antisec
Latest
David Schuetz cracked the case of stolen iPhone UDIDs
Earlier this week, Blue Toad publishing confirmed that it, and not the FBI, was the source of 1 million UDIDs leaked by hacker group AntiSec. The company was tipped off by mobile security expert David Schuetz of Intrepidus Group, who spent days poring through the data and discovered references to Blue Toad and its employees. It's an impressive piece of work by Scheutz, who details how he discovered the Blue Toad link in a lengthy blog post on Intrepidus Group's website. His story is well worth the read when you have a few minutes to spare. [Via Apple 2.0]
Blue Toad publishing claims itself as source of leaked UDID database
According to a report in NBC news, a small publishing company is the source of Apple UDIDs leaked by hacker group AntiSec. AntiSec and Anonymous claimed the UDIDs were stolen from an FBI employee's laptop, but the governmental agency denied that it was the source the leak. Paul DeHart, CEO of Blue Toad publishing company, told NBC News that his company compared the leaked Anonymous database with its own database and found a 98 percent correlation between the two datasets. DeHart did not provide details, but said forensic analysis by his company showed the data a had been stolen within the past two weeks.
Apple denies giving FBI any iOS device UDIDs, raises questions over AntiSec claims
Hacking group AntiSec (connected to Anonymous and LulzSec) made some bold claims Tuesday that it had obtained the unique device identifiers (UDIDs) of 12 million iOS devices from an FBI laptop, setting more than a few people on edge. The FBI has already denied that anything was stolen, but Apple has gone one step further to argue that it had no involvement. Spokeswoman Natalie Kerris tells AllThingsD that Apple hasn't given UDIDs to the FBI "or any organization" -- suggesting that either AntiSec or the FBI isn't telling the whole story of what data emerged and where. Even if there are real UDIDs floating around, Kerris adds that they don't necessarily pose much danger. She notes that programming hooks in iOS 6 will provide an alternative to UDID for device-specific data, and that apps will eventually be forbidden from using the older identifiers altogether. While the truth in the situation is hard to pin down, the technical reality doesn't leave much risk that our iPads and iPhones will be compromised. At least, not after this month.
FBI and Apple separately deny being source of leaked iPhone UDIDs
Yesterday, hacker group AntiSec released 1 million UDIDs from a pool of 12 million that it allegedly obtained from an FBI-issued laptop. The group used this high-profile leak to accuse the FBI of spying on the American public. Late on Tuesday, the FBI responded to AllThingsD with its own statement that says it was not the source of the leak. The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data. The FBI re-iterated this statement on its Twitter account with a strong denial that says, "We never had [the] info in question. Bottom Line: TOTALLY FALSE." Apple also chimed in and said it did not give the UDIDs to the FBI or anyone else. Apple spokesperson Natalie Kerri told AllThingsD that, "The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization. Additionally, with iOS 6 we introduced a new set of APIs meant to replace the use of the UDID and will soon be banning the use of UDID."
Hackers reportedly leak 1M iOS UDIDs (updated)
Update: The New York Times reports that F.B.I has released a statement saying there's no indication that an FBI laptop was compromised or that the FBI sought out the data to begin with. Hacker group AntiSec claims to have 12 million iPhone and iPad UDIDs it obtained during an attack on an FBI agent's compromised notebook, according to a report in The Next Web. It made 1 million of the stolen UDIDs publicly available in a file posted on Pastebin. The UDID is a unique 40-digit code assigned to each iOS device and is often used by developers to distribute beta apps to an iOS device. Besides the UDID, some records in the FBI database also contained names, addresses, mobile phone numbers and other identifying information. The group stripped out most of the personal information from the 1 million leaked records, but left the Apple Device ID, Apple Push Notification Service DevToken, Device Name and Device Type, so users can search for their device. You can find the UDID of your iOS device using these directions and then search for your UDID in the leaked records using this tool at The Next Web. [Via AppleInsider]
The necessary relationship between Blizzard and law enforcement
Pop law abounds in The Lawbringer, your weekly dose of WoW, the law, video games and the MMO genre. Mathew McCurley takes you through the world running parallel to the games we love and enjoy, full of rules, regulations, pitfalls and traps. Back in 2009, a man named Alfred Hightower escaped to Canada from the United States after a warrant was issued for his arrest in Indiana for drug dealing and other charges. The Howard County Sheriff's Department had no idea where Hightower ran off to until a deputy figured out that Alfred Hightower was a World of Warcraft player. After a politely worded request for information about the guy to Blizzard, the detectives had everything they needed to find, alert the proper authorities in Canada, and arrest Alfred Hightower. Blizzard didn't really have to easily comply with the information request by the Howard County Sheriffs Department but did so in a smooth and cooperative way. Sure, there are scenarios where some information would be compulsory and downright necessary (in the case of national emergency or someone in mortal danger), but this was just some dealer who ran to Canada. There's usually a longer process. Antisec, the hacker anti-security movement, released a document back in November that allegedly discusses how Blizzard will respond to law enforcement information requests and provide law enforcement with a sort of a primer on World of Warcraft and what to expect from Blizzard's cooperation. What's interesting is that this primer and information packet had to have been created to streamline the process of helping out law enforcement. Someone made this packet to save time, which means there have been plenty of requests for people's information.
World of Warcraft 'law enforcement guide' leaked, new commercial released
Have you ever wondered what kind of dirt law enforcement officers would be able to dig up on you if they went to World of Warcraft developer Blizzard for information? Well, wonder no more. An 18-page document has been leaked to the internet thanks to the notorious organization known as AntiSec. The document is two years old, but it outlines what information Blizzard will disclose to law enforcement officers under given stipulations. And in completely and utterly unrelated news (well, Chuck Norris played a Texas ranger, so I guess there's some kind of connection), the game has revived its celebrity-laden advertisement series with a new commercial featuring none other than the hero of Barrens chat himself, mister Chuck Norris. As expected, the short clip is full of WoW-modified Chuck Norris jokes because apparently that horse hasn't been sufficiently flogged yet. To see the ad for yourself, just click on past the cut.
Fifty days of 'lulz' over: LulzSec disbands
The secretive hacking group known as LulzSec has announced that it is formally disbanding with the completion of its planned 50 days of mayhem. Among its many targets that it has hacked, including government sites, LulzSec struck at The Escapist, Bethesda Game Studios, League of Legends, and EVE Online. LulzSec sent out a final statement, which said the group was a band of six hackers who had planned 50 days of attacks from the beginning. Now that the time is up, the group plans to fade into the shadows. The group hopes that others will continue with these illegal activities: "Behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us." While a suspected member of LulzSec was arrested a few days ago, the organization denied that he was part of the collective.
