Forgot your password?
typodupeerror
Crime Government Privacy Security United States Apple Your Rights Online

FBI Denies It Held iPhone UDIDs Stolen By AntiSec 216

Posted by Unknown Lamer
from the it-was-actually-the-nsa dept.
judgecorp writes "The FBI has denied the UDID codes released yesterday came from an agent's laptop, as claimed by the AntiSec hacker group. The FBI says it does not hold such data, and the attack never happened. However, the agent named by AntiSec is real, and some of the published UDID codes have been found to be genuine. So where did they come from?"
This discussion has been archived. No new comments can be posted.

FBI Denies It Held iPhone UDIDs Stolen By AntiSec

Comments Filter:
  • Collection != leak (Score:4, Interesting)

    by AwaxSlashdot (600672) on Wednesday September 05, 2012 @08:54AM (#41233537) Homepage Journal

    There are 3 issues here:
    * who collected them ? (most probably an app)
    * who "lost" them ? (AntiSec claim they found it on a FBI agent laptop they compromised)
    * how the data went from #1 to #2 ?

    And the 3rd one is the most interesting.

  • Issue? (Score:3, Interesting)

    by symes (835608) on Wednesday September 05, 2012 @09:07AM (#41233621) Journal

    This is not something I know a great deal about, but surely the UDID is pretty easy to get hold of. Surely most suppliers will keep a record for warranty/insurance reasons. AFAIK, many apps can access this information. ITunes relies on it. These data could just be from the FBI looking for patterns of insurance fraud, or similar. And I wouldn't be surprised if a load or organizations hold this sort of data for a range of gadgets. I bought a fridge a while back and had to send the serial number off to some third party to have my warranty set up. I am happy to be corrected though, and told this is a huge privacy thing.

  • by falcon5768 (629591) <Falcon5768 AT comcast DOT net> on Wednesday September 05, 2012 @09:26AM (#41233815) Journal

    Only people foolish enough to think antisec actually cares about being truthful would think that. Lets face the facts here

    12 million is a piss in the pond in terms of iOS UDID codes. Its less than half the iPhones sold LAST QUARTER. If the FBI was realistically trying to build a database of them, there is no way at this point they would ONLY have 12 Million.

    12 million is more easily explained by being leaked from a developer, as up until half a year ago, developers were using the code to identify individual iPhones for various reasons like automatic sign-in to certain services like some of the multiplayer game services. Apple banned them from using it though half a year ago so at this point there was no reason to keep.

    The data it's self was incomplete. Some had legit names and addresses while most were just a ID code. If this was from a official source then there would have been a lot more data on most of these. On the otherhand if it was stolen from a developer who let users opt out of giving their information but used the code for autologin purposes, then there would be clear reason why most of the data has no user info attached.

    Antisec is still smarting from getting much of its higher ranking leadership arrested from a FBI plant

    So really there is no reason AT ALL to believe antisec's claims that they stole the info. There is however a lot more reason to suspect they were trying to stir the pot in the tech community by stoking already present fears of FBI spying which they did a pretty good job at. It gets clueless script kiddies riled up and makes them look cool. Sure the FBI can be shady, but of the law enforcement agencies out there I would honestly have to say they are the least shady of the bunch and tend to release information without bending the truth too much, even when it has the possibility of embarrassing them. Not saying they ALWAYS do it, just saying they tend to be more forthcoming than other government agencies.

  • by crazyjj (2598719) * on Wednesday September 05, 2012 @09:27AM (#41233817)

    In the absence of any further evidence, I must assume that everybody's lying.

    Except that Anon has real evidence in this case, and specifics. The FBI is just issuing a blanket denial. And, for that matter, if this agent is real and doesn't do this, why aren't they hiding him and not making him available for interviews? Seems like he would be the most credible source to deny it.

  • by Anonymous Coward on Wednesday September 05, 2012 @10:09AM (#41234227)

    "NCFTA_iOS_devices_intel.csv'

    National Cyber-Forensics and Training Alliance(1) is that FBI-sponsored industry cybersecurity PR, lobbying, and info-sharing consortium that was going to replace CERT et al, make sure the Bureau's position on cybersecurity was advanced, and pass out a lot of white hats to all the "Walker, Cyber Ranger"s out there. Stangl (sic) apparently may have some role there. As others have pointed out, the data could have come directly from Apple.

    So maybe the Fibbies are *technically* truthful here. It's called plausible deniability. That's why you have captive shadow orgs like NCFTA, ostensibly not taxpayer funded. Congress won't oblige your agency's agenda or funding? Just set up a non-profit org. They can do things you can't. Welcome to "continuity of government", though this process is now largely a quaint and unneccessary anachronism in a post PATRIOT, post DMCA, post NDAA, executive order, UN Treaty, Homeland Security world. That kind of deceptive charm may be it's only lingering utility, in fact. Sugar-coating and Cosmetics are big business, after all.

    (1) http://yro.slashdot.org/index2.pl?fhfilter=NCFTA

  • by fadethepolice (689344) on Wednesday September 05, 2012 @11:18AM (#41235093) Journal
    This is likely to be true of every action of every whistleblower from now until the end of time. The very act of getting protected data from an organization by definition results in this situation. The only resort is to look at context and evaluate the information on the knowledge you have of the participants. http://en.wikipedia.org/wiki/Carnivore_(software) [wikipedia.org] http://en.wikipedia.org/wiki/NarusInsight [wikipedia.org] The FBI has a proven track record of secretly monitoring Americans for close to 100 years. Anonymous has a decent reputation as occasionally competent hackers. Given these facts I would tend to give more weight to the evidence presented by anonymous than the denials by the FBI.
  • by blueg3 (192743) on Wednesday September 05, 2012 @11:53AM (#41235521)

    ...finding the names of agents is pretty easy...

    Yeah, especially when the agent stated his name in a well-known FBI PR video targeting hackers.

Prediction is very difficult, especially of the future. - Niels Bohr

Working...