Skip to main content

Security researcher Ibrahim Balic credited by Apple for reporting Developer Center issue

This morning, Apple updated its Apple Web Server notifications page to credit security researcher Ibrahim Balic and several others for pointing out security flaws in their web servers.

Balic claimed to be responsible for taking down the Developer Center after demonstrating how security flaws in the website allowed him to gather full names and Apple IDs. After Apple did not respond promptly to his bug reports, he posted the details to YouTube and discussed them on Twitter. The video has since been taken down.

During the Developer Center’s one week outage (other services took even longer to be restored), Balic was contacted by Apple and their security team to gather more details. During initial contact with 9to5Mac back in July, he was very persistent on stating that he’s not a “hacker” and was not going to use the data for any malicious purposes. Apple, it appears, did appreciate his findings and is now crediting him on their website:

2013-07-22 iadworkbench.apple.com

An information disclosure issue was addressed. We would like to acknowledge Ibrahim BALIC (Balich IT – www.balicbilisim.com) for reporting this issue.

This listing, however, does not confirm that he was solely responsible for Apple’s take-down of the Developer Center, but Balic has told me that his “other reported bugs are waiting to be listed” on the page.

On August 10th, all services were restored in the Developer Center and members received a one month extension as a result of the downtime. The front-facing site itself did not change, but Apple spent time to rebuild the database and update software.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Jim Huls (@Techslacker) - 11 years ago

    I can’t help but think that had this occurred under Jobs’ watch that this guy wouldn’t get a lick of credit and likely barred from anything Apple has under their control for life. I think it’s great he’s getting credit…just noting what I see as yet another change in Apple now from Apple in the past.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications