[revelation]

That is just the typical blather devoid of content we've come to expect from online journalism.

We already know of one significant security issue with iCloud that was just posted on HN this morning. There was an outside API that allowed to trivially bruteforce logins without any apparent rate-limiting.

It might be hard to convince a judge of that, but for a provider like Apple, this is to me gross negligence. I mean, World of Warcraft, of all things, has more meaningful security measures in place than iCloud apparently. Apart from obviously not allowing to bruteforce passwords, they very stricly geofence any logins and will rather suspend and force the original owner to reactivate an account than allow login from an unknown IP range.