Advertise here




Advertise here

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with Google Sign In with OpenID
Sign In Register

Badges

Please do not post the same thing multiple times. The board software automatically flags certain posts as needing moderator attention. This happens the most often for new users. I'm pretty sure this is made clear at the time you attempt to post. Posting the same thing over and over again just makes that many more posts the moderators have to weed through later. This makes us sad. Don't make us sad. If your post/thread doesn't appear, just wait a while. Don't post it again. If it hasn't shown up by the next day, then you can try again. I normally go through posts in the mornings, and try to check a few times throughout the day, but I'm not here 24/7. There will typically be a significant delay before posts are approved. Just be patient.

iseff

About

Username
iseff
Joined
Visits
83
Last Active
Roles
Administrators
Points
37
Invited by
AppStoreHQ
Badges
6
Posts
22
Location
Seattle, WA
Twitter
iseff
Website
http://www.iseff.com

Reactions

0 Promote 1 Off Topic 1 Insightful 0 Disagree 0 Dislike 6 Like 1 Awesome 1 Spam 1 Abuse 0 Troll

  • iPhoneDevSDK compromised: What happened and how we are dealing with it

    iseffiseff
    Today, we were alerted that our site was part of an elaborate and sophisticated attack whose victims included large internet companies. We were alerted through the press, via an AllThingsD article, which cited Facebook. Prior to this article, we had no knowledge of this breach and hadn't been contacted by Facebook, any other company, or any law enforcement about the potential breach. You can read more about the attack via Facebook's blog post.

    As the most widely read dedicated iOS developer forum, we're targeted for attacks frequently. Security is a top priority for us, which is one reason why we switched to Vanilla Forums to host our site last year. Vanilla manages security like pros, and I should be clear that -- as best we can tell right now -- this attack has nothing to do with their software.

    Immediately, we were in contact with Facebook's security team, including Joe Sullivan, Facebook's Chief Security Officer, and his team, to learn what they knew. We also contacted Vanilla, our amazing forum hosts, to ensure the problem was not with their software.

    What we've learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user's computers.

    We're still trying to determine the exploit's exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013.

    As with Facebook, it's important to stress that we have no reason to believe user data was compromised.

    Just to be sure, we've reset all users' passwords. Please use our Forgot Password feature the next time you log in to reset your password.

    We're continuing to work with Facebook, Vanilla, other targeted companies, and law enforcement to find out who is behind this sophisticated attack.

    We're very sorry for the inconvenience -- we'll work tirelessly to ensure your data's security now and in the future. I want to thank Vanilla Forums for their help in the matter and for keeping the site secure, as well as Facebook for their help quickly after we reached out.
    leeja008mjappsplus[Deleted User]jitendra
    Flag 1Off Topic Insightful Disagree Dislike 3Like Awesome