Linked by Thom Holwerda on Tue 4th Sep 2012 09:00 UTC
Apple This could be big - although just how big remains unclear. "There you have. 1,000,001 Apple Devices UDIDs linking to their users and their APNS tokens. The original file contained around 12,000,000 devices. We decided a million would be enough to release. We trimmed out other personal data as, full names, cell numbers, addresses, zipcodes, etc." How did AntiSec get this data (they claim)? From an FBI laptop. Why an FBI laptop would have a file with personal information on 12 million iOS users, we don't know - especially since 10000 of them are Dutch/Belgian, and last I checked, those do not fall under FBI jurisdiction. Did the FBI obtain it from an application developer, or from Apple itself? Then again - 12 million users? From a single iOS developer? I find that hard to believe.
Permalink for comment 533978
To read all comments associated with this story, please click here.
Alfman
Member since:
2011-01-28

1M or 12M, same thing. Either way it shows that the data wasn't sufficiently protected, which is what AntiSec set out to demonstrate. I understand the hatred towards the group, but whether we like them or not I think it does provide an incentive for companies to improve their security practices.

I'm willing to bet that more than half of us work at companies with lax security where the managers privately don't care for (or can't justify) working towards resolving security problems until AFTER they've been exploited. I still remember one response when I personally pressed the issue with a PM (paraphrased) "we get paid to add new feature, we don't get paid to fix the old ones". What disturbs me about it is that it's absolutely true, so we end up with data being vulnerable and no one wants to pay to fix it. Politicians make laws like HIPAA, but from where I'm sitting it hasn't made much of a difference on the ground level in IT.

Reply Parent Score: 3