General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsIf This Is True: Why Does FBI Have 12 Million Unique Device IDs On An Agent's Laptop??
@wikileaks: Anonymous claims all apple iPhones IDs held by FBI; entire list released Anonymous
http://pastebin.com/nfVT7b0Z
APNS tokens.
the original file contained around 12,000,000 devices. we decided a million would be
enough to release.
we trimmed out other personal data as, full names, cell numbers, addresses,
zipcodes, etc.
not all devices have the same amount of personal data linked. some devices
contained lot of info.
others no more than zipcodes or almost anything. we left those main columns we
consider enough to help a significant amount of users to look if their devices
are listed there or not. the DevTokens are included for those mobile hackers
who could figure out some use from the dataset.
file contains details to identify Apple devices.
ordered by:
Apple Device UDID, Apple Push Notification Service DevToken, Device Name,
Device Type.
We never liked the concept of UDIDs since the beginning indeed.
Really bad decision from Apple.
fishy thingie.
so the big question:
why exposing this personal data?
well we have learnt it seems quite clear nobody pays attention if you just come
and say 'hey, FBI is using your device details and info and who the fuck knows
what the hell are they experimenting with that', well sorry, but nobody will care.
FBI will, as usual, deny or ignore this uncomfortable thingie and everybody will
forget the whole thing at amazing speed. so next option, we could have released
mail and a very small extract of the data. some people would eventually pick up
the issue but well, lets be honest, that will be ephemeral too.
So without even being sure if the current choice will guarantee that people
will pay attention to this fucking shouted
'FUCKING FBI IS USING YOUR DEVICE INFO FOR A TRACKING PEOPLE PROJECT OR SOME
SHIT' well at least it seems our best bet, and even in this
case we will probably see their damage control teams going hard lobbying media
with bullshits to discredit this, but well, whatever, at least we tried and
eventually, looking at the massive number of devices concerned, someone should
care about it. Also we think it's the right moment to release this knowing that
Apple is looking for alternatives for those UDID currently and since a while
blocked axx to it, but well, in this case it's too late for those concerned
owners on the list. we always thought it was a really bad idea. that hardware
coded IDs for devices concept should be erradicated from any device on the
market in the future.
so now candy was delivered.
few words, and just a few, about how the shit came. we don't like too much
about disclosing this part, we understood it would be needed, so, fuck
whatever. lost asset. Hope it serves for something.
During the second week of March 2012, a Dell Vostro notebook, used by _ from FBI Regional Cyber Action
Team and New York FBI Office Evidence Response Team was breached using the
AtomicReferenceArray vulnerability on Java, during the shell session some files
were downloaded from his Desktop folder one of them with the name of
"NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS
devices including Unique Device Identifiers (UDID), user names, name of device,
type of device, Apple Push Notification Service tokens, zipcodes, cellphone
numbers, addresses, etc. the personal details fields referring to people
appears many times empty leaving the whole list incompleted on many parts. no
other file on the same folder makes mention about this list or its purpose.
Luminous Animal
(27,310 posts)piratefish08
(3,133 posts)without putting it on a laptop?
That would take, like, over a million index cards to store the info otherwise. He'd never be able to carry them around.
next question.
Hissyspit
(45,788 posts)But, yeah, they weren't secure, either.
Ellipsis
(9,124 posts)...as they pull stuff out of the ether.
jeff47
(26,549 posts)Some "hackers" really don't know what they're talking about.
dixiegrrrrl
(60,010 posts)Educate me, pls???
GeorgeGist
(25,322 posts)dixiegrrrrl
(60,010 posts)jeff47
(26,549 posts)All GSM-based cell phones have an IMEI (International Mobile Equipment Identity) built into the phone.
GSM is used everywhere in the world, except Japan and 1/2 of the US (Verizon and Sprint don't use it). The Japanese, Verizon and Sprint systems have an equivalent serial number.
EVERY cell phone on the planet has a hard-coded serial number. To complain about Apple's IDs means they don't know shit about cell phones.
dixiegrrrrl
(60,010 posts)I am one of the people who "don't know shit about cell phones.", living out here in the rural backwater.