For the past few days, Apple’s developer center has been down. Originally, it was claimed that the center was undergoing some routine maintenance. A reason which – on the surface – seemed reasonable enough until a couple of days passed without the service coming back online. Yesterday, Apple sent out an email and has now confirmed that dev center was “attacked” by an “intruder”.
It turns out, however, that his could well be something much less sinister than the picture portrayed by Apple. London-based security researcher, Ibrahim Balic claims to be the person responsible and he wasn’t intruding. He was simply carrying out security tests (doing his job) and even informed Apple of all the bugs he’d found.
In a comment in response to an article on TechCrunch he writes:
I have emailed and asked if I am putting them in any difficulty so that I can give a break to my research. I have not gotten any respond to this… I have been waiting since then for them to contact me, and today I’m reading news saying that they have been attacked and hacked. In some of the media news I watch/read that whether legal authorities were involved in its investigation of the hack. I’m not feeling very happy with what I read and a bit irritated, as I did not done this research to harm or damage. I didn’t attempt to publish or have not shared this situation with anybody else. My aim was to report bugs and collect the datas for the porpoise of seeing how deep I can go within this scope. I have over 100.000+ users details and Apple is informed about this. I didn’t attempt to get the datas first and report then, instead I have reported first.
He also made a video to explain the very same situation (below) .
The dev center should be up again soon, and there’s not been any word from Apple regarding Balic’s claims. In all honesty, we’re not sure if Apple will respond to his claims.
What do you think? Is it comforting to know that there are security researchers out there testing companies’ systems without them knowing?