We apologize for the significant inconvenience caused by our developer website downtime. We've been working around the clock to overhaul our developer systems, update our server software, and rebuild our entire database. While we complete the work to bring our systems back online, we want to share the latest with you.
We plan to roll out our updated systems, starting with Certificates, Identifiers & Profiles, Apple Developer Forums, Bug Reporter, pre-release developer libraries, and videos first. Next, we will restore software downloads, so that the latest betas of iOS 7, Xcode 5, and OS X Mavericks will once again be available to program members. We'll then bring the remaining systems online. To keep you up to date on our progress, we've created a status page to display the availability of our systems.
If your program membership is set to expire during this period, it will be extended and your app will remain on the App Store. If you have any other concerns about your account, please contact us.
As of now right now (~1374712460) there are two systems that are online: iTunes Connect and Bug Reporter. And both seem to use the cannot-be-killed* WebObjects. You can clearly see that in the URLs as they mention "WebObjects" and end in ".woa" (assuming it means Web Objects Application).
*I've no idea what WebObjects are but I've heard people poke fun at their mention. Would be interesting if someone had more details to share.
Side Note: If you are looking to install Command Line Tools and seem to be unable to install Xcode from the App Store. You can go to Xcode > Preference and install it. Screen shot from a couple of minutes ago: http://i.imgur.com/KEhjkE3.png
WebObjects is kind of like Rails, but 20 years earlier. (Seriously, it's actually very similar to Rails, in it's bones. I don't know if dhh had seen WebObjects, or they just both had seen some smalltalk mvc framework)
They inherited it from NeXT, and it seriously was really ahead of it's time originally. Hell, it was a technically competent and competitive web framework through, oh, 2002 or 2004, maybe even a few years after that. (Can you tell I used to develop for it?)
But it ended up not being a market Apple wanted to be in, selling a web development framework, and it didn't get much attention, it withered on the vine. (Even if it had... 20 years of legacy is not good for a web framework, it would probably still suck by now -- and who wants a proprietary rather than open source web framework, if they can avoid it?). But they kept using it internally anyway long after they stopped marketting it or selling it externally.
Anyhow, it's really hilarious if the legacy WebObjects part of Apple's web infrastructure are actually the parts that are still up. Hilarious in a pleasant way for those of us who used to use and love WebObjects back in the day.
I was brought in as a contractor in the last few months, so I didn't get much of an overview, but I wrote template code (each page, and each component of a page, had three associated files: .wos for 'scripting', .html for templating, and .wod for 'declarations' to tie the other two together).
It was streets ahead of anything I'd previously used (mainly PHP code with intermingled HTML), and led me to build my next major project using XSLT to provide some insulation between the logic and presentation.
That _could_ be a prime example of security by obscurity. Who would spend time looking for a WebObjects exploit if you can spend that time looking for a Rails exploit?
WebObjects is a web application framework. It's OLD old. It's about ten years older than Ruby on Rails, putting it on par with PHP and Ruby itself. NeXT made it and Apple decided to make it free. It was Objective-C and is now Java.
I used WO in the late nineties and it was way ahead of its time. Enterprise Objects (which morphed into Core Data) was an amazing tool for working with databases. Today it's pretty obsolete and it's not easy to find people.
It's not any older than Interface Builder and other stuff in the Mac OS dev toolkit, as all of that came from NeXT. I would guess though that it has not been maintained or updated.
I don't know about you, but I can't convert epoch time in my head and I don't know anyone who can. What's benefit is there to posting epoch time instead of in ISO 8601 format?
Yeah, I noticed the WebObjects apps were back quick and first. With all of the iOS 7 bugs filed and the App Store in active use, I'm not at all surprised that they are too big to die for the time being. As for the rest of it, my money is on some Ruby descendant, based solely on the fact that all of the Passbook sample code was Ruby based, with a Sinatra app being the server and a signing gem bundled. I think some of Mavericks server utilities are Ruby based, too.
Isn't the developer portal written in Java too, probably with a mix of frameworks for different components (it certainly had a heterogenous feel on the front end)? I seem to remember some of the signon urls had .woa in them, and one of the former Struts developers mentioned a vulnerability which sounds like a likely candidate:
Ughhh. Just noticed that I can't install the XCode Command Line Tools because the dev center is down... no stdio.h on my system. What is this, the dark ages!? :)
I successfully installed the XCode command line tools on a new machine yesterday via the Preferences dialog box in XCode. The web installation route is definitely unavailable, but the Preferences route appears to continue to work.
This has nothing to do with an "all knowing central authority." This only affects people selling or developing using Apple's tools or distibution. Turning this into George Orwell borders on ridiculous. When AWS goes down, which is far more frequent than the Apple Dev center, are you still making tin foil hat assumptions, despite the fact that AWS outages affect a significant portion of the web, while the dev center means that we can't download a particular tool to build an App that obstensibly makes us money. If the freeway gets shut down because of an accident, I don't think we equate that with a totalitarian plot.
If I subscribed to Art Bell/Coast to Coast theories of the world, I'd be far more concerned about Google (and Facebook) than Apple. Google's product is you, sold to advertisers. Apple's product is primarily hardware. Apple has no financial incentive to know everything about you because that data doesn't really help them sell more stuff, if it does, it's marginal. While with Google, the more they know, the more they can then sell that information in the form of targeted advertising. Remember, Google is the one that wants(ed) to store health records. They store every single search query, indexed by IP, and if you're logged into to Gmail, to your name and every email you've ever sent. I don't hate Google or Apple, but to bring up some dystopian future because a dev center is down?
Maybe you're overinterpreting the parent commenter, who makes a valid point. I read it as: This reminds us of our (increasing?) dependence on systems operated by opaque and fragile entities that, on top of it all, may have goals at odds with our own.
In 1993, you were almost certainly going to have to pay money to write software on or for Mac OS. In 2013, you most certainly do not have to pay money on or for Mac OS X.
>In 2013, you most certainly do not have to pay money on or for Mac OS X.
You have to join the Apple Developer Program, which costs $99/year, in order to distribute software that will run on OS X with default Gatekeeper settings. The registration for that program is currently down.
Which is Apple's prerogative. I can't speak for the average user, but given the number of times that, say, Transmission has been downloaded solely through MacUpdate and CNET (1.5mm), it seems pretty clear that many users know how to turn Gatekeeper off.
I seem to remember you could just Brew Install this and in fact that's what prompted Apple to provide an official standalone gcc de-bundled from XCode.
I hate when no amount of evidence and history will keep ostrich-types from calling you a crazy conspiracist. I guess we won't understand until food delivery is dependent on iPhone Apps.
FWIW I highly recommend the Dominos iOS app (the food notsomuch). Don't even have to give your email unless you want to pay by cc.
As for the Orwellian drama, most people aren't looking to be footsoldiers in the crusade. They develop for Apple because it puts steak on the gd dinner table and if developing for Firefox OS did the same they'd be doing that too but as of it today it doesn't.
This is getting really frustrating - I'm waiting for several clients now in order to update profiles with new device info, and can't do so because the Apple service is offline, so no new betas for those clients. Most of their online services are not critical - things like online documentation and forums are really unimportant to me as a developer (that's what SO is for), but certification and adding device ids has the potential to sabotage a lot of their developers' schedules if this lasts much longer.
An outage of a few days is understandable to me if they're trying to do a security audit and update their systems, but an outage of a week?
For a large company like this with huge resources that just smacks of incompetence. They should be able to reproduce their systems on completely new hardware and up to date system software and frameworks within a day, surely? Does anyone know or care to speculate as to why this might take them so long?
That would be truly insane, I refuse to believe that's the case!
My best hypothesis is that they've upgraded all their software/frameworks which haven't been updated in 6 months, and have found a boatload of bugs related to running the old code on the updated software. I can't think why else they'd be doing that would take so long, and I sincerely hope there is no significant rewriting going on.
Perhaps they ought to disclose the IP address of the possible hack along with the method and specific technologies targeted in the breach. They should also provide the names and email addresses of the engineers helping fix the problem. They should have personally called every developer within the first 2 hours of the problem to inform them of exactly what line of code led to this utter mayhem.
I'm not sure how this affects their credibility at all. Does knowing within the first 10 seconds of the problem help you sell more apps or do your job any better? Did they make some kind of bullshit excuse? I think the emails I received were pretty clear. Remember that AWS failed two times in two weeks last year and they completely disabled AWS API access during those failures, which doesn't affect us downloading Xcode or dealing with provisioning, that affects live, production apps, that for many mean serious money. Remember how
Also, let's compare Amazon's response to a 2012 failure. The failure happened on a Friday night, taking completely out, a large number of web sites and applications, including Netflix, Pinterest and important to many developers, Heroku. Yet, it wasn't until Monday, that they released a statement explaining why, even when it was crystal clear it was power related. The kind of breach that Apple must have experience probably wasn't able to be forensically identified until many hours after the initial failure, yet in Amazon's case it was a power failure, which doesn't take a genius to need three days to release a statement.
I'm not defending Apple, but I am suggesting that our knee-jerk reactions be tempered by reality and how other companies have performed under similar situations.
I'm hope you were able to understand the grey vs. green! I suppose they could have used blinking text. Better yet, blinking red text with double strike-throughs. And, an auto-play theme song with the player controllers hidden in the footer. Anything to make it more obvious so we don't get misled into thinking grey actually meant: "This service is actually functioning, just ignore the bright green, those mean that the service is also functioning. At Apple, we think different and that starts with using two colors that mean the same thing so as to give an image that we're perfect and never make mistakes."
We apologize for the significant inconvenience caused by our developer website downtime. We've been working around the clock to overhaul our developer systems, update our server software, and rebuild our entire database. While we complete the work to bring our systems back online, we want to share the latest with you.
We plan to roll out our updated systems, starting with Certificates, Identifiers & Profiles, Apple Developer Forums, Bug Reporter, pre-release developer libraries, and videos first. Next, we will restore software downloads, so that the latest betas of iOS 7, Xcode 5, and OS X Mavericks will once again be available to program members. We'll then bring the remaining systems online. To keep you up to date on our progress, we've created a status page to display the availability of our systems.
If your program membership is set to expire during this period, it will be extended and your app will remain on the App Store. If you have any other concerns about your account, please contact us.
Thank you for your continued patience.