Apple has released new details (via @cabel) on the security flaw that caused the Developer Center to be down for more than a week, noting via its Apple Web Server notifications page that a "remote code execution issue" was fixed.
On the site, Apple credits 7dscan.com and SCANV of www.knownsec.com for reporting the bug on July 18, which is the same day the Developer Center was taken offline. During the downtime, Apple reported that the Developer Center website had been hacked, with an intruder attempting "to secure personal information" from registered developers. The company noted that while sensitive information was encrypted, some developer names, mailing addresses, and/or email addresses may have been acquired.
The eight-day outage required a complete overhaul of Apple's developer systems and a restoration plan that slowly brought services back online.
While security researcher Ibrahim Balic speculated that he might have been behind the security breach, it is now clear that the issue he reported was unrelated to the major flaw that caused the downtime. Apple credits Ibrahim with reporting a separate iAd Workbench vulnerability on July 22. The vulnerability allowed Balic to obtain both names and Apple IDs of users.
On August 10, Apple reported that all of its developer services were back online, a full 23 days after the outage first occurred. As a result of the downtime, Apple gave all developers a one month extension on their developer memberships.
Saturday March 1, 2025 11:00 am PST by Joe Rossignol
iOS 19 is still around three months away from being unveiled, but there are plenty of rumors about the upcoming update.
Below, we recap iOS 19 rumors so far.
Redesigned Camera App
A leak earlier this year allegedly revealed a redesigned Camera app coming with iOS 19.
On his YouTube channel Front Page Tech in January, Jon Prosser shared a video showing what the new Camera app will...
Wednesday February 26, 2025 7:15 am PST by Joe Rossignol
In a recent press release, Apple confirmed that iOS 18.4 will be released in April.
From the Apple News+ Food announcement:Coming with iOS 18.4 and iPadOS 18.4 in April, Apple News+ subscribers will have access to Apple News+ Food, a new section that will feature tens of thousands of recipes — as well as stories about restaurants, healthy eating, kitchen essentials, and more — from the...
Friday February 28, 2025 2:51 am PST by Tim Hardwick
Apple is expected to embrace a new camera system design for some models in its upcoming iPhone 17 series, and the latest purported CAD images don't deviate from what we have been hearing lately about Apple's new lineup. If you do not like the sound of an iPhone with a Google Pixel-style camera bar, look away now.
Seasoned leaker Sonny Dickson shared the following images in a post on X...
Friday February 28, 2025 3:17 pm PST by Juli Clover
iOS 18.4 was supposed to bring new Apple Intelligence Siri features, but Apple ended up needing to pull those capabilities from the update to continue testing. There are fewer new Apple Intelligence additions now, but there are still some new features that will make the update worth installing when it comes out in April.
Priority Notifications
Apple introduced Priority Notifications back at ...
Friday February 28, 2025 4:39 am PST by Tim Hardwick
Apple has offered a reason why the iPhone 16e doesn't include MagSafe, one of the more notable omissions from its latest entry-level smartphone.
According to Apple representatives who spoke to Daring Fireball's John Gruber, MagSafe is not included in the iPhone 16e because "most people in the iPhone 16e's target audience exclusively charge their phones by plugging them into a charging...
With the iPhone 16e now in the hands of customers, Apple reportedly plans to move on to its next product announcement in the coming days.
Apple plans to announce new MacBook Air models with the M4 chip "as early as this week," according to Bloomberg's Mark Gurman.
"I expect the M4 MacBook Air to be introduced as early as this week," said Gurman, in a post shared on X today. "Inventory has ...
Saturday March 1, 2025 10:00 am PST by Joe Rossignol
Throughout the 2000s and 2010s, Apple offered a line of Wi-Fi routers that it referred to as AirPort base stations. There was a standard AirPort Express, a higher-end AirPort Extreme with more advanced networking features, and an AirPort Time Capsule that doubled as an external storage drive for backing up a Mac with Time Machine.
Apple discontinued the AirPort line in 2018, but the company...
Friday February 28, 2025 10:08 am PST by Joe Rossignol
iPhone 16e reviews are now out, and Apple's custom-designed C1 modem has been put to the test. The results so far are quite surprising, as the C1's speeds are not as slow compared to Qualcomm modems as originally expected.
While the C1 does not support ultra-fast mmWave 5G in the U.S., it appears to offer comparable 5G performance to Qualcomm's Snapdragon X71 modem found in the iPhone 16,...
Monday February 24, 2025 9:14 am PST by Joe Rossignol
According to a post on X today from a leaker known as Kosutami, Apple plans to launch AirPods Pro 3 in May or June this year.
The leaker also claimed that an AirTag 2 will launch around the same time.
Kosutami is best known as a collector of prototype Apple hardware, but they have occasionally shared accurate information about Apple's future product plans. For example, they accurately...
Glad its finally all resolved. I'm sure someone is trying to find the next venerability.
ven·er·a·ble (vnr--bl) adj. 1. Commanding respect by virtue of age, dignity, character, or position. 2. Worthy of reverence, especially by religious or historical association: venerable relics. 3. Venerable Abbr. Ven. or V. a. Roman Catholic Church Used as a form of address for a person who has reached the first stage of canonization. b. Used as a form of address for an archdeacon in the Anglican Church or the Episcopal Church.
vener·a·ble·ness, vener·a·bili·ty n. vener·a·bly adv.
Key word, reported, but not confirmed. So, until that time I'll assume it is also a bug in OS X Server that needs addressing. However, I'll give the benefit of doubt and also throw in that it might be the software running on top of OS X.
Because he knows what he's talking about, unlike you. OSX Server is not designed for that kind of use and would crumble under the load.
Key word, reported, but not confirmed. So, until that time I'll assume it is also a bug in OS X Server that needs addressing. However, I'll give the benefit of doubt and also throw in that it might be the software running on top of OS X.
OS X server has tons of memory overhead (like the GUI) and is not as scalable as some other solutions. Servers at enterprise level need to be as optimised for one job (granted, depends on the server) as much as possible to reduce overhead and costs.
Bottom line: If you need to host a website which has millions of viewers a day, it's just not efficient nor costfriendly do to it purely on OS X. Also one thing to add is if you look at their job applications for System administrator it's mostly for Solaris/Linux.
Think of readers whose first language isn't English. When you use unusual words with spelling that is not found in any dictionary, they can have a hard time finding out what you mean. Ibrahim Balic is quite possibly one of them.
Now whatever was said about him, he deserved it. He took actions that he shouldn't have taken and openly boasted about it. If you want to appear as the tough guy who brought Apple's developer site down, then you deserve anything that comes as a reaction.
I am confused. He did what all security researchers do. Namely try to find bugs. He then quietly reported the bugs to Apple. The site then went down the same day. The guy freaked thinking he was the cause. To try and cover himself he posted a video outlining what happened. He was clearly worried about Apple coming after him. Turns out Apple credited him with discovering another unrelated bug. The guy acted properly and never boasted.
Apple has released new details (via @cabel) on the security flaw that caused the Developer Center to be down for more than a week, noting via its Apple Web Server notifications page that a "remote code execution issue" was fixed.
