The “security researcher” who says he accessed encrypted data from Apple’s developer center says he meant no harm or damage, he merely wanted to see “how deep” he could go.
In a comment made on TechCrunch, Ibrahim Balic identified himself as a “security researcher” who attempted to point out serious issues to Apple about its Dev Center website. His comments came in response to an admission by Apple on Sunday that its developer website was hacked.
Balic says he found and reported 13 bugs to the company, and that he has no intention of accessing or using the encrypted data he obtained. Apple says the personal information on the registered developers is encrypted, and the company doesn’t believe the information can be accessed. However, Balic says he was able to obtain some user information as evidence to show Apple the apparent security flaw.
He claims to have taken the details of 73 users — all Apple employees — and forwarded them to the company as an example of the flaw.
Around 4 hours after Balic gave the user data to Apple, the company shut down its Developer Center website. The outage started on Thursday, and has continued ever since. Apple is reported to have been working “around the clock” to patch the security holes.
Balic’s comments are in an apparent effort to clear his name, as he’s “not feeling very happy” about how the situation has been portrayed, and he also fears legal action may be brought against him.
“I did not done this research to harm or damage,” Balic said in his comments. “I didn’t attempt to publish or have not shared this situation with anybody else. My aim was to report bugs and collect the datas for the porpoise (sic) of seeing how deep I can go within this scope.”