or Connect
New Posts  All Forums:

Posts by KDarling

  Why are you blaming the phishing attacks on him?   He said he hadn't shared any info with anyone else.     He officially reported some data leaks to Apple via his developer account.   Everything that happened to the website after that was Apple's doing.
  True, it's already in a corporation's best interests to take feedback seriously.   If you reported a data leak that could be fixed, and later on someone was damaged by such a leak, the information holder could be liable.   (Depends on the damage.  Recently, a class action lawsuit against LinkedIn, for an info breach of millions of passwords, was thrown out because there was no proof of actual id theft as a result.)
  Yes, the reaction seems awfully big for one bug report to cause it... although to be fair, security is a huge issue these days and perhaps that's their new policy.
  Yep, although I'm not sure he should even be called a "hacker", unless he did more than we know.   Right now, it looks like he's just a programmer who tried out a recently discovered server bug to see if his own info came back, and was surprised to find out that it did.  Then he must have tried other request combinations and tons of records came back.  Not smart, but certainly a natural reaction.   His video shows that he then reported the security hole to Apple via a...
  It's doubtful that Apple will ever confirm much, especially since that would only highlight that it's possible that many such intrusions could have taken place without being noticed.   That is, if he was able to inject SQL or OGNL into a web request and get this info, others will have tried and succeeded as well.   So Apple will want to simply put this behind them as soon as possible.   --   As to how it's possible in the first, place, well every major corporation runs...
For what it's worth...   According to the hacker news website below, the reason he went public was because of the way Apple worded their notice that  "... an intruder attempted to secure personal information ..."     Apparently he would've preferred if Apple had said something more like, "we were alerted of a possible vulnerability", since he purposely told them about it without having any nefarious intentions.  
1)  If he could do it, and it's true that Apple didn't do anything until he wrote them about it, then others could also already have obtained such info.   2)  Since the website went down, developers are reporting phishing emails pretending to be Apple asking for account confirmations.   Beware.  Give out no info to such emails.   3)  Apple may catch some grief for definitions like "some accounts" ("some" = 100,000+ ) ... "transparency"  (waiting over three days...
  Exactly.  Also, the iPad was done at just the right consumer and technology time, at the right price.  And with a UI meant for fingers.   If it had come out before millions of people were aware of smartphones and apps and the web and social networks, or without lots of available broadband (WiFi mostly), and especially if it was not brought out by Apple, or at the right price, few would've paid attention to it.   Easy tablets had been talked about, and even tried before....
  Errm, the Apple Store has been down many times over the past year, so the downtime is higher.  Basically every time there's been a product update.     However, as others have commented, perhaps the Apple Store updates are done crudely on purpose, to build excitement for those who like to line up for things. It does have a bit of retro charm :)   On the downside, it's also a way to lose customers.  Imagine if eBay or Amazon or MasterCard was brought down for hours each...
  Yep.  They already did that last year:   http://appleinsider.com/articles/12/10/03/apple-reportedly-tasks-retail-employees-with-reporting-ios-6-maps-errors   " The details indicate that Apple is hoping its more than 40,000 retail employees can help improve the Maps application introduced with iOS 6."   I'm impressed with Apple's efforts to improve their maps.  They're certainly pulling out all the stops and buying up as much talent as possible.   We often complain that...
New Posts  All Forums: