Slashdot Mirror
Anonymous Leaks 1M Apple Device UDIDs
Orome1 writes "A file containing a million and one record sets containing Apple Unique Device Identifiers (UDIDs) and some other general information about the devices has been made available online by Anonymous hackers following an alleged breach of an FBI computer. 'During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java,' the hackers claim."
Update: 09/04 13:44 GMT by T : A piece at SlashCloud points out that if the leak is genuine, this raises some sticky questions about privacy and security; in particular: "[H]ow did the agency obtain said information, and to what purpose? Why did all that personal data reside on the laptop of one special agent?"
Why is that more likely?
You think if the FBI asks Apple or AT&T won't cough up such a list?
Yes, that seems like the larger issue here. What purpose does the FBI Cyber Action team have with 12M Apple UUIDs (from TFA: of which only 1M was leaked so far)?
This actually seems like a care of actual well-meaning hacktivism, as the purpose here is to inform users they are being tracked. It is only a matter of time before the remaining UUIDs are released. Unfortunately, most people have little more tech savvy than a newborn, so it is unlikely many people will even know how to compare their device to the list even if they care to do so.
The best we can hope for is that more of them wake up to the large-scale surveillance being undertaken and the abuse of power it represents. I wish I could be optimistic, but I know better by now.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
From that comment I gather that you believe an anonymous person who claims to be a hacker who claims to have gotten what he claims is Apple UDIDs from what he claims was an FBI computer.
geeks? I see no geeks there, why would geeks using fashion accessories instead of smartphones or using devices made by a company who likes to install rootkits on their users machines?
Oh please, all the big boys play this game. Any major firm is not going to do anything other than send a bill when any three letter agency asks for data. Nothing to do with favors, just typical amoral corporate behavior that we need to regulate against.
The problem is that although Anonymous does have a list of Apple IDs (which I doubt has been verified yet), they don't have hard evidence attributing them to an FBI source. We have to just take their word on that one, unless the FBI admits to the breach.
Better known as 318230.
We need government rules against a company cooperating with the government?
On one hand you argue for regulation, which is more powerful government. On the other hand, you bemoan the government using any power.
Companies and governments don't go to heaven. They don't act morally or amorally. They just do what is necessary to get thru the day.
THL phish sticks
The fact that it is facebook?
Facebook exists for basically this sort of thing. Tracking devices or not, anything you post to it you should consider public knowledge. Sure you have privacy settings, which do not apply to the three letter agencies. At some point they may not apply to anyone.
I am not saying don't use it, but consider anything you say on facebook the same as printing it on a billboard.
"Why did all that personal data reside on the laptop of one special agent?"
Probably it didn't and doesn't.
Reside on the laptop of *just one* special agent, that is.
Whenever one of these special agents gets something particular from the boss, all the others want that, too.
So - why does a cop car need a million bucks worth of Heroin in their boot ?
One option is - they nabbed a criminal.
EMail: 0110001101100010010000000110001101110010 0110000101111010011011100110000101110010 0010111001100011011011110110
This is considered "insightful"? If Shavano had taken the 5 seconds required to verify that those UDID are, in fact, valid, he wouldn't be saying silly things like this.
Sure, we have no idea of the source of this (FBI, Apple, random person with 1M+ harvested UDIDs, etc.), but it's trivial to verify that (at least a good part of the data) is valid.
Maybe google for "Apple UDID deanonymize" and you'll get there.
I think you do not understand the separation of powers: legislative power (congress) would make a law prohibiting collecting arbitrary data about individual citizens without reason and companies to provide them that information without due process. Executive power (government) is not allowed to subvert that law.
There isn't much bi-partisan common ground in the US. But on the subject of Congress being unwilling and/or unable to prevent the Executive Branch from violating laws in such areas as arrest, detention, search, seizure and privacy, the parties are of one mind. There are perhaps a handful of Senators and Representatives willing to speak up about it, but even they're too scared to actually point fingers and name names.
I am not a crackpot.
From the article I read the laptop was owned by the agent not the FBI which raises a whole pant load of other questions.
That's okay, we already know you are 1153867, we don't need computer serials to identify you.
Change is certain; progress is not obligatory.