Topic: AntiSec Hacking group leaks 1 million Apple user IDs

[Chozo Ghost]

http://news.yahoo.com/blogs/technology-blog/hacking-group-leaks-1-million-apple-user-ids-161351857.html

According to the Anonymous-allied hackers, a list of 12.4 million Apple Unique Device Identifiers (UDID) was found on an FBI agent's Dell notebook. Each UDID was associated with user names, device info, and in some cases, phone numbers, names, and addresses. It is unknown why the FBI would have such information on hand. AntiSec leaked 1,000,001 of those UDIDs to bring light to the government's data collecting effort

Oh no UDIDn't!

[Ceric]

That just happen to also be the only way those 1,000,001 people could every find out there AppleID.

[Oblivion]

They did so so at least 1/12 of the people the FBI is tracking could see if they were on the list. I wasn't on the list, but I could still be on one of the other 11 million UDIDs. I love how more people are pissed that hackers have some of them when the FBI had them in the first place. Fucking idiots.

[Plugabugz]

They did so so at least 1/12 of the people the FBI is tracking could see if they were on the list. I wasn't on the list, but I could still be on one of the other 11 million UDIDs. I love how more people are pissed that hackers have some of them when the FBI had them in the first place. Fucking idiots.

Agreed.

Which brings me to my second question. Why were these on a laptop?

[TJ Spyke]

I question this criminal group's claims in the first place. Maybe they are telling the truth, maybe not. I don't trust these criminals having the personal info of 12 million people, even if they only released 1/12th of it.


Yes, I already know the reaction some people will have to my post.

[BranDonk Kong]

 But you trust the FBI with it?

[TJ Spyke]

IF the FBI had it (which I don't think they did, this criminal group offers no proof the FBI did, and which the FBI has called the claim false), I wouldn't care less. They can't track my with the info, and I have nothing suspicious on it.

[BranDonk Kong]

Why couldn't they? If the "criminals" can use it to do whatever, then the FBI can as well...the FBI doesn't NEED any of this stuff, which makes it more suspicious if they do have it.

[nickmitch]

They did so so at least 1/12 of the people the FBI is tracking could see if they were on the list. I wasn't on the list, but I could still be on one of the other 11 million UDIDs. I love how more people are pissed that hackers have some of them when the FBI had them in the first place. Fucking idiots.

Agreed.

Which brings me to my second question. Why were these on a laptop?

Is the problem really the laptop? People who work with information tend to carry it around that way.

[nickmitch]

Why couldn't they? If the "criminals" can use it to do whatever, then the FBI can as well...the FBI doesn't NEED any of this stuff, which makes it more suspicious if they do have it.

I would think that there should be enough trust in a government agency to not do anything malicious with private data. Whether they got it through nefarious means or not, you have to at least assume it was for a reason that seemed like a good one at the time.

[Chozo Ghost]

Maybe it was all part of the War on Terrorism(TM)

[Morari]

And we know that nothing nefarious has ever been done in the name of "homeland security"...

[UncleBob]

I would think that there should be enough trust in a government agency to not do anything malicious with private data.

There *should* be.  There isn't.

But let's not go there, for we'd get far too deep into a political discussion.

My concern is less that these hackers have the information and less that the FBI had the info... but how did the FBI get it?  Did Apple hand it over?

[Plugabugz]

They did so so at least 1/12 of the people the FBI is tracking could see if they were on the list. I wasn't on the list, but I could still be on one of the other 11 million UDIDs. I love how more people are pissed that hackers have some of them when the FBI had them in the first place. Fucking idiots.

Agreed.

Which brings me to my second question. Why were these on a laptop?

Is the problem really the laptop? People who work with information tend to carry it around that way.

For all intents yes it is the problem. A few years back sensitive government data was left on laptops and USB drives which was left on public transport across london. A few times.

How do you avoid these hacks/leakages happening in this fashion? Don't allow the data to leave the building.

By putting it on a portable device the risk of theft or unauthorised access simply increases. Even with encryption, you're still physically carrying the device that contains the data you want.

I'm not going to get into why they had it as thats not the primary issue for me. If they can't keep the data they do have secure by policy then that tends to worry me more.

[Oblivion]

I don't care about "hackers" having my UDID. I care about the FBI having it. The "hackers" could've kept it a secret while using the UDIDs maliciously, but they came forward to let us know about it. I want to know why the FBI were using 12 million UDIDs. Obviously, it was for tracking, but why?

[TJ Spyke]

I don't care about "hackers" having my UDID. I care about the FBI having it. The "hackers" could've kept it a secret while using the UDIDs maliciously, but they came forward to let us know about it. I want to know why the FBI were using 12 million UDIDs. Obviously, it was for tracking, but why?

You are assuming these hacker criminals are telling the truth. Second, the UDID's aren't used to track you. Third, I trust the FBI with that info more than a bunch of criminals.

[Oblivion]

LOL hacker criminals? Like I said in that post you quoted, they didn't have to say a word. They could've went on their merry little way while having all these UDIDs and not tell us. Also, the UDIDs have records of the **** on your iOS device. Your browsing history, credit card numbers, etc, etc.

[Stogi]

Over the past month, I have been contemplating when, if ever, the government will give back the power dictated in the Patriot Act. And I've come to the conclusion: only when the people ask for it back. What organizations, if they can be called that, like Anti-sec and Anonymous are trying to do is show how voluntarily and involuntarily we give up our personal information to those undeserving or to those who can't protect it or both.

These organizations are based on a trust with the people that they can never break or forever link the word hacker with criminal. And it is because their honor and vitality as a truth-sayer is so fragile that I believe them when they speak. I have no other choice. I remain sceptical, but more so to those entities that they out, for they have less to lose.

[Chozo Ghost]

Over the past month, I have been contemplating when, if ever, the government will give back the power dictated in the Patriot Act.

When has any government ever in the history of mankind voluntarily given back any kind of power? At the time it was introduced the Patriot act was said to be temporary measure, but it has now become permanent. People aren't even really talking about it anymore. We just seem to accept it even though its unconstitutional.

[Stogi]

We are in agreement, though I don't think we accept it. I think most people fear what'll happen if we don't accept it.

But no more talk about that unless you want someone to quote FDR.

[Fatty The Hutt]

When has any government ever in the history of mankind voluntarily given back any kind of power?

The Canadian Government has, thank you very much.
I refer you to the Quebec "October Crisis" of 1970 when the War Measures Act was temporarily invoked.
From Wikipedia:

The circumstances ultimately culminated in the only peacetime use of the War Measures Act in Canada's history ...
 
the War Measures Act gave police the power to arrest people without warrant, and 497 people were arrested ...
 
Once the War Measures Act was in place, arrangements were made for all detainees to see legal counsel. There were cases, however few, of people having cause to be upset by the method of their interrogation; however, the majority of those interviewed after had little cause to complain and several even commented on the courteous nature of the interrogations and searches,^[20] In addition, the Quebec Ombudsman, Louis Marceau, was instructed to hear complaints of detainees, and the Quebec government agreed to pay damages to any person unjustly arrested. On February 3, 1971, John Turner, Minister of Justice of Canada, reported that 497 persons had been arrested under the War Measures Act, of whom 435 had already been released. The other 62 were charged, of which 32 were accused of crimes of such seriousness that a Quebec Superior Court judge refused them bail.
 ...
 
Since then, however, the government's use of the War Measures Act in peacetime has been a subject of debate in Canada as it gave police sweeping powers of arrest and detention.

[Ceric]

Different times I think about moving to Canada.

[TJ Spyke]

We just seem to accept it even though its unconstitutional.

I didn't realize you were a member of the Supreme Court and can decide what is unconstitutional. Parts of the USA PATRIOT Act could be debatable, other parts are clearly constitutional.

Nothing has happened or will ever happen to people who don't support it.

[nickmitch]

They did so so at least 1/12 of the people the FBI is tracking could see if they were on the list. I wasn't on the list, but I could still be on one of the other 11 million UDIDs. I love how more people are pissed that hackers have some of them when the FBI had them in the first place. Fucking idiots.

Agreed.

Which brings me to my second question. Why were these on a laptop?

Is the problem really the laptop? People who work with information tend to carry it around that way.

For all intents yes it is the problem. A few years back sensitive government data was left on laptops and USB drives which was left on public transport across london. A few times.

How do you avoid these hacks/leakages happening in this fashion? Don't allow the data to leave the building.

By putting it on a portable device the risk of theft or unauthorised access simply increases. Even with encryption, you're still physically carrying the device that contains the data you want.

I'm not going to get into why they had it as thats not the primary issue for me. If they can't keep the data they do have secure by policy then that tends to worry me more.

Most government agencies forbid flash drives from being on their premises. The problem is people still need to do work even if they're not in the office and remote access isn't always ideal or possible. I know it doesn't seem safe, but it's really the individual in question who acted irresponsibly, not the agency.

[tendoboy1984]

**** hackers, **** the FBI.