• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Apple Denies Giving UDIDs to FBI


    As MMi reported Tuesday, iOS device owners were given a jolt by reports that their UDID may have been leaked to the public.

    Taking credit for the act was a group of hackers known as Antisec. They claimed to gave have exploited a file on the computer of an FBI agent - a move that allegedly helped them leak over one million unique device identifiers (UDID) that were contained in the particular computer file.

    Not surprisingly, this development prompted a number of interesting questions and troubling concerns. For starters, why was this information supposedly on an FBI computer? Also, who gave the information to the agency? Was it Apple?

    Today, some - but far from all - of the questions are being answered. In this case, it's Apple doing the answering. For now, the iDevice maker denies having given the FBI any of the sensitive information found in the hack attack.

    "The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization. Additionally, with iOS 6 we introduced a new set of APIs meant to replace the use of the UDID and will soon be banning the use of UDID,” Apple spokeswoman Natalie Kerris tells All Things D.

    For now, the FBI is calling details of this hack job false, adding that “at this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”

    Source: All Things D
    This article was originally published in forum thread: Apple Denies Giving UDIDs to FBI started by Michael Essany View original post
    Comments 28 Comments
    1. waheedtarin's Avatar
      waheedtarin -
      [...] the illuminati....... Lol
    1. unison999's Avatar
      unison999 -
      Quote Originally Posted by Modding life View Post
      Lol you are right about that but to get
      Authority for all them uuids would be hard as hell
      We will see if it is legal or not, there will be an investigation on this.
      I am sure Antisec would not have a problem releasing data as to which computer they took the data from.
      With that data one can locate where this computer is and if it did come out of FBI, if it did and it was obtained illegally then heads will roll.
    1. spooneditr's Avatar
      spooneditr -
      Quote Originally Posted by raduga View Post
      ha, no.

      It was SAMSUNG who stole the UDIDs, and used them to infringe on Apple's patents, Samsung tried to work out a deal with the FBI to avoid criminal liability, but that fell through and the FBI seized the list outright.

      FBI is mostly correct. There was never any stolen laptop. A rogue agent deliberately leaked the codes to Antisec, allegedly "for teh lulz".
      I like this idea! Lol
    1. smooth22's Avatar
      smooth22 -
      Either way Im sure there spying on us...
    1. cpotoso's Avatar
      cpotoso -
      Quote Originally Posted by unison999 View Post
      Why would you presume it would be illegal.
      If FBI have a reason to get UDID and the judge they went to who gave them the authority to get it from Apple, it would be totally legal for FBI to have these UDID.
      12 M UDIDs? Are you serious that this was reviewed by a judge???
    1. brokentwice's Avatar
      brokentwice -
      And in other news mattel Released The hover board
    1. Orby's Avatar
      Orby -
      Quote Originally Posted by Modding life View Post
      Lol you are right about that but to get
      Authority for all them uuids would be hard as hell
      It's called a subpoena. "The FBI needs more information on the users of these [twelve million] devices, identified by their UDIDs or the device information of these [twelve million] users. This information is important to national security, and cannot be further discussed due to its classified nature." Signed by a Federal judge, and boom. That was easy. Again, assuming Apple is the original source of the information and a subpoena was how the information was obtained.

      Quote Originally Posted by unison999 View Post
      The other post in this thread I was guessing how/why FBI have UDID or even if they are legitimate UDID.
      UDID I can not control/change/secure it, even if something happen to it it is Apple's fault. If something happen to my account, Apple will be responsible for any damages. Just waiting for Samsung or htc to come out with something after iPhone 5 release, then I will switch out of iOS device and change my data to bogus info so there would not be a security issue even if someone hacks into Apple to get it.

      Something to think about:
      If hackers got legitimate UDID and Apple said they did not give them to FBI, then there is security issues with Apple because FBI or someone else hacked into Apple for them. I said someone else because FBI might have caught someone and this is evidence the hackers hacked into.
      ...You do realize that the UDID on Apple devices wasn't ever considered "secret" and was until last year (and still is by a few apps, mostly Apple-made) used by developers to set up push notifications, among other things, right? There is not a lot an evil party can do with a UDID aside from possibly intercepting push notifications intended for your device (or access services that use UDID as the sole access for authentication--which is a security issue with the application).

      Many legitimate developers (who aren't Apple) had or have databases of these values so their customers' apps work as well as they should. Their use has since been obviated and replaced by a pseudo-random number generated on an iOS device's first boot. Further, it's trivially easy to figure out a UDID knowing only an iOS devices serial number, MAC addresses, and ECID.

      Android devices, for example, have equally unique, equally essential information, such as Android ID or android.os.build.SERIAL (plus IMEI/MEID, MAC addresses, etc.) Most of these values cannot be changed by the user (the Android ID, like the Apple solution currently, can be changed following a factory reset or manually set by a user on a custom ROM).
    1. javiert30's Avatar
      javiert30 -
      "For now, the FBI is calling details of this hack job false, adding that “at this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”


      Like they are going to tell you...