PDA

View Full Version : Apple developer website Hacked . . . . .



TattooedMac
07-21-2013, 08:21 PM
Apple Developer Website Hacked; Developer Names, Addresses May Have Been Taken (http://www.macrumors.com/2013/07/21/apple-developer-website-hacked-developer-names-addresses-may-have-been-taken/)



Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developersí names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

WOW . . . .

vansmith
07-21-2013, 08:30 PM
I can safely say that this is the first time that a hacked website has genuinely affected me. I've been trying to log on for a while to add an iPod Touch to my list of development devices and kept being greeted with a "we're working on fixing an issue" page.

TattooedMac
07-21-2013, 09:44 PM
There is a lot of Hoo Laaa going on over on the Apple Dev Forums, about people not able to Pay for another year, but what gets me, is its taken them 4 weeks from the reminder email to do it.
I would be in the same boat, but i renewed 2 days after the email, and if it wasn't for that, my renewal ran out today, so I'm right now.
Apple has said that all renewals have been extended and the Apps will stay on the store, BUT the Apps are not downloadable for those that need to renew ?!?!? Some people just astound me lol

OneMoreThing...
07-22-2013, 08:40 AM
Apple says its developer site was hacked, but that sensitive data was encrypted (http://appleinsider.com/articles/13/07/21/apple-says-its-developer-site-was-hacked-but-that-sensitive-data-was-encrypted)




Read more (http://appleinsider.com/articles/13/07/21/apple-says-its-developer-site-was-hacked-but-that-sensitive-data-was-encrypted)

TattooedMac
07-22-2013, 08:58 PM
I just got a email, saying my Twitter account had been compromised and i had to change my password. . . .. Coincidence or what ??

But seriously, what are Apple doing, now running into 5 days offline. People are getting fed up, people wanting to re-new have Apps on the store but know one can download them, meaning they are loosing $ . . .I wonder

chscag
07-22-2013, 09:38 PM
And I just received an email this morning that the Ubuntu forums have been hacked and that I should change my password. Another coincidence? Who's next?

TattooedMac
07-23-2013, 03:08 AM
The truth is now out, and the video has been taken down already, which i believe showed what the Researcher did to infiltrate Apple.

Researcher admits to hacking Apple's developer site, says he meant no 'harm or damage' (http://appleinsider.com/articles/13/07/22/researcher-admits-to-hacking-apples-developer-site-says-he-meant-no-harm-or-damage)

Dysfunction
07-23-2013, 10:51 AM
The truth is now out, and the video has been taken down already, which i believe showed what the Researcher did to infiltrate Apple.

Researcher admits to hacking Apple's developer site, says he meant no 'harm or damage' (http://appleinsider.com/articles/13/07/22/researcher-admits-to-hacking-apples-developer-site-says-he-meant-no-harm-or-damage)

Ahhhh proving that, unless hired, it is all black hat.

vansmith
07-23-2013, 12:37 PM
Ahhhh proving that, unless hired, it is all black hat.All perpetrated under the guise of "grey hat" hacking.

Leukeh
07-23-2013, 11:58 PM
Would this have anything to do with the plethora of "You've requested to reset your password" emails I've been getting from Apple since yesterday? Seems to be a bunch of people on the internet with a similar experience...

pcdebb
07-24-2013, 01:34 AM
The truth is now out, and the video has been taken down already, which i believe showed what the Researcher did to infiltrate Apple.

Researcher admits to hacking Apple's developer site, says he meant no 'harm or damage' (http://appleinsider.com/articles/13/07/22/researcher-admits-to-hacking-apples-developer-site-says-he-meant-no-harm-or-damage)

it has "resurfaced"
Attacco di Ibrahim Balic ai server della Apple - YouTube (http://www.youtube.com/watch?v=zVzTjTplLr0)

vansmith
07-24-2013, 10:53 AM
Well, that music was unnecessarily obnoxious. (Why do people post videos like that?)

Leukeh, it could very well be people trying to get at your password. That said, it may or may not have anything to do with this.

pcdebb
07-25-2013, 03:33 AM
yea, I had to mute it for what limited time I viewed it.

Chris H.
07-25-2013, 09:52 PM
System Status - Apple Developer (https://developer.apple.com/support/system-status/)

TattooedMac
07-25-2013, 10:44 PM
System Status - Apple Developer (https://developer.apple.com/support/system-status/)

Nd it hasn't change in over 60hrs :( Im wanting to add a iPad to my development devices and i can't at the moment. Everything works on iPhone and iPad Mini but want to check it on a iPad and can't Arrgghhh Feel your pain Van ;)

vansmith
07-26-2013, 11:23 AM
Feel your pain Van ;)My pain was self-inflicted. I need to get screenshots of my app for submission and unfortunately, the only iOS device registered is the iPod Touch running iOS 7 and I'm going to guess that Apple doesn't want people making screenshots with iOS 7.

This is becoming really frustrating. Say what you will about Android and Google but at least I can develop and test applications without having to depend on Google. Right now, I can't test anything because Apple's website is down (and consequently, I can't generate certificates, provisioning files or register UDIDs). Google Play Developer Dashboard goes down? Sure, great, let me know when it comes back and I'll continue testing in the mean time.

This is the first time that the "walled garden" approach (in a rather indirect way) has burned me and it's left a sour taste in my mouth. I'm fairly frustrated right now so I can only imagine how sour that taste is for larger developers. On top of this, it has become really clear that Apple still doesn't know how to secure network resources (see here (http://www.theverge.com/2013/3/29/4158594/password-denied-when-will-apple-get-serious-about-security) for more). There is no reason that a major technology company like this should be down this long for a security breach. Suffice it to say, it's going to be incredibly hard for me to recommend any cloud based services that Apple manages. I suppose the choice now is between submitting your information to a company that will use it for advertising (Google) or submitting it to one that doesn't know what "security" means.

...okay, maybe I'm a little more frustrated about the lack of security than I thought. ;)

Stretch
07-26-2013, 03:22 PM
I know many developers are wondering if they are doing a ground up rewrite of the Dev Portal. Its just a rumor, but at this point, many are hoping so just because its been down for so long.

Stretch
07-26-2013, 07:08 PM
Reports going around that the Dev Center is back up.

vansmith
07-26-2013, 07:48 PM
Reports going around that the Dev Center is back up.Said rumours are wrong. ;)

I just checked - I wish it was back up.

EDIT: The system status page says parts of it are up but I can't log in.

EDIT 2: Parts are indeed up! I finally managed to add my other iOS device.