or Connect
AppleInsider › Forums › Software › Mac OS X › Apple says its developer site was hacked, but that sensitive data was encrypted
New Posts  All Forums:Forum Nav:

Apple says its developer site was hacked, but that sensitive data was encrypted - Page 2

post #41 of 106
Quote:
Originally Posted by AppleZilla View Post

If we would cut all Internet lines to China, the digital world would be a much better place.
Yep, sad part is they can make new ones and stop making yours.
Quote:
Originally Posted by Cintos View Post

And South Korea. Perhaps some cell phone manufacturer trying to get a jump on the next big thing no that their inside data faucet has been turned off.
Well North Korea is the problem, if North Korea invades Yes.

Horrible to find all the major things get web hacks now. I watched on TV the other night that Internet terasem in some movies in very possible causing all the digital companies to crumble.

Apples has been known most secure for a while, and could have had nothing harmed here. Hopefully that is the case and this reset is to close the access point attacked.
post #42 of 106
Quote:
Originally Posted by ankleskater View Post

No.

Please don't make up stuff if you don't understand something.
You're the one who doesn't understand the point of my post. Which is that the usual trolls will see the word "hacked" and assume the worst possible scenario happened. Which is exactly the way they treat all issues related to Apple - as black and white.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #43 of 106
Quote:
Originally Posted by EricTheHalfBee View Post


You're the one who doesn't understand the point of my post. Which is that the usual trolls will see the word "hacked" and assume the worst possible scenario happened. Which is exactly the way they treat all issues related to Apple - as black and white.

The point of your post is to defend Apple regardless of the issue. There isn't much else to understand. But Apple is not your infant child. It doesn't need your defence. It doesn't need you to distort technical issues or fabricate facts to stand up for it. 

 

If anything, you're being a troll by posting what you do, because your flawed, false and fabricate arguments simply invite rebuttals.

post #44 of 106
Good article.. Concise and on point!

Interesting, that the next Delevoper Previews for iOS and OSX were expected to drop tomorrow.
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
post #45 of 106
Quote:
Originally Posted by Tallest Skil View Post


Did you miss the part where Apple wasn't actually hacked?

I must have missed the part where Apple just invited the intruder in.  A lot of people have the silly notion he broke into the servers.   Thanks for clearing that up.

post #46 of 106
Quote:
Originally Posted by Tallest Skil View Post


Similarly, it cannot be said that because you got a password reset e-mail that you were specifically affected.

 

Nor can YOU say they were not.  

 

You are almost always the first with your virulent brand of mindlessly sycophantic Apple rants about other members here, but you conveniently sweep under the rug that your own logic is as flawed as the people you are attacking.

 

Every developer, including me, has gotten an email from Apple which specifically states that A) "An intruder attempted to secure personal information of our registered developers..." and B) "we have not been able to rule out the possibility that some developers' names, mailing addresses, and / or email addresses may have been accessed".

 

So for the logic impaired, let me make that more clear:

 

1) The term "intruder" means that there was in fact a successful incursion.  Someone doesn't become an intruder until they actually get on the inside.

 

2) It would be impossible for an 'intruder' to 'possibly' have obtained names, email addresses, and / or physical addresses from Apple's servers without having successfully 'hacked' their systems an 'intruded'.  Apple would not acknowledge the possibility of data theft if there had been no successful breach.

 

Give the ridiculous, pompous Apple protectionism a break.


Edited by tt92618 - 7/21/13 at 9:31pm
post #47 of 106
I wish Mr. Cook would double down on security rather than secrecy.
post #48 of 106
I don't mind giving them my email !! Come on , email me out and have a drink !
post #49 of 106
Quote:
Originally Posted by tt92618 View Post

 

Nor can YOU say they were not.  

 

You are almost always the first with your virulent brand of mindlessly sycophantic Apple rants about other members here, but you conveniently sweep under the rug that your own logic is as flawed as the people you are attacking.

 

Every developer, including me, has gotten an email from Apple which specifically states that A) "An intruder attempted to secure personal information of our registered developers..." and B) "we have not been able to rule out the possibility that some developers' names, mailing addresses, and / or email addresses may have been accessed".

 

So for the logic impaired, let me make that more clear:

 

1) The term "intruder" means that there was in fact a successful incursion.  Someone doesn't become an intruder until they actually get on the inside.

 

2) It would be impossible for an 'intruder' to 'possibly' have obtained names, email addresses, and / or physical addresses from Apple's servers without having successfully 'hacked' their systems an 'intruded'.  Apple would not acknowledge the possibility of data theft if there had been no successful breach.

 

Give the ridiculous, pompous Apple protectionism a break.

 

Far be it from me to defend Tallest Skil, but your logic is completely flawed here.  You arguing against something that he didn't actually argue/say himself.  

post #50 of 106
Quote:
Originally Posted by VL-Tone View Post

Apparently, the "intruder" was a "security researcher".

 

 

Why would you post this?  It's an advertisement for the hacker/security researcher.

Also, no "security researcher" who is doing his job properly or honourably would have posted such a video or not told Apple what he did.  

Whoever this guy is he's a complete asshole and not worthy of the title (if this claim is true.)

post #51 of 106
Quote:
Originally Posted by Gazoobee View Post

 

Far be it from me to defend Tallest Skil, but your logic is completely flawed here.  You arguing against something that he didn't actually argue/say himself.  

 

Although you're an expert on flawed (and fabricated) logic, tt92816's logic is far more completely flawed in this instance.

Quote:
Originally Posted by Gazoobee View Post

 

Why would you post this?  It's an advertisement for the hacker/security researcher.

Also, no "security researcher" who is doing his job properly or honourably would have posted such a video or not told Apple what he did.  

Whoever this guy is he's a complete asshole and not worthy of the title (if this claim is true.)

Congratulations. By including the video in your response, you have doubled down on the "advertisement". Thanks to you, the video is now on more than one page. If you believe in what you wrote, then do the right thing and remove the video from your post (you do know you don't have to embed it, right?).

post #52 of 106
Quote:
Originally Posted by crazy_mac_lover View Post

I don't mind giving them my email !! Come on , email me out and have a drink !

The appointment is already in your iPhone calendar.

post #53 of 106
So.. No iOS beta 4 this Monday!

It's good thing that Apple was honest about this.
post #54 of 106
Quote:
Originally Posted by drblank View Post

Well, why don't you apply for the job?

 

If I were a senior guy at Amazon or some other awesome Web property, I might well give Apple a call and offer my services.  But I'm not.  That doesn't mean I'm not qualified to evaluate their hodgepodge of developer Web tools and call them lacking (especially after they have been completely down for 5 DAYS now).  The Apple Web site is pretty darn nice.  The itunesconnect.apple.com by comparison sucks.  And the itunesconnect iPhone app is amateurish.  It's obvious that they don't assign any of their top people to these projects.  That's not surprising, but they need to bite the bullet and though some money at this problem.  The money they (allegedly/reportedly) paid to license to Swiss railroad clock face for the iPad clock app would be enough to solve these problems.  Frankly I would be very surprised if Cook hasn't already told someone "just fix it; invest whatever it takes to give our developers a world-class secure site."  And someone else is mumbling "I told you we needed to modernize our kludgy amalgam of developer tools..."

post #55 of 106
Quote:
Originally Posted by rjc999 View Post

Did you miss the part where they were? If they weren't hacked, Apple would not have taken down the site. Apple said they cannot rule out that people's information had been taken, and lo and behold, lots of people are reporting password reset attempts which implies they at least got a hold of the username database. Point is, we get lots of apologetics here explaining away Apple fuckups, people look the other way, while other companies are raked over the coals. You can bet if a similar thing had happened to developers.google.com or developers.android.com, the same people looking to hand-wave away the issue or give the benefit of the doubt would be raising pitchforks.

 

Frankly, the reason the site is still down is because they don't know the degree to which they were penetrated. Hackers could have left more backdoors and exploits around in their network. Obviously, they are conducting an investigation, and don't want to put the site back up while they do it.

That's BS. It's opposite: whatever goes wrong at Apple, the bells of Notre Dame are ringing....

 

The catch is there was too much talk about Android swiss cheese, so "somebody" had to make point there are holes in Apple as well and picked up the weakest point: developer's site.

post #56 of 106
Quote:
Originally Posted by malax View Post

 

The Apple Web site is pretty darn nice.  

I respectfully disagree. As has been observed here by others (and myself), the company that ships the largest number of mobile devices and the second most popular mobile OS should have a responsive website. Instead, most pages are the same regardless of device and therefore require zooming in by pinching. That's just not contemporary responsive web design.

post #57 of 106
Quote:
Originally Posted by Gazoobee View Post

 

Far be it from me to defend Tallest Skil, but your logic is completely flawed here.  You arguing against something that he didn't actually argue/say himself.  

 

I disagree.  He responded to multiple posts about the breach by arguing that there was no hack and no breach at all, based solely on the use of the term 'attempted' in a paragraph that clearly indicates there was an intrusion and that there may actually have been data theft.  While he may not have done this in the specific post I quoted, he did in fact do it multiple times in this thread - feel free to read it and discover the fact for yourself.

 

It is obvious that Apple got hacked.  The perpetrator did get in, and that's why they specifically state there was an intruder instead of saying there was an intrusion attempt.  It's also why they say that they cannot rule out the possibility of data theft.  Neither condition could be valid if there was no actual intrusion.

 

Trying to take something like that and argue that there was no hack because they used the term 'attempted' at some point in the paragraph is ridiculous, and that's what he did.

 

How is it, exactly, that my logic was 'flawed'?  Please elaborate, because I'm not seeing it.


Edited by tt92618 - 7/21/13 at 11:57pm
post #58 of 106
Quote:
Originally Posted by ankleskater View Post

 

Although you're an expert on flawed (and fabricated) logic, tt92816's logic is far more completely flawed in this instance.

Congratulations. By including the video in your response, you have doubled down on the "advertisement". Thanks to you, the video is now on more than one page. If you believe in what you wrote, then do the right thing and remove the video from your post (you do know you don't have to embed it, right?).

 

I removed the video from my post, it's his turn now. :)

post #59 of 106

That's right my little Android fanboys,

 

Jump up and down and point your finger at the merest possibility that an individual has gained access to information that each of you gives up freely every day - kind of like when you joined AppleInsider to troll.

 

I'll gladly take my name and email address over all of the information on my entire Goddamn phone any day.

 

And your yellin' and your hollerin' may take your mind off that mobile operating system that you have that's open just like swiss cheese is.

 

But then, Android security holes were never that hard to plug, were they?

 

My car keeps crashing whenever I do 150mph. It's a design flaw. People tell me to slow down and drive normally but I should be able to use it as I wish.
Reply
My car keeps crashing whenever I do 150mph. It's a design flaw. People tell me to slow down and drive normally but I should be able to use it as I wish.
Reply
post #60 of 106
Quote:
Originally Posted by zoffdino View Post

 

Agree. Their web services have been embarassingly bad, since the day of .mac, MobileMe and now iCloud. iCloud syncing works about 70% of the time for me, the rest, it just hangs when trying to upload a document. Siri, after 2 years, is still slow, when Google Now make you think your device is doing magic. And let's not talk about the horrendous download speed from the App Store. Some larger games (like Infinity Blade 2 @ 1.1GB) takes well over a hour to download on my 30Mbps connection.

 

Oh... and on the new Xcode... it's too flat, and may even be a bit... ugly???

 

iCloud has worked pretty much 100% of time time for me in the past few months. 

I'm running the iOS7 beta, and Siri is now just as fast as Google now. It's blazing fast. 

Appstore download speeds pretty much saturate my connection, everything downloads extremely fast. Infinity blade 2 took 10 min tops for me, if not less. 

 

So I would have to disagree about the "embarrassingly bad" part. They're better than 99% of whats out there, especially considering the scope and breadth of what they;re doing, the complexity, and the amount of users heavily using iCloud products (ie. hundreds of millions). Only Google competes in sheer scale, and Apple is constantly improving, and learning everyday. 

post #61 of 106
Quote:
Originally Posted by Slurpy View Post

 

iCloud has worked pretty much 100% of time time for me in the past few months. 

I'm running the iOS7 beta, and Siri is now just as fast as Google now. It's blazing fast. 

Appstore download speeds pretty much saturate my connection, everything downloads extremely fast. Infinity blade 2 took 10 min tops for me, if not less. 

 

So I would have to disagree about the "embarrassingly bad" part. They're better than 99% of whats out there, especially considering the scope and breadth of what they;re doing, the complexity, and the amount of users heavily using iCloud products (ie. hundreds of millions). Only Google competes in sheer scale, and Apple is constantly improving, and learning everyday. 

Is this the first civilized post I've seen from you or did I miss the announcement that you successfully completed rehab? :)

post #62 of 106
Quote:
Originally Posted by Gazoobee View Post

 

Why would you post this?  It's an advertisement for the hacker/security researcher.

Also, no "security researcher" who is doing his job properly or honourably would have posted such a video or not told Apple what he did.  

Whoever this guy is he's a complete asshole and not worthy of the title (if this claim is true.)

 

 

It is still in your comment, too.

 

Edit: Noticed somebody beat me to it.

 

Your = the possessive of you, as in, "Your name is Tom, right?" or "What is your name?"

 

You're = a contraction of YOU + ARE as in, "You are right" --> "You're right."

 

 

Reply

 

Your = the possessive of you, as in, "Your name is Tom, right?" or "What is your name?"

 

You're = a contraction of YOU + ARE as in, "You are right" --> "You're right."

 

 

Reply
post #63 of 106

That's funny. Last time I check, it was the US government that hack everyone in the world. 

post #64 of 106

AppleZilla

If we would cut all Internet lines to China, the digital world would be a much better place.



That's funny. Last time I check, it was the US government that hack everyone in the world. 



 



 

post #65 of 106

I guessed this was the reason for the downtime 2 days ago:

http://forums.appleinsider.com/t/158577/apple-says-developer-portal-downtime-will-not-affect-program-memberships#post_2364450

 

I sure hope my name and address is not one of the ones leaked. *sigh*

post #66 of 106
Quote:
Originally Posted by ankleskater View Post

Is this the first civilized post I've seen from you or did I miss the announcement that you successfully completed rehab? :)

 

Every single one of my posts has been civilized, so you must have me confused with someone else. I don't apologize for calling out obvious and extreme stupidity/ignorance/sensationalism/trolling as it deserves to be called out- directly, honestly, and with extreme prejudice. 

post #67 of 106
Quote:
Originally Posted by Slurpy View Post

Appstore download speeds pretty much saturate my connection, everything downloads extremely fast. Infinity blade 2 took 10 min tops for me, if not less. 

 

What kind of connection do you have and where in the world are you?

 

I've got 120Mbit down and I'm in the UK. I'm lucky to achieve 1MB/s from iTunes. I've never worked out whether the problem is at Apple's end or whether my ISP (Virgin Media) is throttling the connection. It's really frustrating as services like Steam max my connection out.

post #68 of 106
Quote:
Originally Posted by RichL View Post

 

What kind of connection do you have and where in the world are you?

 

I've got 120Mbit down and I'm in the UK. I'm lucky to achieve 1MB/s from iTunes. I've never worked out whether the problem is at Apple's end or whether my ISP (Virgin Media) is throttling the connection. It's really frustrating as services like Steam max my connection out.

I have the usual internet speed. 8Mb/sec. I finihsed download Infinity Blade when it was free in about 15 mins.

post #69 of 106
Anyone miss the part where Apple was trying to make us believe the site was down for maintenance,
And since it's taking longer than expected to recover from this and they known"maintenance" is no longer
Believable, now they tell us the truth. I'm feeling very lied to, I don't care if they all do the cover up thing,
It's not cool at all!
post #70 of 106

1) This isn't iCloud

2) No Credit card information as devs are redirected to the iTunes store to purchase ( the purchasing of a dev program is a basket "item").

3) It was hacked. An intruder is only an intruder if he intrudes. If not he is a non-intruder.

 

 


Quote:
Originally Posted by anantksundaram View Post

Sorry to be picky, but the poorly constructed second sentence is shocking. Very un-Apple-like

The company really needs to hire a decent copy editor who vets stuff like this.

 

There has been a noted increase in people's inability to understand basic sentences. I could post from the children's book in the 19th century which has far more complex structures than anything posted or understood by adults today. 

 

Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed.

 

Two equal clauses separated by a comma ( it could have been a semi-colon but that are taboo in the US). The however which links the clauses is followed by a comma, which is recommended.  What's complex? Then there is a comma delimited list of possibly affected items. The and/or is a bit stylistically odd, but its indicating that some, or all of this list could have been compromised.


Edited by asdasd - 7/22/13 at 3:02am
I wanted dsadsa bit it was taken.
Reply
I wanted dsadsa bit it was taken.
Reply
post #71 of 106
Quote:
Originally Posted by btracy713 View Post

Anyone miss the part where Apple was trying to make us believe the site was down for maintenance,
And since it's taking longer than expected to recover from this and they known"maintenance" is no longer
Believable, now they tell us the truth. I'm feeling very lied to, I don't care if they all do the cover up thing,
It's not cool at all!

 

Oh many companies do this. In any case they are maintaining it, fixing it, at the moment. Thats the downtime. The intruder has been extruded.

I wanted dsadsa bit it was taken.
Reply
I wanted dsadsa bit it was taken.
Reply
post #72 of 106
Quote:
Originally Posted by Tallest Skil View Post

What sort of mismanaged website needs twenty million a YEAR?! Or at all, for that matter.

They said they're redoing it from scratch already.

You're kidding right, 20 million is nothing compared to what Microsoft, Google, Amazon, even eBay spend a year. It cost over 100 million to get Bing operational.
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #73 of 106
Quote:
Originally Posted by Tallest Skil View Post



Yes, because AppleInsider's article titles have always been 100% accurate, word for word representations of

1. reality
2. proper grammar

I don't need a period there. I don't need a temherte slaqî. I don't need any punctuation.


1oyvey.gif

That's fine, anyway. It needed an overhaul; now they have an excuse to take it down all the way to do it!

 

That's good, attempting to correct people's grammar when you can't comprehend English.

 

An intruder is not someone attempting to get in.  An intruder is someone who has successfully got in.  The attempt part references the intruders intentions regarding the personal information.  It is like a burglar who has broken into premisses and then attempts to obtain the contents of a safe, but failed.

post #74 of 106
Quote:
Originally Posted by ankleskater View Post

Why is the stock always the first thing people think of when it comes to assessing the importance of any issue? Is that the main reason why many here care about Apple?

What, care are about a multibillion dollar, multinational company, NO. Apple isn't your buddy, they don't come over to your house and make you soup when your sick. So yes, as an investor, situations like these are of concern. I like using Apple products like the next person but I have zero emotional attachment over inanimate objects or any specific company.You might be suffering from objectophilia and might want to get that looked at.

Just kidding, me like Apple too.
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
When I looked up "Ninjas" in Thesaurus.com, it said "Ninja's can't be found" Well played Ninjas, well played.
Reply
post #75 of 106
Quote:
Originally Posted by Slurpy View Post

iCloud has worked pretty much 100% of time time for me in the past few months. 
I'm running the iOS7 beta, and Siri is now just as fast as Google now. It's blazing fast. 
Appstore download speeds pretty much saturate my connection, everything downloads extremely fast. Infinity blade 2 took 10 min tops for me, if not less. 

So I would have to disagree about the "embarrassingly bad" part. They're better than 99% of whats out there, especially considering the scope and breadth of what they;re doing, the complexity, and the amount of users heavily using iCloud products (ie. hundreds of millions). Only Google competes in sheer scale, and Apple is constantly improving, and learning everyday. 

iCloud has been down numerous times in the past months. Don't sit here and tell me its worked pretty much 100% of the time. Stop drinking the kook-aid! We all know iCloud isn't know for its reliability and speed.

I will say that I do experience Siri to be quite fast compared to iOS 6. Download speeds off the app store are pretty fast (assuming you have a fast connection).

Mac Mini (Mid 2011) 2.5 GHz Core i5

120 GB SSD/500 GB HD/8 GB RAM

AMD Radeon HD 6630M 256 MB

Reply

Mac Mini (Mid 2011) 2.5 GHz Core i5

120 GB SSD/500 GB HD/8 GB RAM

AMD Radeon HD 6630M 256 MB

Reply
post #76 of 106
Quote:
Originally Posted by AppleZilla View Post

If we would cut all Internet lines to China, the digital world would be a much better place.


Just hope they (China) do not cut their manufacturing line. If they do we will not have any phones.

post #77 of 106
Quote:
Originally Posted by rjc999 View Post

 Point is, we get lots of apologetics here explaining away Apple fuckups, people look the other way, while other companies are raked over the coals. You can bet if a similar thing had happened to developers.google.com or developers.android.com, the same people looking to hand-wave away the issue or give the benefit of the doubt would be raising pitchforks.

 

 

This is an Apple fansite :p   Android sites have an equivalent contingent that lambast Apple on almost everything, although they seem to bash Google more than the Apple people who give Apple a free ride on everything.

 

That said, this is unplanned downtime, so the answer is one of the two:

 

Apple got hacked and is scrambling to recover. or....

Apples services are built on such a house of cards that it all fell down and they are now scrambling to fix it (as many of the Apple people have pointed out 'it needed fixing anyways')

 

Not a good thing for Apple, certainly, but not doomsday either way.   Apple will fix it and march forward.

post #78 of 106
From another web report at 9to5:

"Security researcher Ibrahim Balic is claiming to have reported a Developer Center security hole just hours before the portal went down.

After reviewing the information and speaking with Balic, it seems as if Apple’s website could be breached through a simple unescaped injection attack. We haven’t seen the script ourselves, so this isn’t completely confirmed.

Balic was able to access first and last names, Apple IDs/email addresses, and user IDs. From the information he shows in the YouTube video and what he described to me in an email, the leak does not show any other information.

In an email to me, Balic also states that the exposed Apple IDs belong to developers as well as regular users. His YouTube video description states he was able glean over 100,000 users’ information, but is planning on deleting all of the information.

He is persistent in stating he did this for security research purposes and does not plan to use the information in any malicious manner."
1hmm.gif
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #79 of 106
Quote:
Originally Posted by rjc999 View Post

What a coincidence, as DED just published an editorial lambasting Google for not giving enough thought to security.

 

 

Just because Apple was hacked does not mean it does not give a damn about security. Governments like China and Russia have quite sophisticated hacking operations. Apple seems to be taking it pretty seriously. 

post #80 of 106
Quote:
Originally Posted by btracy713 View Post

Anyone miss the part where Apple was trying to make us believe the site was down for maintenance,
And since it's taking longer than expected to recover from this and they known"maintenance" is no longer
Believable, now they tell us the truth. I'm feeling very lied to, I don't care if they all do the cover up thing,
It's not cool at all!

Perhaps, you are just a cynic. The site IS down for maintenance. The reason seems to be somebody hacked the site. You also assume Apple immediately had all the information. Investigating the situation before making an announcement was the way to go. 

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
AppleInsider › Forums › Software › Mac OS X › Apple says its developer site was hacked, but that sensitive data was encrypted