My money is personally on massive, unrecoverable data loss.<p>If you've ever poked around with the way that Apple's website works, you can see that the entire place is a huge mess. There's old servers running ancient (pre-2004) perl scripts alongside the brand new iCloud gear. I can't imagine how the authentication for AppleID is working as login details still work on the ancient pages (think pinstripes and glassy buttons). Depending what URL you hit, the webserver is using php3, php4, perl, python or maybe WebObjects (java).<p>At one point I wrote a scraper that was targeting one of their product pages, and kept getting random, unexplainable results. It turned out that one of their product areas was behind a round-robin load balancer, with three completely different apache versions on each server. The page was dying on one but not the other two. In the end I just had to repetitively scrape until I hit a good response.<p>Even the domain for the "maintenance" page for the developer section is telling. It's just a broken template system regurgitating a bit of the homepage.<p><a href="http://devimages.apple.com/maintenance/" rel="nofollow">http://devimages.apple.com/maintenance/</a><p><a href="http://devimages.apple.com/" rel="nofollow">http://devimages.apple.com/</a><p>Truly a hacked together system. Some engineers at Apple must be having a truly awful weekend, no matter the cause and solution.
Could you imagine if the Linux Developer Center went down? It'd be nearly impossible to write Linux software, or download Linux development tools, or generate a Linux binary that a device was allowed to run. It'd be awful.
Apple's websites are among the worst corporate sites I've ever used. I don't say that just to be critical or cynical (ahem), I'm merely pointing out that they have tremendous room for improvement. As opposed to say php.net or stackoverflow.com which still give me that fresh air "why can't all sites be like this?" feeling every time I visit them.<p>Most of the time when I visit Apple's sites now, I just assume that what I need to find will either be buried in a convoluted maze, or simply won't exist, and I'll find myself on a "this has been deprecated" 404-style page which takes me someplace only loosely related to what I was looking for. So I end up back at google to try to find a copy of the information either cached somewhere or offsite.<p>Simply being an Apple developer is a chore. Keeping up with yearly certificate expirations is taxing when you are contracting for several clients. And they never really worked out an easy way to allow several developers to share certs. I just assume now that the other developers will invalidate whatever shared cert I made.<p>The situation is bad enough, and exacerbated by Apple stubbornly refusing to see the flaws, that I wish a startup would encapsulate the friction and just take care of all the minutia for me. I should never have to personally deal with provisioning. Anything short of a one click submission to iTunes Connect is reminiscent of all the TCP/IP details that we used to have to put in our modems in the dialup days, when all that should have been required was a phone number and passcode. I can't gently forgive them for it. So I think this downtime could be a wakeup call for them that the inefficiencies in their system are even costing them now.
What's even worse is that we, the developers, their customers, will never get to know what happened. Because that's the Apple way.<p>I'd really love that Apple proves me wrong on this one and comes clean on the problem, the cause and prevention measures being put in place so this won't happen again, whatever it is.
I have received 6 "How to reset your Apple ID password" Email from Apple during the last couple of days, none of which was triggered by me. Could this be related?
Just received following email- confirmed breach:<p>Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.<p>In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
Let us compare:<p>World's premier closed-source shop: (presumably) gets hacked; goes down; stays down.<p>Github, Rubygems, Linux Kernel, etc. get hacked; restore from SHA256SUM'ed backups; keep moving.<p>Turns out what used to be called "hobby" projects matter, because code made without love has a smell, and no one does a "hobby" for anything but. (Remember the 'ama' in 'amateur')
(ok ok so kernel.org was down for a while. But remember all the heavy lifting done by git to keep those commits clean. It was <i>just</i> the server, not the data.)
This reminds me, yesterday i got an obviously spoofed phishing email from "apple" telling me to reset my passwords and reenter my CC info. Anybody else get that?<p><a href="http://imgur.com/hyta4bC" rel="nofollow">http://imgur.com/hyta4bC</a>
I just went to check on the dev center and got this e-mail:<p>Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.<p>In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
Apple is set to report their earnings on Tuesday, July 23rd. If this isn't back up by Tuesday evening, it's going to be a very interesting earnings conference call.
I would be <i>very</i> interested to see what the implications would be if this had happened to iCloud.<p>I'm sure Apple are as unhappy about whatever has happened as the rest of us (likely much more so), but I think at least some communication from them about it would be in order.
Instead of fighting about which platform is the best, I hope all of you will agree that Apple should not leave us in the dark for 15min, let alone 3 days, or not even "post mortem" to answer the question "what happened?".
Apple just released an update (developers should be getting it in their inbox) but still no ETA on when it'll be up. Very unfortunate for those of us waiting to release apps before August.
> or device provisioning and certificates (potentially very profitable)<p>Well, an `App'(, the name of which I would not like to identify, ) which was installed using Safari exploits and whose intended use is to help users search and install apps free of charge from AppStore, is still up and running.<p>I guess there exist various exploits up and down the App Store chains, till now.
If it weren't Sunday, I wouldn't speculate, but it is. My 2 cents: iOS7 updates galore. Just imagine everything that could be overhauled. Even the old gray textured background we see is not very much like iOS 7.<p>iOS is in a big transition here. You can't even update apps at all unless you now include 'widescreen' support, for example. If you don't, iTunes reports an Invalid Binary (no default 586 image, etc).<p>So I would guess a huge overhaul, and typical Apple, is taking care of that vs. arguing or commenting on theories.