Apple says its developer site was hacked, but that sensitive data was encrypted

2456

Comments

  • Reply 21 of 107
    shompashompa Posts: 343member
    Guess that Apple should have continued to use Solaris/Sun/Oracle like they did before iCloud.

    Using HP machines Azure will never work 100% (or 99.9995% that is acceptable downtime) or be secure.

    Apple should use their own Xserve/Unix servers. Not play around.....

    Guess its the same old problem:
    Old unpatched SSH SQL injection.
  • Reply 22 of 107
    tallest skiltallest skil Posts: 43,388member
    [quote name="rjc999" url="/t/158582/apple-says-its-developer-site-was-hacked-but-that-sensitive-data-was-encrypted#post_2365124"]Did you miss the part where they were? If they weren't hacked, Apple would not have taken down the site. [/QUOTE]

    Mhmm. Say, the Apple Store goes down a lot. You don't think...

    [QUOTE]Apple said they cannot rule out that people's information had been taken...[/QUOTE]

    Which is true of any access to any website for any purpose.

    [QUOTE]...lots of people...[/QUOTE]

    I see one.
  • Reply 23 of 107
    epsycoepsyco Posts: 3member


    Apple said there was an intrusion, I received one of these E-mails myself, so they were hacked as far as the term goes.  What they could not confirm was whether the intruder actually accessed any developer data, but regardless, personal data, including my name and home address, was compromised.

  • Reply 24 of 107
    cintoscintos Posts: 113member
    dasanman69 wrote: »
    And Russia
    And South Korea. Perhaps some cell phone manufacturer trying to get a jump on the next big thing no that their inside data faucet has been turned off.
  • Reply 25 of 107


    Hacking is like fragmentation or malware. All websites/companies get hacked just like all OS's have fragmentation or are subject to malware.


     


    However, it's not black & white. You can have your website disrupted or you can have information stolen (perhaps only a few accounts or things like e-mails all the way up to hackers getting everything as if they had physical access to the server backups).


     


    Nonetheless, this won't stop the trolls from proclaiming this was a serious breach and loss of information just like they claim that Android and iOS are somehow equal in terms of fragmentation or malware.

  • Reply 26 of 107

    Quote:

    Originally Posted by Epsyco View Post


     but regardless, personal data, including my name and home address, was compromised.



     


    Wrong. Apple said "some developers names, e-mails and addresses may have been accessed". You can't claim your name and address were accessed because you don't know.

  • Reply 27 of 107
    tallest skiltallest skil Posts: 43,388member
    Wrong. Apple said "some developers names, e-mails and addresses may have been accessed". You can't claim your name and address were accessed because you don't know.

    Similarly, it cannot be said that because you got a password reset e-mail that you were specifically affected.
  • Reply 28 of 107
    epsycoepsyco Posts: 3member

    Quote:

    Originally Posted by EricTheHalfBee View Post


     


    Wrong. Apple said "some developers names, e-mails and addresses may have been accessed". You can't claim your name and address were accessed because you don't know.



    I'm not saying the data was accessed, I'm saying its security was compromised.

  • Reply 29 of 107
    adonissmuadonissmu Posts: 1,776member

    Quote:

    Originally Posted by Tallest Skil View Post







    Yes, because AppleInsider's article titles have always been 100% accurate, word for word representations of



    1. reality

    2. proper grammar



    I don't need a period there. I don't need a temherte slaqî. I don't need any punctuation.





    image



    That's fine, anyway. It needed an overhaul; now they have an excuse to take it down all the way to do it!


    Thats exactly what this was. It was an opportunity to take down the site lock stock and barrel and put up the new stuff.

  • Reply 30 of 107
    dasanman69dasanman69 Posts: 13,002member
    1000
    1000

    But at what point is a intruder an intruder? The name suggests that he/she actually got in, now whether or not they were able to access any info is a different story. I see it as someone breaking into a house but upon getting in finds that all the valuables are stored in safes.
  • Reply 31 of 107
    gazoobeegazoobee Posts: 3,754member

    Quote:

    Originally Posted by zoffdino View Post


     


    Agree. Their web services have been embarassingly bad, since the day of .mac, MobileMe and now iCloud. iCloud syncing works about 70% of the time for me, the rest, it just hangs when trying to upload a document. Siri, after 2 years, is still slow, when Google Now make you think your device is doing magic. And let's not talk about the horrendous download speed from the App Store. Some larger games (like Infinity Blade 2 @ 1.1GB) takes well over a hour to download on my 30Mbps connection.


     


    Oh... and on the new Xcode... it's too flat, and may even be a bit... ugly???



     


    OMG just shut up  Nothing you are saying here is relevant to what's going on at all, and most of it is just your personal opinion based on nothing.  

  • Reply 32 of 107
    gazoobeegazoobee Posts: 3,754member

    Quote:

    Originally Posted by dasanman69 View Post





    But at what point is a intruder an intruder? The name suggests that he/she actually got in, now whether or not they were able to access any info is a different story. I see it as someone breaking into a house but upon getting in finds that all the valuables are stored in safes.


     


    I'll lay it out for you.


     


    1) the site was hacked


    2) the nature of the attack was an attempt to access developer's personal information.


    3) at some point it was discovered, the big red button was pushed and everything was shut down


    4) they are trying to figure out if any information was actually obtained. 


     


    Therefore both the title of this article and the phrasing of Apple's email statement are actually correct, and both agree with each other.  


     


    5) There is a missing "the" that should be the eighth word of the second sentence of Apple's statement, but I'm guessing whomever wrote it was a little stressed at the time. 

  • Reply 33 of 107
    malax wrote: »
    Maybe they'll finally hire some excellent Web developers to manage their developer site and online tools. It's always been embarrassing bad compared to all other Apple products and resources. Throw $20 million/year at it and make it a world-class operation.

    http://www.datacenterknowledge.com/the-apple-data-center-faq-part-3/
  • Reply 34 of 107
    drblank wrote: »
    Well, why don't you apply for the job?

    His resume says, "I once criticized Apple's security on the Internet."
  • Reply 35 of 107
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by zoffdino View Post



    The breach is not too serious in my opinion. Namand email addreses of developers are not super sensitive information. But I expect Apple stock to tank on Monday. It goes down on good news, bad news, any news!


    Why is the stock always the first thing people think of when it comes to assessing the importance of any issue? Is that the main reason why many here care about Apple?

  • Reply 36 of 107
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by EricTheHalfBee View Post


    Hacking is like fragmentation or malware. All websites/companies get hacked just like all OS's have fragmentation or are subject to malware.


     



    No.


     


    Please don't make up stuff if you don't understand something.

  • Reply 37 of 107
    rabrab Posts: 2member


    I'm immediately thinking "Samsung"

  • Reply 38 of 107
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by anantksundaram View Post



    Sorry to be picky, but the poorly constructed second sentence is shocking. Very un-Apple-like



    The company really needs to hire a decent copy editor who vets stuff like this.


    Can be easily fixed by replacing the comma in front of "however" to a semi-colon. Quite possibly just a typo. This type of message is likely vetted by a lawyer and not a copy editor.

  • Reply 39 of 107
    vl-tonevl-tone Posts: 337member


    Apparently, the "intruder" was a "security researcher".


     


    Youtube Video


     


    Edit : Ok I've removed the video because of a complaint from Gazoobee that it was publicity for this guy, even though the video will probably be in a ton of news articles and on Twitter this morning when tech journalists wake up. We will certainly hear more about the guy soon, considering the implications.


     


    Now the video is still quoted in Gazoobee's post at the time of writing this...

  • Reply 40 of 107
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by charlituna View Post





    Yep. They didn't confirm being hacked but rather that someone tried. But they are informing folks just in case and acting under the assumption that if they isn't get in they might have gotten close enough to use what they have for a second attempt.



    Totally perfect response.


    More perfect if they had distributed the message to the developers earlier.

Sign In or Register to comment.