Following yesterday’s surprise announcement that multiple employee computers within Cuptertino had been compromised by a malicious zero-day Java exploit that was uploaded to an iOS developer forum, the owner of the attacked site has spoken out, claiming that not only did he have no idea he had been hacked… Apple never even contacted him to tell him.
The iOS developer forum in question is called iPhone Dev SDK, and the owner, Ian Sefferman, spoke to The Next Web about what happened.
Even after Apple knew about where the attack had come from, though, they never bothered to contact the admins behind iPhone Dev SDK to tell them they were putting thousands of iOS developers at risk. Again, from The Next Web’s article:
“We were alerted through the press, via an AllThingsD article, which cited Facebook,” says Sefferman. “Prior to this article, we had no knowledge of this breach and hadn’t been contacted by Facebook, any other company, or any law enforcement about the potential breach.”
It seems unconscionable that Apple wouldn’t contact the site administrators. iPhone Dev SDK is a portal and resource for the very developers who have made iOS great. To not warn the site administrators is to allow the developers who use the site to become compromised.
For more information, check out the link below. Apple’s actions here are a strange oversight at best, a terrible lapse in judgment at worst.
- Source The Next Web