Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Don't compare "a house" with something like Apple's developer portal. There aren't millions of personal data files stored in your house. Bad comparison...

A better comparison then is a bank robber then and personal data files like money in a bank? :p


Sent from my iPhone using Tapatalk 2
 
he got scared that he might get caught, so he admits he has done it.
Well played sir, well played.
 
Developer bug reports are for items developed by Apple. Not general feedback. So the answer you got was appropriate. As would have been ignoring you.

[...]


So, you used a bug reporting system to ask a question instead of reporting a bug, and didn't like the answer you got to your non-bug. That's hardly a failure of the bug reporting system. It's not the right channel for that sort of inquiry.


You guys must have never used the system then.
There clearly is an option to submit more than "bugs". You can submit feature requests and failures of the system (although known and (yet) acknowledged) arise from a mediocre filesystem such as data corruption.
You folks might not have the same wishes as I do, that's fine, but don't try to be internet heroes and think for a moment.

Yes I did not like the reply, guess why. The reply was a big blow to anyone worried about data integrity, one of the last few truly untouched aspects by OS X.

Glassed Silver:mac
 
Something doesn't add up with this dude's story.

First of all, how long did it take him to break in to the servers? If it took a lot of time and effort, why was a developer spending all that time on security breach "tests"? Shouldn't he be busy coding apps or something?

Second, once he was in, couldn't he just download a file or two as proof of concept? Did he really need to download thousands of user's data?

And finally, he said he "will delete" the data. Why didn't he delete it immediately? A simple screenshot of a single page of data would have been plenty of proof for Apple to believe the guy got in and patch the holes.

This guy's actions may in fact help tighten the victim's security, but most crimes do. It's no less breaking and entering than any bank job. I would expect Apple to pursue this as a crime, especially in light of the amount of down time it's causing.

For all anyone knows, Apple may have been quietly tightening up security on the servers all along, at their own pace. Now they have been forced to do a complete overhaul all at once.
 
For all anyone knows, Apple may have been quietly tightening up security on the servers all along, at their own pace. Now they have been forced to do a complete overhaul all at once.

Exactly, people just assume that Apple were sitting there not actually ever testing the security of their sites, this will not be a case. They will test their sites regularly and fix things on a schedule, it's a standard.


Sent from my iPhone using Tapatalk 2
 
I didn't say there was a way to make it 100% or that I expected it from them. I'm saying this guy is clearly doing things the right way, he proved it could be done. There's no proof he is doing this for personal gain, or fame, or anything other than to show Apple they had a flaw in their security.

Fanboys like you are overreacting and need to calm your faces. If this was Samsung or Microsoft you'd be laughing at this, and saying the guy deserved a medal. But since he pointed out a flaw in the greatest company of all time, he's evil and needs to die.

you're like the guy freaking out, slapping everyone and telling them not to panic.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.