As I reported last week, the bug left computer users locked out of many online services – ironically by the very tool designed to better protect their online security.
Google Authenticator, version 2.0.1, restores access to the wiped accounts and is available now in the iOS App Store.
The description of the updated app contains a brief mention of the bug.
Google Authenticator
Version 2.0.1
Restores entries that were not displayed due to a bug in version 2.0
No apology, mind you, for the inconvenience caused. How much would that have hurt to include?
Clearly, Google didn’t properly test the iOS version of its app before pushing it to the App Store. Hopefully they have now learnt their lesson, and will be more careful in future. We certainly should be pleased that they have now fixed the issue, but it should never have rolled out to users in the first place.
But this incident raises a bigger issue in my mind. The forthcoming new version of Apple’s mobile operating system, iOS 7, will include the ability to *automatically* update apps without user involvement.
How much worse this bug would have been if iOS users had had the buggy update pushed to their devices, with no option of them to opt out?
One wonders which will be the next popular program to have as serious a bug to make its way into the iOS App Store, and what damage it might do to those who choose to auto-update their apps?
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
If you want to see an open source solution for Google Authenticator, take a look at my latest blog entry.
http://bit.ly/1eqlI7B