Following the leak of a million Apple UDIDs, a US app developer has come forward saying it is the source of the leak. It says the FBI never had the data, and the full set is “only” 2 million entries rather than the 12 million AntiSec claimed.
Following the leak of a million Apple UDIDs, a US app developer has come forward saying it is the source of the leak. It says the FBI never had the data, and the full set is “only” 2 million entries rather than the 12 million AntiSec claimed.
I think the answer is some where in these links:
http://www.schneier.com/blog/archives/2012/08/is_iphone_secur.html
https://media.blackhat.com/bh-ad-11/Belenko/bh-ad-11-Belenko-iOS_Dat…
I didn’t see the Blackhat talk, reading slides is always somewhat misleading but:
“Passcode key computation utilizes new hardware
key UID+”
So my guess is, the iPhone uses encryption and the UDID is like a shared key between the iPhone, Apple and this company (I assume working for the FBI or other US-government agency).
If AntiSec’s claims are true then it should be no problem to release all 12 million ID codes. That way we know if this is FUD from our oh so honest Government or BS from AntiSec.
Lorin,
You are right, but if these crackers don’t want us to know, then we’ll be hard pressed to uncover the facts. Just because BlueToad identified itself as a source doesn’t necessarily mean that it is the sole source of the leaks.
Edited 2012-09-12 01:54 UTC
It is a shame they claim to be only for computer security but are really in it for publicity. They knew the FBI didn’t provide the data yet they wanted us to believe it. They get their kicks off it like some crooks do. Not the crime but the attention. This makes them only scum sucking slim, not the do gooders they claim to be.