stolen
Latest
AT&T planning new option to hinder stolen iPhones (Updated)
According to The Verge, AT&T is set to launch a new service meant to thwart cellphone thieves. The company will allow customers to shut down voice, data and SMS on stolen devices. AT&T has reportedly issued information to employees on how the service will work. Customers will be required to inform an appropriate AT&T rep of a missing phone, etc. By shutting down those three services, customers will prevent the phone from being used without having to endure the inconvenience of a SIM block. This may tie into April's news of a national multi-carrier registry of stolen phones. It's worth noting that turning off data service will presumably also knock out Apple's Find My iPhone capability, which would impair users' ability to track down their own phones. No word on cost or availability of the service from AT&T yet, but we have reached out to them for comment. Update: Comment from AT&T's press team -- "As announced in April, AT&T is creating a stolen phone database to prevent devices reported stolen from accessing wireless networks. We will install this availability next week for AT&T phones on our network and are working toward a cross-carrier solution later this year."
Stolen iPhone photos unwittingly posted by Disney cruise ship employee
"This is Nelson," says iPhone owner Katy McCaffrey of the picture above, posted on her Facebook. "Nelson has my stolen iPhone." McCaffrey took her iPhone on a Disney Cruise back in April, where the phone was either misplaced or stolen. But it's been found, now. Photo Stream was still running, and pictures from the iPhone have started appearing on it of Nelson and his friends and coworkers on the boat. Disney has investigated the situation and says the phone has been recovered and will be returned to its owner when the boat that it's on is back in port. The employee in question is on "administrative leave," and his fate will presumably be determined when the current cruise is finished. Disney is doing its best to make things right, but yeah, shame on Nelson for not making sure the phone (which you have to imagine had McCaffrey's info on it, right?) was returned to its owner right away. [Via NPR]
Blatant Hero Academy rip-off on App Store is the laziest yet
It's astoundingly easy to make an app and have it published on the App Store, a fact that has helped the dreams of many developers blossom into reality and is largely regarded as A Good Thing. However, as previous, blatantly plagiarized apps have proven, some people will take A Good Thing and use it to make a quick, dirty buck.The latest scam may be the laziest yet: "Knights Fight" has stolen the screenshots, icon and dignity of Hero Academy, and is selling it for $0.99 on the App Store. Hero Academy itself is an intricate, free title from established indie developer Robot Entertainment, while "Knights Fight" is from Idea House, which exists only as a stark website and is apparently based in suburbia, Wisconsin. At least Idea House got the second half of its name correct.Robot Entertainment told Game Informer it is aware of the fake title and is waiting on a response from Apple, who we assume is too busy counting its money to respond right away, or to thoroughly check the apps it puts in its store.
US carriers agree to national stolen phone database
According to a Wall Street Journal report, four of the largest wireless carriers in the US are working with the US government to create a national stolen phone database. Verizon Wireless, AT&T, Sprint and T-Mobile will develop their own databases and then merge them into a centralized server within the next 18 months. Eventually, regional carriers will also participate in this initiative. The database will help carriers and law enforcement track lost and stolen phones. Besides tracking phones, carriers have agreed to block both calling and data services for these blacklisted phones. This will be an easy task for Verizon and Sprint, but not so simple for T-Mobile and AT&T. Verizon Wireless and Sprint already track each subscriber's phone using the phone's unique electronic serial number. This lets them easily block any phone that's been reported lost or stolen. AT&T and T-Mobile do not have a similar service in place, because their GSM phones use SIM cards. As long as you have a valid SIM card, you can use any phone, regardless of whether it is lost or stolen. These two GSM carriers are working on new technology that would let them track and block a phone using a unique ID.
US carriers agree to build stolen phone database, blacklist hot handsets
What's the best way to deter a thief? Ruin the spoils, of course. Verizon, AT&T, T-Mobile and Sprint have agreed to a broad outline that will culminate in the creation of a central database for stolen cellphones. The goal? To block lifted units from functioning on US shores. Over the next six months, each firm will build out its own stolen device database for integration into a larger, central database, said a Wall Street Journal source, with regional carriers joining the effort over the following two years."We are working toward an industry wide solution to address the complexity of blocking stolen devices from being activated on ours or another network with a new SIM card," said a T-Mobile spokesperson, "This is not a simple problem to solve." The quartet of wireless providers hope to imitate the success UK carriers have seen with similar efforts. With any luck, the program will put an end to massive phone-heists and the awkward public relations stunts that imitate them.
Microsoft Store hacked in India, passwords stored in plain text
Frequenters of India's online Microsoft Store were briefly greeted with the suspicious visage of a Guy Fawkes mask this morning, following a hack that compromised the site's user database. According to WPSauce, Microsoft Store India's landing page was briefly taken over by a hacker group called Evil Shadow Team, who, in addition to putting a new face on Windows products, revealed that user passwords were saved in plain text. The group's motivations are unknown, though the hacked page warned that an "unsafe system will be baptized." The store is now offline, suggesting that Microsoft may have regained control. Read on for a look at the compromised password database.[Thanks to everyone who sent this in]
Photo Stream is helping a man find his stolen iPad
We've heard a lot of stories about Find my iPhone helping people track their lost and stolen iOS devices, but here's one of the first stories involving Photo Stream. According to this Fox 4 Dallas report, it all started late last December in Dallas, TX at Dallas/Fort Worth International Airport. Ken McLellan had just arrived home from a business trip. While he reached to pick up his checked bags, he put down his iPad along with his carry-on bag. You probably can guess what happened next. With bags in hand, he turned to get his iPad, and it was gone. As a loyal Apple user, McLellan also has an iPhone and an iMac in addition to his purloined iPad. He's also one of 85 million people using iCloud and had, rather fortuitously, turned on Photo Stream sharing. Imagine his surprise when new photos from his iPad began to hit his iMac a few weeks after his device was stolen. He's collected the photos of the people who currently have his device and posted them to Facebook. He's hoping to identify them and possibly get his iPad back. Getting his iPad back might not be that easy, though. Perhaps the thief resold the device to these unsuspecting buyers who don't realize it was stolen. It's also possible the thief returned the stolen iPad to Apple for a new device. A recent report details how a savvy thief can use Apple's generous repair policy to get a new device and leave the stolen one behind. It's also possible the people with the iPad are the ones who lifted the device and they'll dump it once they spot their photos on Facebook.
iMessages reportedly still sent to stolen iPhones (Updated)
Update: Daring Fireball pointed to this recommendation from Jesse Hollington: set a SIM PIN code, which will prevent your phone from registering with the cellular network after a reset or a SIM swap until/unless the PIN is entered. Be extremely careful, however, as the iPhone settings UI can be confusing and you may get locked out if the phone thinks you're entering an existing PIN incorrectly. Macworld now recommends a three-step deactivation process, including calling your carrier to make sure your phone SIM is turned off. Update 2: Our colleague Michael Jones reports that there are situations where the 'stickiness' of location services can work in your favor: "My wife's iPhone 3GS was stolen in mid-September. By the time the iPhone 4S was released, there had been no sign of the 3GS and so we went ahead and replaced the phone, figuring that there would be no way to locate the old phone once it was deactivated. A couple of days before Thanksgiving, however, I received an email from Find My iPhone that the 3GS had been located, and briefly reported its location at a grocery store that does not have any open Wi-Fi networks in the area. A few days later, I received another alert as the thief had again turned the phone on at a different location, and the police were able to recover the phone." A troubling issue with iMessages being sent to stolen iPhones has been reported by Ars Technica. According to the article, the issue was brought up by Ars reader David Hovis whose wife's iPhone was recently stolen. She replaced her phone, changed her Apple ID password and moved on. While she was enjoying her new iPhone, the stolen handset was sold to an unsuspecting third-party who was using the phone on their wireless account. Incredibly, the stolen phone, which she deactivated with her carrier and remote wiped, was still sending and receiving iMessages on her behalf. She is only one example. If you search MacRumors or Apple's support forum, you will find several more examples. Part of the problem may reside with Apple's authentication system for iMessage. According to a thread at Ask Different, Apple stores the device ID (UDID) and the Apple ID or mobile number for each device that uses iMessage. An iMessage is apparently sent to Apple's servers, which look at the destination email address or phone number of an incoming message. The server looks in its database for the UDID that's associated with the recipient's phone number or Apple ID. The server then uses this information to redirect the message to the correct phone. It's possible, in the case above, that the UDID of a stolen phone remains in Apple's database and is not replaced by the UDID of the new phone. A message sent to the phone number of the person whose phone was stolen would go to the UDID of the stolen phone and not the new phone. The owner of the stolen phone can then respond back. I've experienced a similar issue with FaceTime on the iPhone 4. I activated my phone and setup FaceTime on one phone number and then switched it to another phone number about a month later. The UDID remained attached to the original phone number and was not automatically updated by Apple. When I tried to make a FaceTime call, the recipient would see my old number. If they tried to FaceTime me with my new number, it wouldn't work. People could only contact me by FaceTime calling my old number. I was able to force Apple to update my UDID in its system by resetting my phone using iTunes according to Apple's instructions. The iMessage issue appears to be similar to the FaceTime issue noted above, but it's not identical. While FaceTime can be corrected by erasing your phone, the iMessages issue is not corrected by a similar remote wipe procedure. I'm not sure why a remote wipe wouldn't fix the iMessage issue; maybe there's a difference between a remote wipe and an iTunes reset or Apple's servers are configured slightly different for the two services. Regardless, the iMessage issue is a serious one that Apple hopefully will address.
NYPD makes many arrests in iPhone/iPad sting operation
The New York Police Department ran an undercover sting operation recently on vendors and businesses accused of selling stolen iPads and iPhones, and came up with a whopping 141 arrests. That's a pretty crazy bust -- apparently undercover officers actually went out to businesses with iPhone 4s and iPad 2s that they claim were stolen, and when the business owners agreed to buy them, they swooped in for the arrests. The businesses were previously suspected of selling stolen merchandise, however -- I am not a lawyer, but just sending cops in to try and sell stolen goods seems like entrapment to me. Not all of the arrests were necessarily of the businesses' owners; it's possible that the cops used information given to make other arrests as well. But that's a nice swath of (alleged) criminals to pick up. Apple's devices make for quite a gray and black market around the world, and it's good to see that the NYPD is cracking down on these stolen items.
NerdHeist 2011: Razer Blade prototypes stolen from Razer R&D
After what we can only imagine was an exciting and Hollywood worthy laser-grid-circumnavigating vault heist, two experimental Blade prototypes have been stolen from a Razer research and development laboratory in the San Francisco bay area, according to a Facebook post made by Razer CEO Min-Liang Tan. It's unclear as to whether or not these were the only two prototypes, but it's safe to say that any loss like this is a significant one, and that the prototypes are worth far more than the $2,800 retail price originally quoted for the laptop. Tan is asking for anyone with information about the theft to send an email to cult at razerzone dot com. The Blade, revealed earlier this year at PAX, makes use of a proprietary user interface and LCD touchpad; trade secrets which Razer must desperately (and understandably) want to keep out of the hands of the competition. We're not saying this was corporate espionage, of course, but we are heavily implying that.%Gallery-131790%
Mortal Online plagiarizes EVE Online's terms of service
There's always that temptation in high school and college to simply copy someone else's work to get out of writing really boring papers. Still, no matter how great the temptation, it's good to abstain from such activities. While it's not only wrong, it can be extremely embarrassing if you're found out by the teacher and penalized for plagiarism. We guess that someone over at Mortal Online really didn't want to work up an original terms of service (TOS) for the game, as a few sharp-eyed players noticed that the document not only was extremely similar to one in another MMO but failed to replace mentions of its source game. It appears as though Mortal Online took EVE Online's TOS and reworked it slightly -- and imperfectly -- for its own nefarious purposes, as you can see in the graphic above. The TOS has since been changed to eliminate the mention of EVE. This recalls a similar misstep from last year, when Alganon was caught with its pants down after "borrowing" a press release from BioWare. [Thanks to Jokkl for the tip!]
iPhone 4 prototype sellers charged in California, plead not guilty
The San Jose Mercury News is reporting that two people involved in last year's "iPhone 4 prototype found in a bar" fiasco are being charged in San Mateo County Superior Court for their respective roles in the incident, which led to numerous photos of the upcoming iPhone model being posted online months ahead of its official release. Brian Hogan, the individual who is credited with finding the iPhone, is being charged with one count of misappropriation of lost property, a misdemeanor in the state of California. Sage Wallower, Hogan's friend who assisted him by contacting a number of tech blogs and offering to sell the device to them, is also being charged with possession of stolen property. Neither of the two individuals appeared at the hearing regarding the charges, and the attorneys for both men entered not guilty pleas on their behalf. A second hearing on the case is expected on October 11th, and a trial date has been set for November 28th, although Hogan's attorney has indicated that his client has taken responsibility for his actions, and he plans to work with prosecutors to strike a plea bargain. It was reported earlier this month that the blog responsible for purchasing the iPhone and releasing the pictures, Gizmodo, will not be charged in the incident. Jason Chen, the blogger who facilitated the exchange and wrote the post, will also not be charged. Chen's house was searched early in the investigation, and several items were seized, but later returned. [via KSL News]
Star Wars Galaxies fan site hacked, 23K passwords stolen
Talk about kicking a game's community when it's down. VentureBeat reports that Star Wars Galaxies.net, a major SWG fan site, was hacked yesterday. Star Wars Galaxies.net is part of a LucasArts fan site network, and apparently was not being actively maintained, as the last update was in June of 2009. Still, over 21,000 email addresses and 23,000 passwords were stolen -- some of which could lead to identity theft, according to authorities. The hack was perpetrated by ObSec, a small group in the vein of LulzSec. The hackers posted the email addresses and passwords online for all to see. Analysis of the passwords found that 71% were relatively weak and easy to crack anyway. Some Star Wars Galaxies players may see this as an unfortunate echo of the much larger Sony hack that happened earlier this year. We at Massively urge any players who have used this fan site to make sure that they change their passwords elsewhere as well.
No Comment: Washington State borrows Bodega's icon, with a tweak
Eagle-eyed reader Jeff spotted this icon in use over on the Washington State Department of Labor and Industries website, and it looked a little familiar to him, as a user of a certain unofficial Mac App Store app that has been around even before Apple's software distribution solution. Minus the actual name, it does look kind of familiar, no? Jeff emailed the Bodega app folks, who told him that nope, "They absolutely do not have the rights to that icon," and that he was "free to start publicly shaming them." Hey, you didn't hear it from us! Come to think of it, though, that Calculator at the bottom of the page also looks a little familiar. Maybe someone over in WA is just a Mac app fan?
Sony Pictures hacked by Lulz Security, 1,000,000 passwords claimed stolen (update)
Oh, Sony -- not again. We've just received numerous tips that Lulz Security has broken into SonyPictures.com, where it claims to have stolen the personal information of over 1,000,000 users -- all stored (disgracefully) in plain text format. Lulz claims the heist was performed with a simple SQL injection -- just like we saw the last time around. A portion of the group's exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users. We've downloaded this file (at our own risk, mind you) and can verify these sensitive bits are now in the wild, though it remains unclear if what's published matches reality. In addition to user information, the group has blurted out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees. Fresh off the heels of the PlayStation Network restoration, we're guessing the fine folks in Sony's IT department are now surviving solely on adrenaline shots. Update: Sony Pictures has confirmed to Reuters that some of its websites have been hacked, and says that it's currently working with the FBI to identify the perpetrators. [Thanks to everyone that sent this in]
Hidden app snaps pics of alleged crook (Updated)
Update: Josh reports that an arrest has been made and his MacBook is now in the custody of the Oakland PD. Have you seen the man in the picture at right? If you live in the Bay Area and you've seen him with a MacBook in hand, you might want to consider calling the Oakland police. Joshua Kaufman has images supplied by the Hidden app that show this man using a MacBook that was allegedly stolen from Kaufman's apartment. Through the use of Hidden, Kaufman was able to get some great pictures and the location of the computer, and posted those photos on his Tumblr. We picked this up after John Welch tweeted the link. The Oakland PD is apparently understaffed, so Kaufman is pinging the Oakland Mayor's office for help in retrieving his MacBook. In the meanwhile, consider this a Amber MacBook Alert. We're reaching out to the Oakland PD for comment. Update: We received confirmation that Josh Kaufman did file a police report on March 31, 2011, and that a MacBook was listed as part of the loss in the burglary.
Sony makes good, doles out identity protection activation codes for PSN and Qriocity users
Still feeling burned by Sony's record-breaking PlayStation Network outage? Fret not, promised reparations have arrived: a short form on the PlayStation website is now distributing activation codes for a free year of Debix AllClear ID Plus identity theft protection. The offer is good for all US PSN and Qriocity account holders who activate before June 28th, netting users up to $1 million in identity theft insurance coverage. Feel better? Hit the source link below to get your redemption code.
Xperia Play shipment to New Zealand stolen, Vodafone launch delayed (update: fake)
As if Sony Ericsson hasn't already had enough headaches with the Xperia Play. here comes Vodafone New Zealand with the announcement that its launch shipment of the gamer-friendly smartphone has been... stolen! We don't know how many Xperia Plays were in those crates, but it must take a pretty sophisticated operation to snatch up all of Voda's supply for an entire country. This slight hitch in transportation blatant lie follows an unexplained delay in shipments reaching the UK last month, and will compound shortages already caused by limited production capacity in Japan. Man, imagine how terrible this news might have been if the Play actually had any games worth playing. Update: It's all fake. Vodafone recently released some "security footage" of the "theft" in action, which only served to immediately incite outrage in viewers of the clip, and a Vodafone New Zealand spokesperson admitted to The Australian that the company made up the whole thing. For shame.
Sony offers free Debix identify theft protection for PSN and Qriocity hack victims in US
Sony's "Welcome Back" package of free software and PlayStation Plus subscriptions was a nice gesture, but it won't help you if your credit card gets fraudulently charged in the aftermath of the PlayStation Network debacle. That, however, is exactly what Debix is for. Sony's announced that it will provide a complimentary one-year subscription to Debix's "AllClear ID Plus" identity theft protection service to all PlayStation Network and Qriocity account holders in the United States, which will attempt to protect your personal data from harm, by both monitoring known criminal activity for your private digits and providing up to $1 million in ID theft insurance coverage. We've never used Debix, so we can't vouch for its reliability, and this particular plan admittedly doesn't look quite as comprehensive as the one Debix offers regular customers for $10 a month. Still, some peace of mind is a heck of a lot better than none, so we think we might take Sony up on its offer and sign up by the June 18th deadline. If you'd like to join us, you should find an activation code in your inbox before long.
Stolen Camera Finder promises to find your camera with EXIF data, probably won't
Stolen Camera Finder is a site that promises to find missing cameras, as long as they've been stolen by cooperative criminals. All you have to do is drag and drop a JPG photo taken with your lost camera, and Stolen Camera Finder will hunt for any matches on the web, using the image's EXIF data. To find matches, the site consults a database of photos posted on Flickr and elsewhere, though, without only one million images to its name, this database is still very much a work-in-progress (the tests we conducted came up dry). It's a nifty idea, but one that would probably pay dividends only under certain circumstances. For instance, the thief would have to take pictures with the camera (rather than selling it) and post the images online without wiping the EXIF data. In other words, he'd have to be someone willing to steal a camera purely for the sake of sharing undoctored self-shots on Flickr. We're not sure those people exist.
