Linked by Thom Holwerda on Mon 22nd Jul 2013 10:10 UTC
Apple "Apple revealed Sunday that its Developer Center suffered a lengthy outage this week following a security breach that may have compromised data, but a security researcher has provided evidence to suggest the shutdown was in response to his identification of a vulnerability." It's no secret that Apple's developer portals are a mix of outdated, crappy technologies, and it seems that this security researcher did good work by making that fact very, very clear for everyone. Would be nice of Apple to acknowledge his work, although as we all know, that's about as unlikely as Pluto blocking the sun, no matter how Apple claims it wants to be "open" about this disaster in its public statement.
Permalink for comment 567717
To read all comments associated with this story, please click here.
Member since:

I don't know from where you get this information, but he is claiming the contrary in this techcrunch comment :

Where he says :
"I didn't attempt to get the datas first and report then, instead I have reported first."

His version is basically : "I reported bugs to Apple, they didn't answer my mails so I got pissed off and collected data".

Now, it is unclear how much time he gave Apple between the first report and his collection of user data in retaliation.

But it seems Apple f--ked up too. It's not really smart to ignore the emails of someone reporting vulnerabilities on your website.

I think we should wait for further clarification before jumping to conclusion about the good Apple being hacked by a bad guy.

He wouldn't be the first security researcher to do so either. I've read a few times where people have gotten fed up with the lack of cooperation Apple give when vulnerabilities are reported.

Edited 2013-07-22 15:19 UTC

Reply Parent Score: 2