http://news.cnet.com/8301-27080_3-20007407-245.html By Elinor Mills InSecurity Complex CNet News June 10, 2010 A hacker involved with a highly publicized data breach is taking some flack, but he says he and his colleagues simply acted in the public's best interest. AT&T was forced to scramble to fix a security hole in its Web site that exposed e-mail addresses of more than 100,000 iPad users this week. AT&T says it learned about the Web site flaw from an enterprise customer on Monday and that it was fixed on Tuesday. Goatse Security, the group that uncovered the security flaw, revealed the details to a blog site on Wednesday, touching off a media frenzy. The FBI now says it is investigating the breach, which exposed e-mail addresses of government officials and executives in media, finance, and technology, among others. On Thursday, CNET talked to Escher Auernheimer, one of Goatse's main members and whose hacker name is "Weev," about the group and what motivates them. Q: An AT&T spokesman says the group did not contact the company. Can you comment? Auernheimer: We chose not to engage in a direct dialogue. We did not give details of the attack or the data to anyone until we verified that the hole was closed on their Web site on Tuesday. And we only gave it to Ryan Tate at Gawker Media because he agreed he would censor the ICCIDs and the e-mails so they couldn't be used to compromise anything. We did the best we could. But we did want not engage directly with AT&T in case they tried to serve us (an injunction) or something. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Thu Jun 10 2010 - 22:02:49 PDT
This archive was generated by hypermail 2.2.0 : Thu Jun 10 2010 - 22:06:33 PDT