In a statement released on Tuesday September 4th, the FBI said, “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”
However, this weekend, the hacker group AntiSec released an encrypted file that contained 1 million of the 12 million Apple device IDs and device names that the group said was obtained from an FBI computer they hacked. The hackers claim the original file contained 12 million IDs, including personal information, but they chose to releas only 1 million (minus the personal data) in an encrypted file and published it on torrent sites.
The hackers state in their post that they released the Apple UDIDs so that people would know that the FBI may be tracking their devices and also because, “we think it’s the right moment to release this knowing that Apple is looking for alternatives for those UDID currently … but well, in this case it’s too late for those concerned owners on the list.” Apple has been called out numerous times for hard-coding the IDs in devices, since they can be misused by application developers and others to identify a user, when combined with other personal information, and track them. Last April, Apple began rejecting applications that track their UDIDs.
In case you are concerned that your UDID has been leaked, the Next Web has developed a tool for users to check if their Apple UDID is among those that the hackers released over the weekend. For years I have had to listen to MAC users tell me how they do not get viruses and that the PC is a bad knock off of Apple's design, and I am not totally in disagreement here, but all technology has design flaws and given time and desire, someone will find a way to exploit it. This once again comes down to how the company will react and modify their behavior to protect consumes and enterprises.
While we may see this issue as being exclusively related to the consumer who buys the Apple product, more and more enterprises are permitting employees to their bring your own devices to use at the company, this equipment will find its way on to the enterprise network and can potentially compromise corporate data.
Frank Toscano is a 15+ year specialist in cloud based services focusing on Product Management, Marketing and Security within the Cloud. He has worked for EasyLink Services and Premiere Global Services in a global role providing hosted services to Fortune 1000 clients. He is currently seeking employment with a cloud based provider in a senior level Product/Marketing role.
No comments:
Post a Comment