Sunday, September 15, 2013

Developer Portal Breached, Taken Offline

For mobile developers and designers, the go-to website for all things iOS is Apple’s developer center. That's where developers flock to discuss functionality and talk over problems in the company’s developer forums; it's also a central location for download the beta OS and learning how to work with new features. Layered software design in iOS 7. But the Apple Developer Center hit a major snag in the middle of the summer. A security researcher reported to Apple that he had found a way to hack the portal and exposed some major flaws in its system. The flaws exposed the personal information of thousands of registered Apple developers, leading Apple shut down the developer center for more than a week as it worked through the issues. Apple had most of the developer center up and running a little more than a week after the breach. Still, areas such as the help center, developer forums and troubleshooting remained offline for an extended period of time. When a company releases a major redesign of its core product and implements thousands of new SDKs to support that release, the last thing it wants is for its developer website to fail, for any reason. Mobile developers and designers were already feeling the rush to build apps for the new iOS 7 as they worked through major changes on a truncated timescale. For them to spend more than a week cut off from key developer resources was not, shall we say, helpful. People Locked Out Of Their iPhones & iPads Wednesday evening, some users of the iOS 7 beta reported that their phones had switched off and deactivated. No matter what they tried, they couldn’t revive them. Users reported that their iPhones and iPads were telling them they weren't authorized users and that the activation server at Apple was down. People, understandably, freaked out. See also: How To Downgrade The iOS 7 Beta Down To iOS 6 The Easy Way The iOS 7 beta has seen a huge surge in popularity among non-developers this year, unlike any other iOS beta that Apple has come out with. Some app publishers have said that nearly 7% of their total iOS traffic has come from iOS 7 beta, meaning that many, many people that are not developers have downloaded and installed the new version of the operating system. Historically during an iOS beta period, fewer than 1% of iPhones and iPads tend to be running the beta software. Third-party websites are responsible for this. These are sites that have signed up for Apple’s developer program (at $100 a year) and then sold access to iOS 7 beta to curious users by registering their Unique Device Identifier (UDID) with the site. This is against Apple’s developer program terms of service and generally frowned upon by actual developers. Apple has tried to squelch these UDID registration sites by going after the sellers, but found it difficult to extend that dragnet over such a large number of users that already have iOS 7 beta on their iPhones and iPads. Last night, many such users hit a snag.

No comments:

Post a Comment