|
|
Gawker hits back at Apple--exposes massive security breach
|
|
|
|
Addicted to MacNN
Join Date: Apr 2005
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Jun 2001
Location: Northwest Ohio
Status:
Offline
|
|
Originally Posted by Kerrigan
Um... how is this Apple's fault? It was AT&T that got hacked, not Apple.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
Apple has absolutely nothing to do with this, other than that the hackers singled out the iPads' ICC IDs because they were easy to guess.
They could just as easily have pulled out all Sony-Ericsson or Nokia N97 users.
Also, salient quotes for those who don't wish to give these assholes any more hits:
The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel's information was compromised.
It doesn't stop there. According to the data we were given by the web security group that exploited vulnerabilities on the AT&T network, we believe 114,000 user accounts have been compromised, although it's possible that confidential information about every iPad 3G owner in the U.S. has been exposed. We contacted Apple for comment but have yet to hear back. We also reached out to AT&T for comment. A call to Rahm Emanuel's office at the White House has not be returned.
[....]
****** Security obtained its data through a script on AT&T's website, accessible to anyone on the internet. When provided with an ICC-ID as part of an HTTP request, the script would return the associated email address, in what was apparently intended to be an AJAX-style response within a Web application. The security researchers were able to guess a large swath of ICC IDs by looking at known iPad 3G ICC IDs, some of which are shown in pictures posted by gadget enthusiasts to Flickr and other internet sites, and which can also be obtained through friendly associates who own iPads and are willing to share their information, available within the iPad "Settings" application.
To make AT&T's servers respond, the security group merely had to send an iPad-style "User agent" header in their Web request. Such header identify users' browser types to websites.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
So they got some email addresses from AT&Ts server.
I don't see how this is specific to the iPad though.
Shouldn't that have worked with any 3G device on AT&Ts network ?
-t
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Apr 2005
Status:
Offline
|
|
I don't think this is Apple's fault either. But Gawker is obviously spinning this story for maximum negative impact.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2001
Location: detroit,mi,usa
Status:
Offline
|
|
Gawker's ass is hurting because apple wouldn't let them into the WWDC to see the stevenote.
At some point in the iphone debacle (besides a few other examples of shit journalism) I stopped going to gizmodo. I was wondering today if anything changed. Apparently not.
Clickbait headline if I ever saw one.
OH. And the story is written by the journalist who got all snippy with Jobs, without identifying himself as being with the media. Cute.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
They probably saw their hits drop off to quite a bit below what they were before the iPhone theft, once the initial brouhaha was over.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2001
Location: detroit,mi,usa
Status:
Offline
|
|
I would imagine so. They were asking people going to the stevenote to feed them info. They ended up just reposting stuff from other websites feeds. What a joke.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2002
Location: Durham, NC
Status:
Offline
|
|
Yeah, I can see how Apple people would be rightly annoyed or even, as Gawker says, embarrassed about this. But the article’s title—calling the breach Apple’s—is downright misleading.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Sep 2000
Location: Isle of Manhattan
Status:
Offline
|
|
I posted in the other thread, but the media needs to get their sh*t together before yelling out "Apple's worst security breech" and stuff like "suffered another embarrassment" (what was the first embarrassment?) Gawker sucks.
|
"Faster, faster! 'Till the thrill of speed overcomes the fear of death." - HST
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Oct 2001
Location: BFE
Status:
Offline
|
|
Since when is an email address a security breach?
|
I'm a bird. I am the 1% (of pets).
|
|
|
|
|
|
|
|
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status:
Offline
|
|
Originally Posted by osiris
I posted in the other thread, but the media needs to get their sh*t together before yelling out "Apple's worst security breech" and stuff like "suffered another embarrassment" (what was the first embarrassment?) Gawker sucks.
Steve's point about not wanting a nation of bloggers seems apt.
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Jan 2006
Location: Colorado
Status:
Offline
|
|
Originally Posted by Eriamjh
Since when is an email address a security breach?
Are you being sarcastic? It's always been a breach. Hackers like this make millions off of selling email addresses to spammers.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2002
Location: PDX
Status:
Offline
|
|
Its a security breach because it was information that was supposed to be secure. It could've been iPad users' favorite colors or hair color or any other piece of information, but if it was supposed to be secured and someone got to it, then its a security breach.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2001
Location: detroit,mi,usa
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2001
Location: detroit,mi,usa
Status:
Offline
|
|
Originally Posted by osiris
I posted in the other thread, but the media needs to get their sh*t together before yelling out "Apple's worst security breech" and stuff like "suffered another embarrassment" (what was the first embarrassment?) Gawker sucks.
Who do you think got more clicks? The people who put apple in the headline or the people who put at&t in the headline?
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Apr 2007
Location: Iowa, how long can this be? Does it really ruin the left column spacing?
Status:
Offline
|
|
Technology - Bits Blog - NYTimes.com
I added the spaces.
The hacking group, G o a t s e Security, found that a program on AT&T’s Web site, when given an iPad’s ID number, would return the owner’s e-mail address. It used a script that could guess IDs and collect the associated e-mail addresses. The group eventually notified AT&T of the breach, and the security hole was closed.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Spheric Harlot
Apple has absolutely nothing to do with this, other than that the hackers singled out the iPads' ICC IDs because they were easy to guess.
They could just as easily have pulled out all Sony-Ericsson or Nokia N97 users.
Also, salient quotes for those who don't wish to give these assholes any more hits:
What makes them assholes?
|
|
|
|
|
|
|
|
|
Posting Junkie
Join Date: Jan 2006
Location: Colorado
Status:
Offline
|
|
Originally Posted by scaught
Millions per year, sure.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
Originally Posted by Eriamjh
Since when is an email address a security breach?
You don't do privacy, do you?
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
Originally Posted by besson3c
What makes them assholes?
Read the other thread on this.
Re: CES prank, iPhone prototype theft and fencing, whining about not being allowed in anymore, and now sensationalising this as an iPad problem. Their article is a blatant attempt to damage Apple out of a juvenile sense of revenge.
(
Last edited by Spheric Harlot; Jun 11, 2010 at 02:08 AM.
)
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Spheric Harlot
Read the other thread on this.
Re: CES prank, iPhone prototype theft and fencing, whining about not being allowed in anymore, and now sensationalising this as an iPad problem. Their article is a blatant attempt to damage Apple out of a juvenile sense of revenge.
It's business. Why use such strong language in moral/personal terms? They are just a company, as is Apple. This is what companies do, no? Do you really think that Apple doesn't pull underhanded stunts of their own?
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
No, this is not what companies do. It's what dumb kids do before they grow out of it.
Brian will get slammed for extortion, and that other guy will probably be convicted of fencing stolen goods.
Exposing the name of the engineer who lost the phone isn't "what businesses do", either. That's simply people being complete assholes, and they would have got charged with privacy violations, had they pulled that idiocy in Europe.
"Companies" generally have legal counsel. These guys are kids thinking they're running a business.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Fair enough, I thought that Gawker was bigger than that.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2001
Location: CO
Status:
Offline
|
|
[QUOTE=Spheric Harlot;3976183
"Companies" generally have legal counsel. These guys are kids thinking they're running a business.[/QUOTE]
Companies that will survive in long run at least have a legal *clue*.
And, @besson: Bigger than what? The entire "found"/stolen iPhone reeked of "pulled off by a 'gang that couldn't shoot straight.' " They're great at garnering publicity. But I'll never look to them for anything approaching journalism (let alone integrity).
|
TOMBSTONE: "He's trashed his last preferences"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|