FBI caught spying on millions of Apple smartphone users.
Hackers with the amorphous protest movement “Anonymous” and “AntiSec” said Monday night they caught the Federal Bureau of Investigation (FBI) red-handed spying on Apple customers, and published over 1 million unique device identification numbers they allegedly pulled out of an FBI database.
In all, the hackers claimed that the FBI files they accessed had more than 12 million Apple UDIDs, the unique identifier associated with every iPhone and iPad that comes off the production line. They also said that most UDIDs in the FBI’s database had names, cell phone numbers and addresses attached to them, which were edited out before publication. Apple has sold nearly 200 million iPhones and more than 50 million iPads since both devices’ debut.
Apple has been phasing out the UDID standard, and recently made changes to prevent third-party applications from sending users’ UDIDs to unknown parties. Apple told a congressional inquiry in 2010 that it cannot track iPhones in real time, but a hacker named Eric Smith noted that third party applications can transmit UDIDs, which could potentially be linked to the owner and used to track that person.
And that’s precisely what hackers with Anonymous think the FBI was doing.
They claimed to have tapped into a Dell laptop owned by Special Agent Christopher K. Stangl, an FBI cyber security expert. They downloaded several files, including one that contained “12,367,232 Apple iOS devices including Unique Device Identifiers (UDID)” and other personal information, they wrote in a text file published online. “[The] personal details fields referring to people appears many times empty leaving the whole list incompleted [sic] on many parts. no other file on the same folder makes mention about this list or its purpose.”
While it’s not immediately clear what the FBI is doing with the Apple UDIDs and detailed information on device owners, Gizmodo pointed out that the acronym “NCFTA” could stand for the National Cyber-Forensics & Training Alliance, a nonprofit that acts as an information-sharing gateway between private industry and law enforcement.
“People are frustrated, they feel the system manipulating them more than ever,” the hackers wrote. “Never underestimate the power of frustrated people. For the last few years we have broke [sic] into systems belonging to Governments and Big corporations just to find out they are spending millions of tax dollars to spy on their citizens. They work to discredit dissenting voices. They pay their friends for overpriced and insecure networks and services.”
http://www.rawstory.com/rs/2012/09/04/anonymous-claims-hack-caught-fbi-spying-on-apple-customers/
Hackers release 1 million Apple device IDs allegedly stolen from FBI laptop.
The hacker group AntiSec has released 1 million Apple device IDs that they say they obtained from an FBI computer they hacked.
The hackers say they actually stole 12 million IDs, including personal information, from the hacked FBI computer, but released only 1 million in an encrypted file published on torrent sites.
In a lengthy post online, the hackers wrote that last March, they hacked a laptop belonging to an FBI agent named Christopher K. Stangl from the bureau’s Regional Cyber Action Team and the New York FBI office’s Evidence Response Team.
The hackers say the IDs were stored in a file on Stangl’s desktop titled “NCFTA_iOS_devices_intel.csv.”
The file, according to the hackers, contained a list of more than 12 million Apple iOS devices, including Unique Device Identifiers (UDID), user names, names of devices, types of devices, Apple Push Notification Service tokens, ZIP codes, cellphone numbers, and addresses. The hackers released only 1 million UDIDs, however, and did not release the accompanying personal information for the IDs.
Apple UDIDs are a 40-character alphanumeric string that is unique to each Apple device.
It’s not known why the FBI possessed the Apple IDs. The hackers suggested in a tweet from the the @AnonymousIRC account, that the FBI was using the information to track users.
The hackers say they released the Apple UDIDs so that people would know that the FBI may be tracking their devices and also because, they wrote in their online post, “we think it’s the right moment to release this knowing that Apple is looking for alternatives for those UDID currently … but well, in this case it’s too late for those concerned owners on the list.”
Apple has been criticized for hard-coding the ID’s in devices, since they can be misused by application developers and others to identify a user, when combined with other information, and track them. Last April, Apple began rejecting applications that track UDIDs.
http://www.wired.com/threatlevel/2012/09/hackers-release-1-million-apple-device-ids-allegedly-stolen-from-fbi-laptop/