there that there aren't other vulnerabilities that exist in the system senior writer for the verge tim carmodyoins me now. hi there tim you're the one that discovered this breach in the first place how did you do it. well i should be clear i did not discover it so as my colleague chris welch found it but it actually been published on the open web. site used. by hackers people interested in making these kinds of exploits are it will i how is this problem fixed him is it fixed. well what happened was there was the vulnerability was in a password reset function in apple before to start verification that other security information they had was they would ask you personal questions this allowed but if you forgot the answer to the personal questions you could do it with your evil address and date of birth this was a u.r.l. script or u.r.l. syntax that allowed the user to bypass those questions so all you needed was your e-mail address and date of birth and this to sept verification process doesn't really make apple users any safer it makes them somewhat safer because again if your password is reset