12 million iphone and ipad devices hacked, claim by anonymous | |
Anonymous Coward User ID: 1284355 United States 09/04/2012 09:48 AM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 8936539 United States 09/04/2012 09:49 AM Report Abusive Post Report Copyright Violation | This should be pinned. What was an FBO special agent doing with "user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.," on his notebook? The Dell Vostro is said to have belonged to Supervisor Special Agent Christopher K. Stangl from the FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team; his system was hacked using an AtomicReferenceArray vulnerability in Java |
Anonymous Coward User ID: 23157396 United Kingdom 09/04/2012 09:57 AM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 3792887 Thailand 09/04/2012 09:57 AM Report Abusive Post Report Copyright Violation | From the anonymos message: so the big question: why exposing this personal data? well we have learnt it seems quite clear nobody pays attention if you just come and say 'hey, FBI is using your device details and info and who the fuck knows what the hell are they experimenting with that', well sorry, but nobody will care. FBI will, as usual, deny or ignore this uncomfortable thingie and everybody will forget the whole thing at amazing speed. so next option, we could have released mail and a very small extract of the data. some people would eventually pick up the issue but well, lets be honest, that will be ephemeral too. So without even being sure if the current choice will guarantee that people will pay attention to this fucking shouted 'FUCKING FBI IS USING YOUR DEVICE INFO FOR A TRACKING PEOPLE PROJECT OR SOMESHIT' well at least it seems our best bet, and even in this case we will probably see their damage control teams going hard lobbying media with bullshits to discredit this, but well, whatever, at least we tried and eventually, looking at the massive number of devices concerned, someone shouldcare about it. Also we think it's the right moment to release this knowing thatApple is looking for alternatives for those UDID currently and since a while blocked axx to it, but well, in this case it's too late for those concerned owners on the list. we always thought it was a really bad idea. that hardware coded IDs for devices concept should be erradicated from any device on the market in the future. so now candy was delivered. few words, and just a few, about how the shit came. we don't like too much about disclosing this part, we understood it would be needed, so, fuck whatever. lost asset. Hope it serves for something. During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose. |
Anonymous Coward User ID: 23157396 United Kingdom 09/04/2012 09:59 AM Report Abusive Post Report Copyright Violation | www.ncfta.net/ The NCFTA functions as a conduit between private industry and law enforcement with a core mission to identify, mitigate and neutralize cyber crime. why would this org have 12 million iphone customer details? ? all 12 million criminals? or something else |
Anonymous Coward User ID: 3792887 Thailand 09/04/2012 10:00 AM Report Abusive Post Report Copyright Violation | anonymous reveals the corruption of the gov yet again. Quoting: Anonymous Coward 23157396 FBI with 12 million iphone customer details... brings me to the question.. why iphone only? do you have one? and will you still use it? So the hackers only got the iPhone file. Do you think FBI only collected iPhone data? The Java AtomicReferenceArray vulnerability exploit would work on Android as well, and Android phones also use also use UDIDs. Use an iPhone or use a Samsung...it's all the same. |
Anonymous Coward (OP) User ID: 23128507 Australia 09/04/2012 10:05 AM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23157396 United Kingdom 09/04/2012 10:12 AM Report Abusive Post Report Copyright Violation | anonymous reveals the corruption of the gov yet again. Quoting: Anonymous Coward 23157396 FBI with 12 million iphone customer details... brings me to the question.. why iphone only? do you have one? and will you still use it? So the hackers only got the iPhone file. Do you think FBI only collected iPhone data? The Java AtomicReferenceArray vulnerability exploit would work on Android as well, and Android phones also use also use UDIDs. Use an iPhone or use a Samsung...it's all the same. they didnt hack the phones they hacked the laptop, with the file on it. so the java exploit and the device type is irrelevant. only a file containing iOS devices was found with no explanation. we could guess all day about the data they have on other devices, but lets stick to the point of what we know. they have 12 million iOS customer details. why?! |
Anonymous Coward User ID: 23022509 United States 09/04/2012 10:18 AM Report Abusive Post Report Copyright Violation | anonymous reveals the corruption of the gov yet again. Quoting: Anonymous Coward 23157396 FBI with 12 million iphone customer details... brings me to the question.. why iphone only? do you have one? and will you still use it? So the hackers only got the iPhone file. Do you think FBI only collected iPhone data? The Java AtomicReferenceArray vulnerability exploit would work on Android as well, and Android phones also use also use UDIDs. Use an iPhone or use a Samsung...it's all the same. they didnt hack the phones they hacked the laptop, with the file on it. so the java exploit and the device type is irrelevant. only a file containing iOS devices was found with no explanation. we could guess all day about the data they have on other devices, but lets stick to the point of what we know. they have 12 million iOS customer details. why?! Three little letters. S P Y |
Anonymous Coward User ID: 3792887 Thailand 09/04/2012 10:19 AM Report Abusive Post Report Copyright Violation | anonymous reveals the corruption of the gov yet again. Quoting: Anonymous Coward 23157396 FBI with 12 million iphone customer details... brings me to the question.. why iphone only? do you have one? and will you still use it? So the hackers only got the iPhone file. Do you think FBI only collected iPhone data? The Java AtomicReferenceArray vulnerability exploit would work on Android as well, and Android phones also use also use UDIDs. Use an iPhone or use a Samsung...it's all the same. they didnt hack the phones they hacked the laptop, with the file on it. so the java exploit and the device type is irrelevant. only a file containing iOS devices was found with no explanation. we could guess all day about the data they have on other devices, but lets stick to the point of what we know. they have 12 million iOS customer details. why?! The point is that the same Java exploit would work on iOS or Android, so FBI has them both. Anonymous only got the iPhone file...perhaps one of many. The UDID (iOS) or UUID (Android) identifies the actual handset. If a special agent is carrying those around on the desktop of his Dell laptop, the files are probably well-distributed. But indeed, the question is "why"? And under what authority does FBI collect such personal information from American citizens? |
Anonymous Coward User ID: 15740069 United States 09/04/2012 10:20 AM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23157396 United Kingdom 09/04/2012 10:22 AM Report Abusive Post Report Copyright Violation | anonymous reveals the corruption of the gov yet again. Quoting: Anonymous Coward 23157396 FBI with 12 million iphone customer details... brings me to the question.. why iphone only? do you have one? and will you still use it? So the hackers only got the iPhone file. Do you think FBI only collected iPhone data? The Java AtomicReferenceArray vulnerability exploit would work on Android as well, and Android phones also use also use UDIDs. Use an iPhone or use a Samsung...it's all the same. they didnt hack the phones they hacked the laptop, with the file on it. so the java exploit and the device type is irrelevant. only a file containing iOS devices was found with no explanation. we could guess all day about the data they have on other devices, but lets stick to the point of what we know. they have 12 million iOS customer details. why?! The point is that the same Java exploit would work on iOS or Android, so FBI has them both. Anonymous only got the iPhone file...perhaps one of many. The UDID (iOS) or UUID (Android) identifies the actual handset. If a special agent is carrying those around on the desktop of his Dell laptop, the files are probably well-distributed. But indeed, the question is "why"? And under what authority does FBI collect such personal information from American citizens? no your missing the point, the java exploit was used to get the file off the laptop, it has nothing to do with the phones. |
Anonymous Coward User ID: 23157396 United Kingdom 09/04/2012 10:23 AM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 15740069 United States 09/04/2012 11:32 AM Report Abusive Post Report Copyright Violation | |
Anonymous Coward (OP) User ID: 23128507 Australia 09/04/2012 02:19 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23171984 United Kingdom 09/04/2012 02:40 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 22293617 United States 09/04/2012 03:00 PM Report Abusive Post Report Copyright Violation | |
AtsuiPanda User ID: 16510251 United States 09/04/2012 03:05 PM Report Abusive Post Report Copyright Violation | |
institutionalized User ID: 21503979 United States 09/04/2012 03:08 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23171984 United Kingdom 09/04/2012 03:18 PM Report Abusive Post Report Copyright Violation | |
Anubis User ID: 4949345 Canada 09/04/2012 03:27 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 22989940 United States 09/04/2012 03:27 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23181603 United States 09/04/2012 03:32 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23181603 United States 09/04/2012 03:33 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23171984 United Kingdom 09/04/2012 03:36 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23171984 United Kingdom 09/04/2012 03:38 PM Report Abusive Post Report Copyright Violation | |
Anubis User ID: 4949345 Canada 09/04/2012 03:41 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23182108 United Kingdom 09/04/2012 03:44 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 23171984 United Kingdom 09/04/2012 03:52 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 22974578 Australia 09/04/2012 05:10 PM Report Abusive Post Report Copyright Violation | |