Feature Article

July 22, 2013

Apple Developer Site Hack Story Continues to Evolve

The release of information by Apple that its Developer portal had been hacked last Thursday sent the blogosphere into full hysteria mode, and rightfully so. After all, there are roughly 275,000 third-party developers who use the portal -- or at least did so until the hack was discovered and Apple closed the site for some major damage control and retooling which is still underway -- whose personal information could or may have been compromised. 

The initial fear was that the site had sustained a calamitous database crash. It then became clear that the site had been hacked. This led to rampant speculation as to who would do such a thing and what were their motives.

The Guardian provides a clarification

As a result of the NSA scandal, all of us have learned that The Guardian, which became the press outlet of choice for Edward Snowden, has emerged as the media of preference of the moment for getting news out about all things relating to security. And, as with the Snowden story, The Guardian has a knack for communicating with perpetrators of security challenges, and the Apple hack is now another instance where it appears they got the scope.

The Guardian is reporting that a Turkish security researcher, Ibrahim Balic, is taking credit for the attack.

 To validate his claim of responsibility, he posted a video on YouTube which if you look closely appears to show how he discovered the portal was vulnerable, and that he informed Apple of his findings. 

The Guardian spoke with Balic and got a very interesting quote:

“My intention was not attacking. In total I found 13 bugs and reported [them] directly one by one to Apple straight away. Just after my reporting [the] dev center got closed. I have not heard anything from them, and they announced that they got attacked. My aim was to report bugs and collect the datas [sic] for the purpose of seeing how deep I can go with it."

Apple for its part in an e-mail to developers late on Sunday night stated that "an intruder attempted to secure personal information of our registered developers… [and] we have not been able to rule out the possibility that some developers' names, mailing addresses and/or e-mail addresses may have been accessed."

While it seems that The Guardian found the bad actor, as with all of the recent data breaches and hacks, the story behind the story is almost as interesting as the hack itself. 


For example, the question of who are the good guys and bad guys is increasingly becoming murkier. Do the ends justify the means? Balic, for all we know at the moment, may just be somebody who was very concerned that his discovery of vulnerability could have been used by people with true malicious intent to corrupt the Apple Store and cause the proliferation of malware via compromised apps. However, if mischief was not part of his plan, why go public? Apple could have validated his research and posted a fix without all of the commotion. Indeed, the fact that we have entered an age of electronic vigilantism, given how high the stakes have become with such cyber threats, is unnerving. Show and tell in public is not always the right or even the best course of action.

The other issue, which I have written about in regards to the recent second attack in a month on Network Solutions, and the Cisco security advisory regarding a temporary fix for a security issue with its Unified Communications Manager, deals with crisis management. As I pointed out, Network Solutions did a poor job, whereas Cisco and now Apple -- by being forthright -- have done a good job of brand stewardship thus far. In fact, Apple’s apparently quick decision to close the portal and not reopen it until everything has been fixed, is laudatory along with its alerting of the impacted community in order to stop the flow of doomsday scenario speculation. 

The annual Black Hat USA security conference will be going on next week in Las Vegas. Given what has and is transpiring in the online security world, while the sessions and exhibits are going to be fascinating at this conclave that mixes and matches vendors and hackers, one can be sure that the issues of how the community can properly address vulnerabilities when they occur and how to manage events as attacks unfold are going to be intensely discussed in the halls. That is a bet with a high probability, with a payoff that in theory everyone is learning from all of these two recent experiences.  




Edited by Rory J. Thompson


FOLLOW MobilityTechzone

Subscribe to MobilityTechzone eNews

MobilityTechzone eNews delivers the latest news impacting technology in the Wireless industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter