FBI Investigating iPad E-Mail Leaks

CWmike writes "The Federal Bureau of Investigation has opened an investigation into the leak of an estimated 114,000 Apple iPad user e-mail addresses. Hackers belonging to a group called Goatse obtained the e-mail addresses after uncovering a web application on AT&T's website that returned an iPad user's e-mail address when it was sent specially written queries. After writing an automated script to repeatedly query the site, they downloaded the addresses, and then handed them over to Gawker.com. Now the FBI is trying to figure out whether this was a crime. US law prohibits the unauthorized accessing of computers, but it is unclear whether the script that the Goatse group used violated the law, said Jennifer Granick, civil liberties director with the Electronic Frontier Foundation. 'The question is, when you do an automated test like this, [are you] getting any type of unauthorized access or not,' she said. If it turns out the data in question was not misused, it is unlikely that federal prosecutors will press charges, she added."

Re:Ha ha, I love the genius of the hackers' name

[WoRLoKKeD]

I for one hope this is taken further, then someone releases the fact that these Goatse guys are the good guys.

How often do you see an opportunity for a headline to read "GOATSE INCIDENT BLOWN WIDE OPEN!"?

Re:Ha ha, I love the genius of the hackers' name

[GuruBuckaroo]

OK, seriously. Why do people post things like this? I'm actually curious. It can't be "for the lulz", 'cause nobody's laughing - they're all thinking "god what an idiot this guy is". What possible purpose could you have for doing this? It's not even like you're getting some kind of notoriety out of it, 'cause you're posting as AC. I honestly can't think of any reason so much of this kind of pap gets posted here, or on any open forum. It baffles me.

Re:Ha ha, I love the genius of the hackers' name

[Ethanol-fueled]

You sound like a faggot.

Re:Not you too, Slashdot

[aliquis]

So, if you were one of the people who had their personal email leaked, would you be thanking the good guys right now for doing it?

From http://security.goatse.fr/blog/:

We did not contact AT&T directly, but we made sure that someone else tipped them off and waited for them to patch until we gave anything to Gawker. This is as “nice guy” as it gets. We had no interest in direct dialogue with AT&T, but we waited nicely for them to get their house in order and get their hole plugged tight before exposing it.

So they didn't contact AT&T directly, probably to stay anonymous from any kind of investigations or such, but they still tipped of AT&T indirectly before the article and most likely did not spread the information further. Gawker got it for their article, AT&T got to close the leak and that's it.

So yeah, definitely good guy approach to me.

Re:Not you too, Slashdot

[WNight]

You're hopelessly emotional and stack the deck. "Push someone through a broken railing" ... presumably between them and something deadly.

Oh yeah, that totally compares to snooping.

The scale of this is relevant, because it's a far lesser problem to have your email publicly leaked (as happened) than to be approached in a phishing scam when you thought you were safe.

So yeah, I'd rather some snoopers inconvenience some people (mostly AT&T who need inconveniencing!) than serious fraudsters scam them. And I'd like attention brought to crap security because it's endemic in the industry. Apple presents itself as "just working" and insists that the entire stack, software and hardware will. Now they're discovering the stack includes network providers and other "partners".

Re:Ha ha, I love the genius of the hackers' name

[qubezz]

And once again, Apple (nee AT&T) calls in the cops to criminalize publicising its goofs, and have jackboot thugs toss the media's computers...