Wednesday, May 18, 2016

credits Ibrahim Balic for reporting iAd Workbench vulnerability

Ibrahim Balic, an independent security resrcher, made the hdlines bytaking creditfor knocking ’s Dev Center out for thirteen days following hisdiscoveryof a seriousiAd Workbench vulnerability.Even though that issuehasn’t made the directly possible, it did force toshut down Dev Centerformore than a week.It has also prompted an overhaul of ’s developer systems, including updating the server software and rebuilding the entire database.Though Balic has rarely come out of stlth mode sinceprotecting his Twitter timelineout of fr of potential consequences, heneedn’t worry as has now credited him with reporting the iAd Workbench vulnerability… has made it official by mentioning Balic in an update over at theiAd Workbench website:“We would like to acknowledge Ibrahim BALIC (Balich IT – for reporting this issue,”the firm wrote.Balic confirmed to9to5Mac‘s Scott Buscemi thathis“other reported bugs are waiting to be listed”on ’sWeb Server notifiions page.Though the iAd Workbench vulnerability has made it sy toobtain both names and IDs of users,that issue was unrelated to another major flaw that prompted a system-wide shut down of the Dev Center.Previously, Balic toldTechCrunchthat hefiled a total of thirteen new bugs with since starting his resrch on July 16. Among them was the crucialbug #14488816 which allowed him to compromise iAd Workbench and get hold of the full names and IDs belonging to ’s registered iOS and Mac developers.Balic also said he reported the bugs to on July 18, just hours before the Dev Center went down. He madeit official bytweeting out,“Finally, I got the expected response from , I’m happy now,”adding“I do not want people to provoke this matter”.The resrcherhas always maintained his intentions were never malicious. on its part insistedthat no credit card data, or any other sensitive information, was compromised due to the or the downtime.

No comments:

Post a Comment