• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Apple Explains Reasoning Behind Developer Web Site Outage


    Developers trying to access Apple’s developer Web site were in for a surprise last Thursday as the Web site appeared to be down. Apple has Sunday issued an E-mail to developers explaining the reasoning behind the Web site outage, which appears to be the result of an intruder gaining unwarranted access to the site and exploiting information:

    The full E-mail below:

    Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

    In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
    Apple notes that much of the developers' personal information is encrypted and can’t be accessed, which is of course good news for developers that could have been affected.

    In the mean time, the Web site’s outage is a direct result of this attack and Apple is working on updating the security of the Web site. The Web site will be back up and running as soon as Apple gets a chance to have all of their updated security in place.
    This article was originally published in forum thread: Apple Explains Reasoning Behind Developer Web Site Outage started by Anthony Bouchard View original post
    Comments 7 Comments
    1. holyshnikes's Avatar
      holyshnikes -
      I'm glad they took it down and gave a reason for it, even if they didn't lose any secure information. I got the email and felt relieved.

      By the way, the email says that the personal information is encrypted and cannot be accessed...How do you get that developers personal information has been compromised? That is speculation. They said they can't rule it out, because if anything did happen they would get in trouble for saying it didn't. I don't like it when an article is embellishing the truth.
    1. rkswat's Avatar
      rkswat -
      Glad I didn't sign up to get iOS7b.... interwebs are awesome!
    1. SirZyrion's Avatar
      SirZyrion -
      Crap. I saw this after I updated to iOS 7 Beta 3 for my iPhone (i'm a registered developer), and of course, my iPhone wasn't registered. Now I can't get in, and I can't activate my phone. I guess it's back to 6.x for me. ~:-/
    1. Judge Dredd's Avatar
      Judge Dredd -
      I like companies that are relatively transparent. I'm slightly curious of what exploit was used to gain access to the database.
    1. ThatOneProfile's Avatar
      ThatOneProfile -
      Quote Originally Posted by Judge Dredd View Post
      I like companies that are relatively transparent. I'm slightly curious of what exploit was used to gain access to the database.
      Probably a low level vuln. being that no personal info was compromised.
    1. Judge Dredd's Avatar
      Judge Dredd -
      Quote Originally Posted by ThatOneProfile View Post
      Probably a low level vuln. being that no personal info was compromised.
      Fair enough, though if they got names and emails, they had some level of access to the database. A company like Apple most likely has separate servers on which they store card information, hence why no payment info was accessed. Only speculation though.
    1. slim.jim's Avatar
      slim.jim -
      Quote Originally Posted by SirZyrion View Post
      Crap. I saw this after I updated to iOS 7 Beta 3 for my iPhone (i'm a registered developer), and of course, my iPhone wasn't registered. Now I can't get in, and I can't activate my phone. I guess it's back to 6.x for me. ~:-/
      Just DFU restore back to 6.1.x and then shift+click on the "check for updates" button in iTunes. Browse the iOS 7.0b3 ipsw file and update. There is no registered UDID required. If you shift+click then click on the "restore" button then you are required to have a registered UDID.

      It seems this has delayed the beta 4 release though. Beta 3 was released at 10AM PST and it's going on 11AM.