Notes on Apple's internal software that no one saw
It so happened that yesterday, rummaging through the wilds of the BSD part of the Darwin kernel and in VFS, I again came across a link like rdar ...
For those who do not know: Apple has a public bug tracker (http://bugreport.apple.com, an alternative entry called radar.apple.com). But it is public only for sending and contemplating its own posts (and the status of their permission), which often turn out to be duplicates.
Only descriptions of all problems and their solutions can be read directly by the Apple developers themselves or by very cool external organizations.
As a rule, no one on the Internet has heard how to access the database of radar errors for arbitrary reading and in general very few people know what this system is.
')
Moreover, Apple is not profitable to give access to this database at least for the following reasons:
This note will not give you access to the radar database, but will indicate in which direction you can go and what tools Apple has at the moment - magic tools that the company does not share even with paid members of the ADC (Apple Developer Connection).
There is an alternative to the radar service: openradar.appspot.com (although it has nothing to do with Apple).
And it is unlikely that in it you will find the necessary descriptions of problems from Apple Radar.
Our company is an ADC, including a paid subscription, but this story does not violate any NDA, since it is based on information available (currently, the beginning of June 2010) without logins and passwords, to a simple Internet user.
Ironically, for now, Apple FTP access is open to an anonymous user!
Note the hidden folder '.shared'.
In the folder '.shared' there is also a hidden folder '.zzz_old_archives'.
They turned out a lot of tasty:
Programs have been installed, tested, and some light has shed the documentation that came with it.
So:
AppleConnect is a special software for organizing a VPN connection to Apple’s internal network, in particular for accessing Apple’s internal resources. As far as I understood, special keys were used to authenticate with AppleConnect (they are still in use now) - eTokens, probably connected via USB. Now, in many cases, Apple ID authentication is permissible (of course, every Apple ID has permissions for certain actions).
AppleConnect is able to live in the status menu next to the clock, and easily switch VPN and Apple ID settings for different inputs.
For radar, of great interest is the server ray.apple.com, whose ports are apparently only accessible from a VPN.
It seems that the tracker is running on Oracle Application Server, Java, WebObjects and, at least according to the documentation, on IBM servers running AIX.
In the last little hard to believe, for the current day, if we consider that Apple has its own good hardware Xserve. Or maybe they just do not want to touch this ancient system.
In the process of reading the documentation, a certain IT & S company also appeared.
It is to her that they propose to contact (by phone) for support on the radar and on the issues of connecting / receiving the login.
Maybe it's the MIT guys that Apple feeds.
Also, the probability is high that this is their site: ist.mit.edu
Radar - a huge system (a la Xcode), with a logo (icon) in the form of a blue anteater catching an ant.
Designed for both administrators, moderators and developers, and for readers from external organizations (eh-x, dreams).
Radar can work without GUI from the command line.
Sonar - as I understood at 4 am, this is some Radar rethinking, containing mostly ready-made solutions to problems and allowing you to add / edit solutions.
NFA is a virtual safe that protects various resources from outside eyes (useful when working graphics, projects, documents).
In general, a very funny software - download, install, watch, read.
I could not get access to the database - my logins in the ADC do not have the right to connect to Apple VPN.
But the closeness of the sacred and the signature in the documents "Apple Internal Use Only" gave a fair dose of adrenaline!
For a snack, a few screenshots:
(for connecting AppleConnect external settings)
Download, try, write about your results in the comments.
Hurry, after this article, anonymous access is likely to quickly cover.
Now, when a simple developer has become aware of more, maybe we can change something in this unjust world to us ...
For those who do not know: Apple has a public bug tracker (http://bugreport.apple.com, an alternative entry called radar.apple.com). But it is public only for sending and contemplating its own posts (and the status of their permission), which often turn out to be duplicates.
Only descriptions of all problems and their solutions can be read directly by the Apple developers themselves or by very cool external organizations.
As a rule, no one on the Internet has heard how to access the database of radar errors for arbitrary reading and in general very few people know what this system is.
')
Moreover, Apple is not profitable to give access to this database at least for the following reasons:
- Some information can damage the reputation of the system and give food to hackers when writing an exploit, at the moment the vulnerability is not fixed.
- Solutions of technical incidents to bypass the error Apple sells to developers for money
This note will not give you access to the radar database, but will indicate in which direction you can go and what tools Apple has at the moment - magic tools that the company does not share even with paid members of the ADC (Apple Developer Connection).
There is an alternative to the radar service: openradar.appspot.com (although it has nothing to do with Apple).
And it is unlikely that in it you will find the necessary descriptions of problems from Apple Radar.
Our company is an ADC, including a paid subscription, but this story does not violate any NDA, since it is based on information available (currently, the beginning of June 2010) without logins and passwords, to a simple Internet user.
Ironically, for now, Apple FTP access is open to an anonymous user!
MBP15: ~ $ ftp ftp.apple.com
Trying 17.254.0.79...
Connected to ftp.apple.com.
220 17.254.0.79 FTP server ready
331 Anonymous login ok, send your complete email address as your password.
230 Anonymous access granted, restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
200 Type set to I
ftp> ls -la
227 Entering Passive Mode (17,254,0,79,241,177).
150 Opening ASCII mode data connection for file list
drwxrwxrwx 7 ftpprod ftpprod 238 Nov 17 2009 .
drwxr-xr-x 15 ftpprod ftpprod 510 Nov 17 2009 ..
drwxrwxrwx 14 ftpprod ftpprod 476 May 22 18:28 .shared
drwxrwxrwx 3 ftpprod ftpprod 102 May 7 2003 Apple_Support_Area
drwxrwxr-x 20 ftpprod ftpprod 680 Aug 20 2007 developer
drwxrwxr-x 37 ftpprod ftpprod 1258 May 18 2004 emagic
drwxrwxr-x 11 ftpprod ftpprod 374 Mar 9 2004 filemaker
226 Transfer complete.
ftp>
Note the hidden folder '.shared'.
In the folder '.shared' there is also a hidden folder '.zzz_old_archives'.
They turned out a lot of tasty:
- AppleConnect
- Radar Client
- Sonar client
- NFA
- Various useful PDF & HTML files
Programs have been installed, tested, and some light has shed the documentation that came with it.
So:
AppleConnect is a special software for organizing a VPN connection to Apple’s internal network, in particular for accessing Apple’s internal resources. As far as I understood, special keys were used to authenticate with AppleConnect (they are still in use now) - eTokens, probably connected via USB. Now, in many cases, Apple ID authentication is permissible (of course, every Apple ID has permissions for certain actions).
AppleConnect is able to live in the status menu next to the clock, and easily switch VPN and Apple ID settings for different inputs.
For radar, of great interest is the server ray.apple.com, whose ports are apparently only accessible from a VPN.
It seems that the tracker is running on Oracle Application Server, Java, WebObjects and, at least according to the documentation, on IBM servers running AIX.
In the last little hard to believe, for the current day, if we consider that Apple has its own good hardware Xserve. Or maybe they just do not want to touch this ancient system.
In the process of reading the documentation, a certain IT & S company also appeared.
It is to her that they propose to contact (by phone) for support on the radar and on the issues of connecting / receiving the login.
Maybe it's the MIT guys that Apple feeds.
Also, the probability is high that this is their site: ist.mit.edu
Radar - a huge system (a la Xcode), with a logo (icon) in the form of a blue anteater catching an ant.
Designed for both administrators, moderators and developers, and for readers from external organizations (eh-x, dreams).
Radar can work without GUI from the command line.
Sonar - as I understood at 4 am, this is some Radar rethinking, containing mostly ready-made solutions to problems and allowing you to add / edit solutions.
NFA is a virtual safe that protects various resources from outside eyes (useful when working graphics, projects, documents).
In general, a very funny software - download, install, watch, read.
I could not get access to the database - my logins in the ADC do not have the right to connect to Apple VPN.
But the closeness of the sacred and the signature in the documents "Apple Internal Use Only" gave a fair dose of adrenaline!
For a snack, a few screenshots:
(for connecting AppleConnect external settings)
Download, try, write about your results in the comments.
Hurry, after this article, anonymous access is likely to quickly cover.
Now, when a simple developer has become aware of more, maybe we can change something in this unjust world to us ...
Source: https://habr.com/ru/post/95271/
All Articles