT WORKS WITH A BSD UA
      IT WORKS WITH ... OS/2 UA

  • ...if you don't have $$$ then they do not want you.
    • by AmiMoJo ( 196126 )

      More likely it's an attempt to block attackers trying to get around 2 factor auth. The attackers trick the user into providing their 2 factor code and then do the actual login from a Linux server somewhere, so Apple's rather blunt but effective block is to return a bad gateway error for Linux clients.

      • That doesn't make sense at all. Do you have an example of this - and that it only works using Linux servers?

        • by AmiMoJo ( 196126 )

          It's a pretty common first line of defence. If you notice that all the attacks are coming from a browser that lists the OS as Linux in the HTTP request, and 0.0001% of legitimate requests come from Linux users who presumably also have an iDevice anyway... Just send a fake error message.

          It actually works reasonably well against script kiddie types using cheap VPS systems, at least for a while as you get your other defences in place.

      • ...so Apple's rather blunt but effective block is to return a bad gateway error for Linux clients.

        Yeah, "effective". Unless your attacker uses a common operating system instead of an unusual one. Or can figure out how to change their user agent string.

        That explanation isn't the least bit plausible.

      • Never attribute to malice that which is adequately explained by stupidity.
    • Sounds like yet another good reason to dump Apple, as if you really needed it.

  • or incompetence (on Apple's part)

    • by Anonymous Coward

      I think there is enough evidence to conclude is Apple's incompetence. Macbook Pro i9 throttling? keyboard broken by dust in the endless search of ultrathing laptops? audio glitches when syncing time? root access login with an empty password?

      Getting rid of audio jack? yeah, that's malice. Everything else I'd take as just plain incompetence.

    • Maybe they're just trying to spare Linux users from their awful software. Everyone knew that iTunes used to suck horribly on Windows, but it's become a giant flaming pile of shit on Macs now as well. Hopefully Apple will extend this blocking to users of other operating systems so that everyone is spared the misfortune of using that wretched mess.
      • Maybe Apple should just throw in the towel and support PTP/MTP like every Android phone since antediluvian days? Apple supports PTP/MTP on iOS, but Macs don't support it.

        That way, iTunes can be chucked completely as a "one size fits all app", and replaced by an app for DFU iOS firmware installs, and an app for music management/store.

    • Re: (Score:2, Interesting)

      by fermion ( 181285 )
      Apple overemgineers thie site and it makes no sense. They are one of the few companies that still, for instance, forces you to use an App instead of their site,

      In this case it is likely a badly implemented design decision.

  • by Anonymous Coward

    ... problem solved. That doesn't mean the web is well designed, but better than actually being unable to do anything with it... is to change the useragent in the browser of your choice.

  • More than likely it's an overbroad method of filtering to block requests to that page from servers.

    • by mccalli ( 323026 )
      That's what I thought too, although another possibility is that several JS frameworks compile for only specific browser targets. It's possible they have just omitted the target.
  • by Anonymous Coward

    It just works.

  • Weirdly enough, it works with the useragent set to FreeBSD (which, on my FreeBSD 12.0-RELEASE box, it is by default.) I'm used to websites working oddly with that useragent; this is the first time I've encountered the FreeBSD useragent being an improvement over a Linux one.
  • by Anonymous Coward

    I'd guess it's a side effect of DDOS mitigation, blocking incoming requests that probably aren't legitimate (the intersection of Apple and Linux users has got to be astronomically tiny), significantly more likely those requests are coming from an attacking botnet.

  • Unable? As in they are so stupid that they can't figure it out, or are they explicitly banned by Apple from doing it? It is of course the latter but, would it have killed you to come up with a less biased headline?
  • I just tried and it is working fine, yesterday I was getting the error.

  • I just logged in ok using Debian / Firefox.
    I guess they fixed the issue??

  • by thecombatwombat ( 571826 ) on Friday February 22, 2019 @06:44PM (#58166972)

    I just got in fine with Firefox on Fedora 29 and I'm not spoofing the user agent or anything.

    It seems this was fixed within a few hours at most of the source article going up, and it's not clear exactly what user agent string got the error, or for how long, or even if that was definitely the thing that broke it. This is nothing.

  • "He discovered that when the browser reports itself as being a Linux browser, Apple's website will block the access by throwing a 'Bad Gateway' error."

    That sounds more like Apple pretending there's an error, since a 'Bad Gateway' isn't normally something that a browser could cause (unless you have a really, really shit site).

    Something similar happens on Hotmail when you go there with some browsers, the page will refuse to display and chokes up an error. Tell me how browser "A" requesting a page is materiall

news: gotcha

Working...