If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(MacRumors)   Hackers release 12,367,232 Apple iOS UDIDs - complete with names, phone numbers and other personal info - that they got from the FBI in March   (macrumors.com) divider line 89
    More: Scary, iOS UDIDs, iOS, FBI, iOS devices, phone numbers, laptops  
•       •       •

6597 clicks; posted to Geek » on 04 Sep 2012 at 7:26 AM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



89 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | » | Last | Show all
 
2012-09-04 05:42:44 AM  
During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.
 
2012-09-04 07:31:28 AM  

Friskya: During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.


I'm surprised the Government hasn't started using some personalized flavor of Linux yet. That said, why the hell is Apple using unique identifiers like this?
 
2012-09-04 07:36:59 AM  

Friskya: During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.


"was breached using the AtomicReferenceArray vulnerability on Java"

I think I've found the real issue here.
 
2012-09-04 07:41:41 AM  

Guntram Shatterhand: Friskya: During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.

I'm surprised the Government hasn't started using some personalized flavor of Linux yet. That said, why the hell is Apple using unique identifiers like this?


You're both barking up the wrong tree:

Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?

During the second week of March 2012, a Dell Vostro notebook, used by
Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action
Team and New York FBI Office Evidence Response Team was breached using the
AtomicReferenceArray vulnerability on Java, during the shell session some files
were downloaded from his Desktop folder one of them with the name of
"NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS
devices including Unique Device Identifiers (UDID), user names, name of device,
type of device, Apple Push Notification Service tokens, zipcodes, cellphone
numbers, addresses, etc.
the personal details fields referring to people
appears many times empty leaving the whole list incompleted on many parts. no
other file on the same folder makes mention about this list or its purpose.
 
2012-09-04 07:45:04 AM  

bersl2:
*snip*

You're both barking up the wrong tree:

Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?


This right here.
 
2012-09-04 07:53:03 AM  
bersl2:
"Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?"

"Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team"

Sounds like he supervises the offices (regional anyways) that would have the most use for them.

Who do you think would need/have them?
 
2012-09-04 07:54:53 AM  

Unlikable: bersl2:
"Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?"

"Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team"

Sounds like he supervises the offices (regional anyways) that would have the most use for them.

Who do you think would need/have them?


That doesn't answer why he has them. 12 million ID's sounds like an awfully large net for any kind of investigation.
 
2012-09-04 07:55:56 AM  
Really, that 12 million is just the tip of the iceberg you can be sure they have all the rest. The FBI and other governments around the world collect just about everything they can especially from phones. Every SMS message you've ever sent is kept. Supposed to delete them after around 6 years but think again. Call histories, probably Echelon phone recordings if you said a certain flagged word.

/doesn't have a cell phone
 
2012-09-04 08:05:19 AM  
Why does APPLE need all that stuff? Some of it makes sense.. the rest like user name, zipcode, phone number and address is none their farking business.
 
2012-09-04 08:09:15 AM  

swaxhog: if you said a certain flagged word.


I'd be disappointed if at least half of my fark posts are not flagged because of key word use.
You must be on drugs if you think the FBI doesn't watch the internet like al qaeda watching for easy targets to bomb.

/sorry off my game today
//waves hi to the nice government employee
 
2012-09-04 08:11:55 AM  

swaxhog: Really, that 12 million is just the tip of the iceberg you can be sure they have all the rest. The FBI and other governments around the world collect just about everything they can especially from phones. Every SMS message you've ever sent is kept. Supposed to delete them after around 6 years but think again. Call histories, probably Echelon phone recordings if you said a certain flagged word.

/doesn't have a cell phone


Even if the government collected every bit of that information tenfold over it never has and NEVER will affect you or anyone you will ever know in anyway whatsoever. There's 350 million Americans, nobody cares who you are.
 
2012-09-04 08:12:58 AM  

Friskya: During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.


Fixed that for you..
 
2012-09-04 08:14:38 AM  

bersl2: Guntram Shatterhand: Friskya: During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.

I'm surprised the Government hasn't started using some personalized flavor of Linux yet. That said, why the hell is Apple using unique identifiers like this?

You're both barking up the wrong tree:

Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?

During the second week of March 2012, a Dell Vostro notebook, used by
Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action
Team and New York FBI Office Evidence Response Team was breached using the
AtomicReferenceArray vulnerability on Java, during the shell session some files
were downloaded from his Desktop folder one of them with the name of
"NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS
devices including Unique Device Identifiers (UDID), user names, name of device,
type of device, Apple Push Notification Service tokens, zipcodes, cellphone
numbers, addresses, etc. the personal details fields referring to people
appears many times empty leaving the whole list incompleted on many parts. no
other file on the same folder makes mention about this list or its purpose.


You're focusin' on the wrong part of the story!
 
2012-09-04 08:17:59 AM  

Bob Down: Why does APPLE need all that stuff? Some of it makes sense.. the rest like user name, zipcode, phone number and address is none their farking business.


Maybe billing in iTunes? Not that it justifies it but if you REALLY want to get weirded out about this sort of thing you really need to think about what Google knows about you.

The UUIDs are to identify the actual device. Nothing freaky about that at all, it's used to know what machine is what, development build provisioning, etc.
 
2012-09-04 08:23:20 AM  

sirgarr02: swaxhog: Really, that 12 million is just the tip of the iceberg you can be sure they have all the rest. The FBI and other governments around the world collect just about everything they can especially from phones. Every SMS message you've ever sent is kept. Supposed to delete them after around 6 years but think again. Call histories, probably Echelon phone recordings if you said a certain flagged word.

/doesn't have a cell phone

Even if the government collected every bit of that information tenfold over it never has and NEVER will affect you or anyone you will ever know in anyway whatsoever. There's 350 million Americans, nobody cares who you are.


In fact, the more information they collect, the better. The more they know about everybody, the less they know about anybody.
 
2012-09-04 08:27:55 AM  

Bob Down: Why does APPLE need all that stuff? Some of it makes sense.. the rest like user name, zipcode, phone number and address is none their farking business.


because apple does their own billing with itunes and the account is tied to devices.
 
2012-09-04 08:33:15 AM  

Bob Down: Why does APPLE need all that stuff? Some of it makes sense.. the rest like user name, zipcode, phone number and address is none their farking business.


Unless you want to log into iTunes (username) and buy a song with a credit card (zipcode, phone number and address), besides that, Apple doesn't need it.


Why did the FBI have it? The article doesn't say.
 
2012-09-04 08:45:04 AM  

jso2897:

In fact, the more information they collect, the better. The more they know about everybody, the less they know about anybody.


Until your name mistakenly matched for the bio-terrorists that fund their operations through drug fueled child porn rings. Then they swoop down on your house with a no-knock warrant, shoot your dog, kick your wife in the head and take you into custody. After 3 days of interrogation and ransacking your house, they realize that the terrorist must have been using a cloned ID tag on their iPad. So they tell you sorry and send you on your way.

Now you need to explain you boss why you missing for three days without calling, why the FBI showed up and demaned they see all your mail records and rifled through your desk and your neighbors read the account in the paper that you were arrested for running a child porn ring.

So, yeah, its a great idea. Think of all the funny stories you'll be able to tell at parties!
 
2012-09-04 08:56:39 AM  

bersl2: Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?


suzieqq.files.wordpress.com
 
2012-09-04 08:59:24 AM  

sirgarr02: Even if the government collected every bit of that information tenfold over it never has and NEVER will affect you or anyone you will ever know in anyway whatsoever. There's 350 million Americans, nobody cares who you are.


Obviously, you have never attempted to fight corruption or unjust policies, and with that attitude, you probably never will. Pre-emptive surveillance makes harassing such people all the more efficient and effective.

They may not care now, but if you ever do give them a reason to care, whether legitimate or not, with this kind of dragnet spying, it's so much more easy for them to take action, for better and for worse. And the inability to seek redress of grievances without the specter of turn-key threats against your person, your family, your associates, and your property further ossifies the current state of affairs. Good luck getting anything changed in government.
 
2012-09-04 09:04:39 AM  

bersl2: sirgarr02: Even if the government collected every bit of that information tenfold over it never has and NEVER will affect you or anyone you will ever know in anyway whatsoever. There's 350 million Americans, nobody cares who you are.

Obviously, you have never attempted to fight corruption or unjust policies, and with that attitude, you probably never will. Pre-emptive surveillance makes harassing such people all the more efficient and effective.

They may not care now, but if you ever do give them a reason to care, whether legitimate or not, with this kind of dragnet spying, it's so much more easy for them to take action, for better and for worse. And the inability to seek redress of grievances without the specter of turn-key threats against your person, your family, your associates, and your property further ossifies the current state of affairs. Good luck getting anything changed in government.


You do realize that horse left the barn, waltzed out the pasture and is doing a world tour 3 continents away now right? Closing the door is immaterial at this stage of the game.
 
2012-09-04 09:04:55 AM  

bersl2: You're both barking up the wrong tree:

Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?


The fact this needed to be said gives me a sad. It reminds me of the threads from months ago where employers were exposed for requiring FB logins from job applicants... And (way too many) farkers were blaming FB for it.
 
2012-09-04 09:05:13 AM  
If this happened under President Bush the uproar would be tremendous...but since President Obama is in office.....*crickets*...
 
2012-09-04 09:06:51 AM  
Isn't there a place on the 1040EZ form for Apple UDID?
 
2012-09-04 09:08:05 AM  

Guntram Shatterhand: That said, why the hell is Apple using unique identifiers like this?


Why would you think they aren't? I don't suppose I've used a computing device without a software-accessible unique identifier (ethernet/WiFi MAC address at least) since around 1994.
 
2012-09-04 09:11:10 AM  

xaldin: You do realize that horse left the barn, waltzed out the pasture and is doing a world tour 3 continents away now right? Closing the door is immaterial at this stage of the game.


Yes, I do. Not everybody even realizes that there's a problem to begin with, though. If they don't understand the consequences of the door having been left open in the first place, how are they supposed to understand that's it's too late to just close it?
 
2012-09-04 09:25:16 AM  

wingnut396: Until your name mistakenly matched for the bio-terrorists that fund their operations through drug fueled child porn rings. Then they swoop down on your house with a no-knock warrant, shoot your dog, kick your wife in the head and take you into custody. After 3 days of interrogation and ransacking your house, they realize that the terrorist must have been using a cloned ID tag on their iPad. So they tell you sorry and send you on your way.


You're crazy.

No way they'd apologize.
 
2012-09-04 09:27:25 AM  
If you are innocent, you have nothing to fear.
 
2012-09-04 09:51:09 AM  
I'm more upset that Apple (which is presumably the only source for that information) gave it over to the FBI even with a warrant. There is no such thing as an evidence search warrant that is broad enough to possibly cover (and need) 12 Million customer files. Warrants must be specific and limited to the necessary purpose of the investigation and it is up to the court that issues them to ensure that, and it is ALSO up to the target of the warrant to object and protest if it is overly broad. Apple has lawyers - I'm appalled that they appear not to have used their significant resources to object to whatever request it was that asked for 12 Million customer files.
 
2012-09-04 09:53:21 AM  
Oh no UDIDn't.
 
2012-09-04 09:58:06 AM  

AndreMA: wingnut396: Until your name mistakenly matched for the bio-terrorists that fund their operations through drug fueled child porn rings. Then they swoop down on your house with a no-knock warrant, shoot your dog, kick your wife in the head and take you into custody. After 3 days of interrogation and ransacking your house, they realize that the terrorist must have been using a cloned ID tag on their iPad. So they tell you sorry and send you on your way.

You're crazy.

No way they'd apologize.


That would imply fault which is an avenue for legal action. No way. Everything they do is right because they do it and everything you do is wrong because you do it.

bersl2: xaldin: You do realize that horse left the barn, waltzed out the pasture and is doing a world tour 3 continents away now right? Closing the door is immaterial at this stage of the game.

Yes, I do. Not everybody even realizes that there's a problem to begin with, though. If they don't understand the consequences of the door having been left open in the first place, how are they supposed to understand that's it's too late to just close it?


If you are not angry about the current global and internal political situation you simply are not paying attention.
 
2012-09-04 09:59:46 AM  

jso2897:
In fact, the more information they collect, the better. The more they know about everybody, the less they know about anybody.


Not so much actually. It used to be that this was true when dealing with paper records they were exceptionally labour intensive worse if they were hand written. Collecting too much data would slow the humans down as they wade through it. Not so much with a computer, it can and will process millions of records an hour given enough grunt (which is a factor of 'how much you want to spend?' these days rather than any MIPS per chunk of silicon limit).

In fact as the computer can't make leaps of faith/get a feeling in its gut the ideal situation is to feed it more data so it has a more 'complete picture' (i.e. more data points to compare) and of course unlike the human... the machine never sleeps, don't go for a piss nor break for lunch.

This is made simpler due to everyone else using computers and SQL driven backends so pulling data off in a nice transferable format like CSV is exceptionally easy and can be done with just a flash of the right paperwork.

And it's not like you'd need a 'super special' bit of silicon either, to a computer there is no functional difference between your medical records or your cell phone bill.

Not trying to seem like a tin foil hat crazy (although it does fit quite nicely) just pointing out that what made this stuff balls out difficult for humans is a machines bread & butter.
 
2012-09-04 10:01:43 AM  

sirgarr02: swaxhog: Really, that 12 million is just the tip of the iceberg you can be sure they have all the rest. The FBI and other governments around the world collect just about everything they can especially from phones. Every SMS message you've ever sent is kept. Supposed to delete them after around 6 years but think again. Call histories, probably Echelon phone recordings if you said a certain flagged word.

/doesn't have a cell phone

Even if the government collected every bit of that information tenfold over it never has and NEVER will affect you or anyone you will ever know in anyway whatsoever. There's 350 million Americans, nobody cares who you are.


42 million people would like a word with you
 
2012-09-04 10:03:15 AM  

mcreadyblue: If you are innocent, you have nothing to fear.


If you are afraid, you are guilty.
 
2012-09-04 10:04:11 AM  

cefm: I'm more upset that Apple (which is presumably the only source for that information) gave it over to the FBI even with a warrant. There is no such thing as an evidence search warrant that is broad enough to possibly cover (and need) 12 Million customer files. Warrants must be specific and limited to the necessary purpose of the investigation and it is up to the court that issues them to ensure that, and it is ALSO up to the target of the warrant to object and protest if it is overly broad. Apple has lawyers - I'm appalled that they appear not to have used their significant resources to object to whatever request it was that asked for 12 Million customer files.


I wonder if the lawyers even knew about it. If they didn't, it wouldn't surprise me that the FBI asked for them while an agent was at a lunch meeting with the COO. Pick up the lunch tab for data. 

/That part about everything except the lawyers knowing about it is not a real story, AFAIK.
 
2012-09-04 10:12:35 AM  

Bob Down: Why does APPLE need all that stuff? Some of it makes sense.. the rest like user name, zipcode, phone number and address is none their farking business.


Bigger question: Why does the FBI need 12 million iOS UDID's? Are there REALLY 12 million 'people of interest' in the United States that have an iOS device? REALLY?

Smaller question: Did this come from Apple directly or the 'black room' in AT&T?
 
2012-09-04 10:12:43 AM  

HotWingConspiracy: That doesn't answer why he has them. 12 million ID's sounds like an awfully large net for any kind of investigation

 
2012-09-04 10:13:40 AM  

Giltric: HotWingConspiracy: That doesn't answer why he has them. 12 million ID's sounds like an awfully large net for any kind of investigation


hmmm missed the link first time around.


Link
 
2012-09-04 10:16:07 AM  

cefm: I'm more upset that Apple (which is presumably the only source for that information) gave it over to the FBI even with a warrant. There is no such thing as an evidence search warrant that is broad enough to possibly cover (and need) 12 Million customer files. Warrants must be specific and limited to the necessary purpose of the investigation and it is up to the court that issues them to ensure that, and it is ALSO up to the target of the warrant to object and protest if it is overly broad. Apple has lawyers - I'm appalled that they appear not to have used their significant resources to object to whatever request it was that asked for 12 Million customer files.


It's more likely the FBI collected the information using some popular app in the App Store. Until about a year ago, apps could collect the UDID of the device. Apple has since put the kibosh on this.
 
2012-09-04 10:17:19 AM  

Guntram Shatterhand: Friskya: During the second week of March 2012, a Dell Vostro notebook, used by Supervisor...

I think I found the source of the leak.

I'm surprised the Government hasn't started using some personalized flavor of Linux yet. That said, why the hell is Apple using unique identifiers like this?


NSA developed its own distro years ago (which you can actually get yourself, if you want to). As for Apple, I have to assume it's got something to do with their famously sterling usability. The more the box does for you, the less you have to do yourself, and that's going to feel good to a lot of people who don't want to learn how their toys work. I suppose it feels more personal and special, all part of the infantilising catholicism Apple is (in)famous for.
 
2012-09-04 10:22:27 AM  

Sylvia_Bandersnatch: and that's going to feel good to a lot of people who don't want to learn how their toys work.


Or people who spend all day fixing the sodding things and just want their machine at home to a) work b) look good c) someone else to fix it.

I/We might enjoy tinkering and general geekery but well... I spent all damn day fixing computers... screw it.
 
2012-09-04 10:28:02 AM  

Scorpius.Raven: bersl2:
*snip*

You're both barking up the wrong tree:

Why does some middling FBI supervisor-and therefore the FBI itself-have a list of over 12 million sets of personal information?

This right here.


I think that's the real story, and probably the real reason for the hack and publish: to show that the FBI has all this information, so that we can ask why.

I *want* to say something like, "Media shiatstorm in 3.. 2.." but the sad reality is that Americans have gradually gotten used to these invasions, and by this point largely feel helpless trying to do anything about it.
 
2012-09-04 10:30:39 AM  

Vaneshi: Bob Down: Why does APPLE need all that stuff? Some of it makes sense.. the rest like user name, zipcode, phone number and address is none their farking business.

Bigger question: Why does the FBI need 12 million iOS UDID's? Are there REALLY 12 million 'people of interest' in the United States that have an iOS device? REALLY?

Smaller question: Did this come from Apple directly or the 'black room' in AT&T?


If people paid attention to the world around them, they would know that Senators on the Senate Intelligence Committee have recently warned us that our current government has a secret interpretation of the Patriot Act that they feel entitles them to full access to all your personal records of any sort.

For more than two years, a handful of Democrats on the Senate intelligence committee have warned that the government is secretly interpreting its surveillance powers under the Patriot Act in a way that would be alarming if the public - or even others in Congress - knew about it.

The senators, who also said that Americans would be "stunned" to know what the government thought the Patriot Act allowed it to do, made their remarks in a letter to Attorney General Eric H. Holder Jr. after a Justice Department official last month told a judge that disclosing anything about the program "could be expected to cause exceptionally grave damage to the national security of the United States."

The dispute centers on what the government thinks it is allowed to do under Section 215 of the Patriot Act, under which agents may obtain a secret order from the Foreign Intelligence Surveillance Court allowing them to get access to any "tangible things" - like business records - that are deemed "relevant" to a terrorism or espionage investigation.


So the Government has already interpreted the Patriot Act to mean that it has access to all your telephone records (which include everything divulged here) in addition to all your banking records and anything else they would care to get a copy of.

Seriously, folks. Start paying attention to the word around you. Our Government has taken a bipartisan turn towards the dark side.

William Binney, a former official with the National Security Agency, recently said that domestic surveillance in the U.S. has increased under President Obama, and trillions of phone calls, emails and other messages sent by U.S. citizens have been intercepted by the government. In fact, in an interview with Democracy Now, the official-turned-whistleblower claims that the government currently possesses copies of almost all emails sent and received in the United States.

Binney, who is regarded as one of the best mathematicians and code breakers in NSA history, says he left the agency in late 2001 after he learned about its plan to use the September 11th terrorist attacks as an excuse to launch a controversial data collection program on its own citizens.


This isn't to keep us safe from those darned terrorists. The terrorists were the excuse they used to do something they've been wanting to do all along.
 
2012-09-04 10:34:51 AM  

cfletch13: Oh no UDIDn't.


Spectacular.
 
2012-09-04 10:38:53 AM  
So what can they do with this information?

Send you AdHoc development apps? Give you crank calls in the middle of the night?

What?
 
2012-09-04 10:40:34 AM  

SVenus: Isn't there a place on the 1040EZ form for Apple UDID?


Yes, but since so many Apple users are tax-deductible dependents, it's not used much.
 
2012-09-04 10:41:17 AM  
You Do realize tha the FBI makes apps for ios devices right and they probably mined the info like any other developer did.
 
2012-09-04 10:43:03 AM  

BigBooper: swaxhog: if you said a certain flagged word.

I'd be disappointed if at least half of my fark posts are not flagged because of key word use.
You must be on drugs if you think the FBI doesn't watch the internet like al qaeda watching for easy targets to bomb.

/sorry off my game today
//waves hi to the nice government employee


I figure if the FBI is reading my posts which include ideas and observations for making terrorist more effective maybe they'll figure out how to minimize the issues I notice. If I see an obvious terrorist target or technique in passing then I bet the terrorist who obsess about such things already has it in his playbook.
 
2012-09-04 10:45:11 AM  

mcreadyblue: If you are innocent, you have nothing to fear.


I know you're joking, and I appreciate it, but it's worth pointing out that 'innocent' can be subjective. I've committed jailable felonies in several states that I did and do not consider constitutionally criminal acts. I consider myself innocent, but courts of the time probably would not have, and I would have been largely powerless to defend myself against what I'd consider constitutionally invalid laws.
 
2012-09-04 10:49:54 AM  
I'm sure if it goes to trial the SCOTUS will rule it constitution because of umm... something something something commerce clause.
 
Displayed 50 of 89 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


Report