

Apple provides credit to people who have reported security issues - k-mcgrady
http://support.apple.com/kb/HT1318

======
martin_
I think what's more relevant here is that there were two remote code execution
vulnerabilities found which were responsible for the dev center being taken
down. So it wasn't a result of Ibrahim Balic's "information disclosure issue"

------
k-mcgrady
>> "An information disclosure issue was addressed. We would like to
acknowledge Ibrahim BALIC (Balich IT - www.balicbilisim.com) for reporting
this issue.

This was the guy who posted the YouTube video claiming he found the flaw that
forced Apple to take the developer center down for one week.

------
Apocryphon
It's interesting how the names of all of the security specialists and other
discoverers of flaws in this list appear to be non-Anglo-American in origin.
Very international.

~~~
asveikau
It might also be "interesting" to you the number of monolingual people born
and raised in the US who have "non-Anglo-American" origins.

It always puzzles me to see statements like this... Maybe I'm biased by the
fact that I am American but don't have a western european surname and a good
number of Americans I interact with do not either. In what part of the country
does it seem remarkable for someone to have a "non-Anglo-American" name?

~~~
jlgreco
I would say that nowhere in America would a "non-Anglo-American" surname be
remarkable. In some areas the distribution of "non-Anglo-American" names and
"Anglo-American" names may be considered remarkable though. Basically, I think
he is seeing a trend that he finds interesting, which is a different than
finding a particular instance interesting.

Put it this way, if I ran into somebody named "Lutz", I wouldn't think
anything of it. If I ran across _many_ people with Germanic names though, I
might wonder if I were in somewhere like south-central PA (an area notable for
a large number of German descendants:
[http://en.wikipedia.org/wiki/Pennsylvania_Dutch](http://en.wikipedia.org/wiki/Pennsylvania_Dutch)).
The distribution would catch my eye, not the particular name itself.

(Personally, I'm not really seeing any interesting trends with those names.)

~~~
asveikau
Yes, I was thinking specifically about "pockets" which have long history of
this.. Germans in places like PA or OH, Irish and Italians in basically any
northeastern city, Polish and other Slavs in Chicago, Nordic in the upper
midwest, Ashkenazi in New York, Dutch in New York, French in Louisiana,
Spanish in the west but increasingly everywhere... Even taking 20th and 21st
century immigration as "rounding error", I don't think there's very many
places you can go without being surrounded with non-English names.

------
smackfu
It still amazes me that Apple responded to a responsible disclosure of an
exploit by taking their system down for weeks. Can you imagine someone like
Facebook or Amazon having to do that?

~~~
melling
I'm not exactly sure why you would equate Apple taking down their developer
support subsystem with all of Facebook or Amazon coming down. Apple.com didn't
go down. 99.99% of their customers never knew the difference.

~~~
sliverstorm
Whereas, on the other side of the coin if Amazon.com goes down, it takes 20%
of global ecommerce down with it.

The scales of impact aren't even on the same register.

~~~
epistasis
This outage would be equivalent to an outage of Amazon's merchant APIs for
adding new products. Even if that happened, normal Amazon.com commerce would
continue.

------
burgeralarm
The acknowledgement appears to be gone now, unless I'm missing something.

~~~
martin_
No, it's still there.

2013-07-22 iadworkbench.apple.com

An information disclosure issue was addressed. We would like to acknowledge
Ibrahim BALIC (Balich IT - www.balicbilisim.com) for reporting this issue.

~~~
burgeralarm
Odd, must have been some caching thing. Changing the language caused it to
show up.

~~~
curveship
The message apparently is and isn't there. If I go to
[http://support.apple.com/kb/HT1318](http://support.apple.com/kb/HT1318) ,
it's not shown. But if I go to
[http://support.apple.com/kb/HT1318?viewlocale=en_US](http://support.apple.com/kb/HT1318?viewlocale=en_US)
, then it (and several other recent updates) are shown.
Cache/translation/backlog issue?

------
ryderm
> We would like to acknowledge Narendra Bhati (R00t Sh3ll The Untraceable) of
> Cyber Octet Pvt.Ltd for reporting this issue.

hah, some of these are entertaining.

------
gnu8
The only credits I need are the ones on Full-Disclosure.

------
mason240
Is this the same issue that was discussed on the This Week in Tech podcast
about a month ago?

------
davea37
> Apple acknowledges Ibrahim Balic for discovering security flaw in dev center

This title is inaccurate - the linked pages credits 7dscan.com and SCANV for
reporting the developer centre issue.

Ibrahim BALIC is credited with reporting an apparently unrelated issue in iAd
Workbench.

~~~
theboywho
Yup, the title is flawed and is obviously a failed attempt at making it seem
somehow related to the recent FB security team issue.

