App Developer Says Stolen UDIDs Came From Them, Not FBI

← Back to Stories (view on slashdot.org)

App Developer Says Stolen UDIDs Came From Them, Not FBI

Posted by samzenpus on Monday September 10, 2012 @05:53AM from the who's-to-blame dept.

pdabbadabba writes "A Florida iPhone and iPad app developer, Blue Toad, has come forward claiming that it is the source of the Apple UDIDs previously released by Anonymous. Their dataset, they say, is a 98% match for the one Anonymous hackers claim to have stolen from an FBI laptop. If so, this development would cast serious doubt on Anonymous' claims and, possibly, calm fears that this data is evidence of an ongoing FBI surveillance operation (a claim the FBI has also denied)."

12 of 180 comments (clear)

Min score:

Reason:

Sort:

Hm... by JustAnotherIdiot · 2012-09-10 05:56 · Score: 4, Insightful

Which side to believe when both sides are known liars?

--
What do I know, I'm just an idiot, right?
1. Re:Hm... by Anonymous Coward · 2012-09-10 06:16 · Score: 5, Insightful
  
  Oh this is getting funny.
  Ridiculously unlikely conspiracy theory get blown out of the water? Not a problem... just double-down on the crazy!
  Let's see if I've got this straight. So the FBI and Apple are secretly in collusion to provide LE with a database of increasingly-useless UUID's, and the FBI stored this super-secret database in-the-clear on a laptop, the database was stolen from the FBI, but they somehow know the people that did it can't demonstrate that, so they secretly paid a 3rd party a big sum of cash to take a nasty PR hit, knowing the public (excepting those unusually perceptive slashdotters) would buy he cover story since it's, you know, far more likely to have happened that way in the first place.
  Have I got it?
2. Re:Hm... by ColdWetDog · 2012-09-10 06:32 · Score: 5, Funny
  
  You're forgetting the fact that it was Obama's fault all along.
  
  --
  Faster! Faster! Faster would be better!
The real question! by HornWumpus · 2012-09-10 05:57 · Score: 4, Interesting

The next question: What was Blue Toad up to? Why did the FBI have a copy of their data? How many FBI back doors are their in Blue Toads apps?
Lets run those apps under traffic analysis. The version that was live a week ago.

--
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Re:And that company is... by amicusNYCL · 2012-09-10 06:05 · Score: 4, Interesting

As phrased by an article at ZDNet, it's any company that allows this result:

So there are two things we know: Apple and the FBI are back on the Christmas card lists of the general public, and hackers apparently lie.

Apple and the FBI are good, and hackers are bad. Apparently that's the lesson to take away from this.
According to their article in Wikipedia, it's also a company that lists the Department Of State and the Public Relations Society of America among their customers.

--
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Re:Dont trust anonymous by Anonymous Coward · 2012-09-10 06:08 · Score: 5, Interesting

Or maybe that you just can't trust Blue Toad, who got paid behind the scenes to take the fall for this.
Or maybe that was a double fake, and that this whole thing was set up as a distraction by Google to undermine iPhone.
Or maybe it was actually stolen by the EFF, who then spoofed an FBI operation for Anonymous to find so that they could promote their agenda.
(Or maybe you're completely right)
Blue Toad is a liar? Believe the SIMPLEST answer by SuperKendall · 2012-09-10 06:19 · Score: 4, Informative

How is Blue Toad a liar?
They are admitting a serious breech which impacts goodwill at the company.
Even at the time of the UDID release, I argued that the simplest explanation was simply that the list came from some app developer that had a server collecting some data. After all, if the data came from Apple OR the FBI, it should be WAY larger and the subset we saw should be WAY more complete, the only reason why such data would be sparse is that it was collected by an app that ran on a variety of devices with a variety of information provided by the users. There was also no reason WHY the FBI would even care about a UDID for a user since Apple had discontinued use months ago and there is really no way to use that data for anything useful.
Now the Blue Toad admission verifies what was already by far the likely scenario. At this point to believe anything else is right up there at the three-tinfoil hat level.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Re:I RTFA by RaySnake · 2012-09-10 06:19 · Score: 5, Informative

Take a look at the website of the researcher who did the legwork here. He even gives a detailed description of the advanced tools he used (cut and sort :-P) to elide the source. http://intrepidusgroup.com/insight/2012/09/tracking-udid-src/
Re:And that company is... by Sarten-X · 2012-09-10 06:22 · Score: 4, Interesting

According to their article in Wikipedia, it's also a company that lists the Department Of State and the Public Relations Society of America among their customers.
As soon as I saw that, my thought was "so that's where the kid thought he was".
I figure a script kiddie broke into the Blue Toad servers, found some documents talking about working with the government (perhaps the FBI in particular), then found the UDIDs, and jumped to the conclusion that they had broken into an FBI system involved in domestic surveillance. Then they release it as Anonymous in an act of misguided privacy activism, throwing in an agent's name (possibly even mentioned in the found files) for credibility.
I'm jumping to conclusions myself, though, and assuming that there's some shred of truth to anybody's statements.

--
You do not have a moral or legal right to do absolutely anything you want.
Re:And that company is... by Infernal+Device · 2012-09-10 06:49 · Score: 5, Interesting

...and it could just as easily be a case where the FBI requested this list from Blue Toad, or Blue Toad submitted this list as part of an investigation. All we know now is where the data likely originated -- which is precisely where everyone assumed it originated anyway (a single developer list).
It could also be that the developer got hacked w/o being involved with the FBI in any way, prior to the attack.
Which, on the whole, is a lot simpler explanation than a conspiracy theory.

--
"My God...it's full of trolls!"
Re:Dont trust anonymous by hemo_jr · 2012-09-10 07:23 · Score: 4, Insightful

As a true conspiracy nut, I would not put it past 1. the FBI to have gotten its data from Blue Toad or 2. Blue Toad covering up for the FBI.
Re:And that company is... by idontgno · 2012-09-10 07:33 · Score: 4, Funny

Ah, yes. The colloquializtion of Occam's Razor is "All things being equal, the simpler theory is more likely."
However, this neglects the little-known fact that William of Ockham was one of the founding members of the real Illuminati (and not the 18th-Century cover organization everyone knows about). He planted his philosophical disinformation into the intellectual culture specifically to cover the elaborate and long-running schemes he knew his secret society would enact over the coming centuries. By making us think that the simpler solution is the better one, he innoculated us against uncovering complex and insidious schemes, or believing them if they are uncovered. Fnord.

--
Welcome to the Panopticon. Used to be a prison, now it's your home.