iTunes Connect, Apple’s portal where developers manage software published on the App Store, is presenting many users with a widespread issue this morning. Several users are reporting logging in with their own credentials and being presented with both the name and apps of other iTunes Connect users, including upcoming, unreleased versions of apps. 9to5Mac has corroborated the errors with iTunes Connect. Read more
Apple tonight has released the first beta of iOS 8.1.1 to developers. This update is packed with bug fixes, according to the release notes. Most notably, “this release includes bug fixes, increased stability and performance improvements for iPad 2 and iPhone 4s.”
This marks the first time in recent history that Apple is seeding a beta for a patch update. A new seed for the Apple TV is also available. Apple released the first OS X Yosemite 10.10.1 beta earlier today. iOS 8.1.1 is the follow-up to iOS 8.1, which includes Apple Pay support, SMS forwarding to Yosemite, and iCloud Photo Library Beta.
Apple is also developing iOS 8.2 and iOS 8.3 for release next year.
This morning, Apple updated its Apple Web Server notifications page to credit security researcher Ibrahim Balic and several others for pointing out security flaws in their web servers.
Balic claimed to be responsible for taking down the Developer Center after demonstrating how security flaws in the website allowed him to gather full names and Apple IDs. After Apple did not respond promptly to his bug reports, he posted the details to YouTube and discussed them on Twitter. The video has since been taken down.
During the Developer Center’s one week outage (other services took even longer to be restored), Balic was contacted by Apple and their security team to gather more details. During initial contact with 9to5Mac back in July, he was very persistent on stating that he’s not a “hacker” and was not going to use the data for any malicious purposes. Apple, it appears, did appreciate his findings and is now crediting him on their website: Read more
Apple has been slowly restoring various services and overhauling its Developer Center since the company shut down all services to investigate an attempted breach into the system late last month. After outlining its plan to restore remaining services earlier this week, today the few developer services that remained down are now back online. That includes the Member Center, Program Enrollment and Renewals, and Technical Support. In addition, Apple has extended all developer memberships by one month as a result of the service interruption.
Following the security threat last month, Apple said it would work to completely overhaul its developer services, including “updating our server software, and rebuilding our entire database.” Since confirming the security issue and shutting down the developer center, it’s taken the company just over 3 weeks to rebuild its developer system and restore all services.
Apple provided extensions for developer memberships set to expire during the outages, and also launched a new System Status page for developers that shows the status of each developer service.
Here is the email that was sent out to developers: Read more
After being offline for more than a week, Apple’s Developer Center is back. Access to the portal was removed by Apple after it was discovered that a breach into the system granted individuals access to the names, mailing addresses, and email addresses of registered developers. Apple confirmed that sensitive personal data such as credit card information and developer passwords were encrypted and secure.
The Developer Center looks the same as it was prior to its removal, but we assume Apple has followed through with its promise to overhaul the entire system by updating its server software and rebuilding its databases from scratch so as to prevent another intrusion.
While most of the main developer services have returned, Apple is still in the process of restoring the entire portal to normal. Some areas of the site such as the forums, pre-release documentation, and development videos, are still offline as per Apple’s System Status page.
Apple has also emailed developers with this new information: