Did This Security Researcher Do Apple a Favor?
Apple (NASDAQ:AAPL) recently got most of its developer site back online after it was down for eight days. Although Apple initially indicated that it was shut down due to an “intruder” who was trying to steal developers’ private information, it now appears to have been a less worrisome “white hat” security researcher attack. White hat hackers try to push companies to improve network security by demonstrating vulnerabilities.
According to VentureBeat, a Turkish security researcher named Ibrahim Balic has claimed responsibility for infiltrating Apple’s developer center. The researcher claims he was able to find 13 security bugs in Apple’s system, which he reported to the Cupertino-based company.
Although the attack appears to be a benign attempt to improve Apple’s security, the extent of the breach is still unclear. In comments on TechCrunch’s website, Balic stated he only acquired “73 users details (all apple inc workers only)” to use as proof of the security vulnerability. However, the researcher also stated that he collected “over 100,000+ users details.”
In an email to developers, Apple noted that private information on its website is encrypted. “However, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed,” stated Apple via the Wall Street Journal.
Some users have complained that the developer center shutdown was an overreaction from Apple that unnecessarily delayed many developers’ work. On the other hand, although the shutdown was an inconvenience for developers who are trying to prepare their iOS 7 apps, it may have also headed off a more serious security breach down the line.
In a message posted on the developer site, Apple stated that, “If your program membership expired or is set to expire during this downtime, it will be extended and your app will remain on the App Store.” Some parts of the website are currently still inaccessible, including the Apple Developer Forums, Videos, and Technical Support. Here’s how Apple closed out the trading week.
Follow Nathanael on Twitter (@ArnoldEtan_WSCS)