Apple hack conducted for the greater good of research

Summary:A security researcher has stepped up and shouldered the blame for taking down Apple's Dev Center --all in the name of blowing the whistle on bugs.

dev-center-down-620x392

Ibrahim Balic has admitted to taking down Apple's developer portal -- but wants to make the difference between a hacker and security researcher crystal clear.

Earlier this month, Apple's members-only development center, the Dev Center, experience a service outage . The site declared that the portal was "undergoing maintenance for an extended period," and the downtime spurred on a wave of grumbling across social media as developers were left in limbo.

The home page is now accessible, but the members-only area remains closed.

Downloads, guides, support, forums and developer tools all remain inaccessible. As beta testing for the latest Apple operating system is taking place for app developers, it seemed unlikely that maintenance was the true reason -- and once reports appeared that some users were receiving password reset emails, worries of a security breach began to surface.

Over the weekend, Apple revealed that "an intruder attempted to secure personal information of our registered developers from [the] developer website" in an email sent to developers. As a result, the Cupertino-based firm said it was working to prevent such a breach taking place again.

Taking to Twitter, London-based researcher Ibrahim Balic then claimed responsibility for the service outage.

Screen Shot 2013-07-24 at 09.17.30

Rather than being conducted with malicious intent, the researcher says that flaws were exposed in the name of research. After reports suggested that the security breach was potentially caused by cybercriminals seeking confidential developer information, Balic tweeted:

"This is definitely not a hack attack, I have reported all the bugs. I am not a hacker, I do security research."

Following the disclosure, Balic came under Apple's scrutiny, which has now contacted him via email to discuss the security vulnerabilities in the portal.

BP2RH25CQAMR5g3

According to The Next Web, Balic's research discovered a total of 13 flaws, which were reported to the iPad and iPhone maker, and were also revealed in an uploaded video before being pulled. The researcher claims he was able to access the data of over 100,000 users.

 Apple's Dev Center  homepage now reads .

"In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database."

Topics: Apple, Security

About

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charli... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.