AppleDeveloper
Latest
Turkish security researcher claims responsibility for Apple dev center hack
When Apple's developer portal went down Thursday, there were a lot of questions left unanswered. One of the more notable was, just who was responsible for this attack on the premiere destinations for iOS and OS X developers? Turkish security researcher Ibrahim Balic is claiming he was behind the hack, but it wasn't his intention to cause any harm. Balic says that he reported the vulnerability to the proper Cupertino authorities but, for whatever reason, his efforts didn't end there. He actually exploited the security flaw he had discovered, which gave him access to the names, email and mailing addresses associated with developer accounts. In total he discovered 13 bugs, at least one of which he demonstrated in a YouTube video, that appeared to show him accessing a list of developer names and user IDs. That clip has since been pulled, as Balic was concerned about some of the information displayed on the screen. However, in a tweet he asserted that sharing the confidential data was essential to prove his point about the severity of the vulnerability. The researcher does insist that his actions were legal and ethical. He told the Guardian that he only accessed developer account data in an effort to discover just how deep the rabbit hole went as part of a penetration test and will delete all of the data he collected. He claims that immediately after reporting his findings to Cupertino the dev center was shutdown, but that he never received a follow up from someone at the company. Instead there was simply an announcement of an attack, without any correspondance between Balic and Apple. So far Apple has not responded to our request for comment, and has neither confirmed nor denied Balic's account of events.
Apple reveals that developer portal was hacked, announces system overhaul
Been paying attention to Twitter recently? You might have noticed Apple developers complaining about the company's developer portal, which has been out of service for a number of days. Today, Apple acknowledged the outage, explaining that the site was taken down to combat a security breach. "Sensitive personal information was encrypted and cannot be accessed," Cupertino told developers in an email. "However, we have not been able to rule out the possibility that some developers' names, mailing address and/or email addresses may have been accessed." Naturally, the company is taking the breach very seriously, and has said that it'll be rebuilding its entire developer system database and updating servers to prevent future incursions. Apple also assured developers whose developer accounts were up for renewal during the outage would not have their software pulled from the App Store. Furthermore, the company told MacWorld that customer information and app code was not compromised during the attack.
Apple: Working with Quartz Composer
You might not know it, but tucked away on those OS X install discs of yours are some magical applications that are grouped together as 'Developer Tools.' The big ticket item is XCode, Apple's IDE, but there are also lost of other tools in there that let you program in other ways.One of the best examples of this is Quartz Composer, which allows you to manipulate OS X's Quartz graphic layer by dragging and dropping. Sound interesting? If so, then you really need to check out Working with Quartz Composer. This starter tutorial will get you up and running in no time.
