iPhone 4 pre-order mess takes a sinister turn with privacy breach
By Vlad Savov 
posted June 16th 2010 3:17AM
posted June 16th 2010 3:17AM
In amongst the otherwise fun stampede that befell Apple and AT&T's servers yesterday, some less humorous problems were also taking place. Numerous tipsters reported to Gizmodo during the day that they were being logged into other people's AT&T accounts while going in to try and sign up for an iPhone 4 upgrade. An insider source suggests that this was caused by a major fraud prevention overhaul of AT&T's software last weekend, which was followed by "absolutely no testing" prior to the iPhone 4's launch. Tsk tsk. The network itself has responded by saying it's unable to replicate the issue and is looking into it. While it's doing that, a bunch of people might be "looking into" your AT&T account details. Sleep tight now.
AT&T LOL!
@MarkAnderson
You guys need unlocked options like we in the UK have. Seriously.
@MarkAnderson Weird... I didn't have this problem with www.google.com/phone ;)
@Kmobs
Probably because it gets about 5% of the traffic AT&T gets once a year. ;)
@MarkAnderson Except that it's still under google's domain and servers. AT&T hit like 0.00005% of the traffic that Google gets per day...
@MarkAnderson
Weird...nobody in the US gives a damn...
@MarkAnderson
for reals. nothing but bad press. email exploit, data cap, can't even preorder? Just give up the iPhone already AT&T.
@MarkAnderson
Well i think im just gonna go down to a bar and se if there is more luck there.....
@MarkAnderson A lot of people love the iPhone, that's the only explanation to put up with this garbage. They must really, really love it.
@MarkAnderson I still think the new iPhone is worth it. I got nothing to hide..... yet.
@MarkAnderson
F*** me!
AT&T, what's your problem?
...first the iPad, now the iPhone... You freakin' iDiots!!!
@DogStar
You saw it first, you get it last.
-Steve
@ipaladin
well this nice garbage is alot better than that human waste called andoid.
@MarkAnderson
More like AT&T fail.
Apple -- so Adobe's Flash isn't secure enough for you, but you insist on sticking with crappy AT&T?
@Stoichiometry said:
"You saw it first, you get it last."
Since this is another AT&T network problem, your comment is what I "get last" because honestly, I don't have the foggiest clue what you're talking about.
But hey, have a nice day.
@ipaladin
No, they love the attention they "think" they get from owning one. With all the awesome phones available out now, there's no reason to go nuts for an iPhone or deal with ATT crap. I left them while using a 3GS and just hated their service and pricing. I'm on T-Mobile with the Nexus One now and couldn't be happier.
"Sleep tight now"
LOL!
...AT&T you really do suck!
Wow ... back to back security issues ... iPad to iPhone 4.
Jobs not iHappy.
@Meekermoloko
Actually did anyone find out if that was AT&T alone or a mixture of AT&T and mobile Safari's comical security framework?
@MarkAnderson
Looks like all of AT&T's bumbling this time. Then again Apple picked these morons as their locked-in carrier so they deserve some of the blame as well.
Buy an iphone and have your privacy compromised!
@MarkAnderson
Silly comment. Apple did chose the wrong network.
@MarkAnderson
By most reports it is AT&T only right now. There would be a comment field day here if it was directly Apple (a lot of Apple fans already had to go on the defensive to try to dissociate the problem from Apple as much as possible).
@loadoftoad Yeah. Let's build a phone that renders desktop web pages, and stick it on one of the slowest networks in the US... no problem at all... ?
Verizon's internet would be MUCH more up for the iPhone rush... and i'm sure they would keep private account information private...
@jakey
Actually my friend was trying to preorder from Apple and when he finally got logged in he had two 30" monitors and an apple care plan in his cart. Seems like he got logged into someone else's cart.
ANd thats why i go straight to apple store to get it...Att has been nothing but problems..
Wow, just wow. So Apple, the fact that you are going to sell iPhones unlocked in Canada, are you still going to bow down to AT&T after these bad PR, one after another? How about simply allowing your Canadian online store to ship to the US?
@pika2000 Contracts.
@Bahumbug You're correct, but considering the bad PR Apple's been getting thanks to AT&T, I wish Apple put their lawyers to work & try to wiggle themselves out.
@pika2000 I'm sure they couldnt. Maybe they could if they pay an enormous penalty...
@Bahumbug
Which they would never do. Apple cares about the money more than anything else.
@Shooter McGavin They're losing money because of the bad PR though too.
@GadgetTamer Apple isn't loosing anything. 600,000 pre-orders? What a lose.
AT&T, pull a Google. Switch to Macs ;)
@Goaliegeek
And get hacked even faster?
http://www.computerworld.com/s/article/9072959/Mac_easiest_to_hack_says_10_000_winner
@loadoftoad Thanks. If you didnt post that, I would have. The myth of macs being safe (let alone safer than other platforms) is still widely believed.
And we're not talking about random malware that barely exist due to low market penetration but deliberate attacks regardless of platform. If they want to break into your expensive little fruit, they can.
@loadoftoad 2 year old article huh?
Man, ATT just can't do anything right lately, can they? Makes me giggle.
@loadoftoad
Yep, thats why they should switch to Ubuntu/ other linux distros instead, the only system which was not hacked at all during any pwn2own.
@Goaliegeek
March 26, 2010
http://www.fiercecio.com/techwatch/story/pwn2own-2010-mac-isnt-more-secure/2010-03-26
March 19, 2009
http://mac.blorge.com/2009/03/19/safari-on-a-mac-proves-easiest-to-hack/
March 27, 2009
http://www.macobserver.com/tmo/article/pwn2own_winner_mac_os_x_is_less_secure_than_windows/
Keep yourself in denial, you were marketed to by a dork in a black turtleneck and you were guliable enough to believe what he said.
@loadoftoad Thanks for spending time on all that hard work you did!
@Goaliegeek
There's an awesome article in CPU magazine this month about security issues between the three OS'. Their explenation really narrows down the root causes for most exploits. Great read if you get a chance.
@loadoftoad And what, exactly, does this have to do with AT&T's activation servers failing? I doubt AT&T's corporate IT is a Mac-only shop. They aren't designers nor hipsters down there in Dallas, they're likely hardened corporate IT people running activation servers on Unix or Windows Server.
@loadoftoad
My understanding is those security exploits apply only to people who use that POS Safari. That's why I'm using Chrome, the only browser that was not hacked at the pwn2own competition.
@Goaliegeek I would show all the Windows vulnerabilities, but the comment box would explode.
It was probably a sessions issue.
I got an 'emergency' client once because their normal developer didn't put in fail-safes to prevent multiple clients from having the same session. When the site was under a massive influx of traffic, the database couldn't generate sessions fast enough to cope with the traffic so multiple users were issued the same session. If one of those users signed in, the other would have access to account details by default.
Considering the amount of traffic that AT&T was inundated with yesterday, I bet that's the culprit - especially since they couldn't reproduce the error when not under load.
Anyway, I've got my upgrade and an unlocked version waiting for me at Apple Store in London - As an American who lives in the UK - I don't miss home so much now! ;)
Goatse Security go!
AT&T should put a disclaimer on their site: Your privacy is not guaranteed.
Your compromised privacy, theres an app for that.
SNAFU!!!