Escher Auernheimer, Goatse Security boss, is aiming to clear the air with a slightly ticked-off personal note
addressing AT&T's suggestions that that his company is packed to the brim with "malicious" hackers.
Publicly embarrassed by its latest public relations meltdown, AT&T immediately went on the offensive after a security problem was exposed and thousands of iPad user email addresses were compromised. In a formal note emailed to 3G iPad owners
, AT&T apologized for the breach and, to put it mildly, pointed a not-so-subtle finger at Goatse Security - you know, the company that exposed the problem to begin with. According to AT&T, “unauthorized computer ‘hackers’ maliciously exploited a function designed to make your iPad log-in process faster.”
Auernheimer - the head honcho of those unauthorized malicious hackers - says: "AT&T mailing so much of their subscriber base exposes a potential I have been suspicious of. They were likely not logging their httpd and had no idea how to verify the true scope of the disclosure, so they had to mail a huge number of customers." And, as many others concur today, "if not for our firm talking about the exploit to third parties who subsequently notified them, they would have never fixed it and it would likely be exploited by the RBN or the Chinese, or some other criminal organization or government.”
In exposing the problem, Auernheimer contends that his team did it as a "service to our nation." He doesn't find AT&T's response to the matter as honorable, arguing that not only should AT&T have known about the issue, but they should also have taken immediate and proactive steps to plug the leak, if you will, upon being informed of the problem.
“Given that, the number of parties which probably have active iPad exploits likely numbers in the hundreds, if not the thousands. The iPad simply is not a safe platform for those that require a secure environment,” he concluded.
Image via Goatse Security