Linked by Thom Holwerda on Mon 22nd Jul 2013 10:10 UTC
Apple "Apple revealed Sunday that its Developer Center suffered a lengthy outage this week following a security breach that may have compromised data, but a security researcher has provided evidence to suggest the shutdown was in response to his identification of a vulnerability." It's no secret that Apple's developer portals are a mix of outdated, crappy technologies, and it seems that this security researcher did good work by making that fact very, very clear for everyone. Would be nice of Apple to acknowledge his work, although as we all know, that's about as unlikely as Pluto blocking the sun, no matter how Apple claims it wants to be "open" about this disaster in its public statement.
Permalink for comment 567819
To read all comments associated with this story, please click here.
RE: All about Perspectives
by Soulbender on Wed 24th Jul 2013 07:40 UTC in reply to "All about Perspectives"
Soulbender
Member since:
2005-08-18

Would the same tone have been observed in the comments if the company whose security was breached and disclosed in this manner had been Microsoft rather than Apple?


Yes. Stealing data is not the right approach.

Many mentioned that he should have publicly disclosed the vulnerability. I presume "publicly" implies a posting on a high tech forum focused on vulnerabilities of operating systems This would have been the worst thing if there was no obvious applicable patch


No, that's the long established norm. If a company is unresponsive about a vulnerability you disclose it publicly after some time to put pressure on them and make users aware of the issue. What you don't ever do is steal massive amounts of data to prove your point.

First, this would have likely have attracted attempts to repeat the exploit on Apple owned/run servers in exponentially increasing numbers as details of the hack spread on the web.


You do know that it's possible to disclose this kind of information without actually giving exact instructions on how to do it, right?

Reply Parent Score: 3