“Ibrahim Balic thinks he may be the ‘intruder’ identified by Apple in an attack against its Developer site but says he had no malicious intent in mind,” Lance Whitney reports for CNET.
“Apple reported on Sunday that an ‘intruder’ tried to gain access to developer data last week, prompting the company to take down its Developer Center Web site. Apple has since brought the site back up,” Whitney reports. “In a lengthy comment to a TechCrunch story posted on Sunday, Balic identified himself as a security researcher who consults for different firms and has started doing research on Apple. In his investigation, he said he found 13 bugs on the Developer site, which he reported to Apple through its bug-reporting site.”
Whitney reports, “One the bugs apparently provided him with access to user data, which he said he immediately reported to Apple.”
Read more in the full article here.
Related article:
Apple developer website taken offline after hacker attack – July 22, 2013
He better hope that he didn’t take any data out of apples system. It almost sounds like he’s trying to cover up his actions.
If he immediately reported everything he found to Apple, how is that him trying to ‘cover his actions’?
“How can I best inform Apple that this is a serious security issue? Duh, I’m a security researcher. I’ll just hack into the system, take some data and show it to them! How smart am I!?”
Yeahhhh, ood luck with that.
Well y’all failed “Lessons Learned from ‘Full Metal Jacket'”.
Private Pyle! Why do we put locks on our foot lockers?
That is a very common practice, it is, in fact, how many hackers get jobs as security researchers.
Or jail time
But then what do self-employed security researchers become?
Let me guess, a hacker again 🙂 because no one is going to believe that you play ethically when you put your own name on the line in an unethical way.
The site is not back up and the index page for developer.apple.com never went down. What was taken down were all the pages that required some sort of authentication.
If this guy is truly responsible, he needs to be caned. I can’t provision any new devices and I am on a tight timetable with these three apps we are working on.
He seems to be self employed . . . And he has gone to great lengths to inform Apple of the security flaws that others, without good intentions, could exploit at any time. Blame Apple for not bothering to read his alert messages.
“I have over 100.000+ users details and Apple is informed about this. ”
I think 500 would have been enough. 😎
That’s not his information. Has he deleted all copies of it?
But, it’s not his job to protect Apple, it’s their job. If he finds his self employment coming to a quick end, it’s because of his self absorbed hubris.
His initial notification was appropriate. You don’t push someone against razor wire then yell ‘”See! That’s how much in danger you were! Thank me for pointing it out to you :)”
I robbed you a little, shot your dog in the leg and slept in you bed only a little to prove to you that I could and that your deadbolt was not enough.
Hum. Sounds good. If this is true I hope Apple does not go after him. We need more people like him, if this is true.