http://www.informationweek.com/security/attacks/fbi-antisec-spar-on-apple-ids/240006742 By Mathew J. Schwartz InformationWeek September 05, 2012 Does the release of one million Apple UDIDs (Unique Device Identifiers)--including device types and associated usernames--reveal a massive device-tracking operation involving the FBI, an attempt by the hacktivist group AntiSec to make the bureau look bad, or something in between? For now, the related debate continues to rage online. The FBI, for its part, took to Twitter Tuesday to say that any suggestion that one of its agents was collecting or storing millions of UDIDs was "totally false" and that the agency "never had the info in question." In an official statement emailed to journalists, meanwhile, the FBI said that "at this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data." In response to the FBI's official statement, AntiSec noted via the AnonymousIRC channel that "this is far from denial," and continued to taunt the FBI. "Before you deny too much: Remember we're sitting on 3TB additional data. We have not even started," it said. But is the leaked UDID data legit? AntiSec said via the Par:AnoIA website that the data "was involuntarily provided by Special Agent Christopher Stangl, whose notebook was breached by AntiSec in March 2012," and that "among the data on his notebook was a file named NCFTA_iOS_devices_intel.csv which contained a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, ZIP codes, cell phone numbers, and addresses." [...] -- #HITB2012KUL - The 10TH ANNUAL HITB Security Conference in Malaysia with no keynotes, no labs - just three tracks filled with our most popular speakers from the last decade: http://conference.hitb.org/Received on Thu Sep 06 2012 - 01:46:18 PDT
This archive was generated by hypermail 2.2.0 : Thu Sep 06 2012 - 01:47:50 PDT