Skip to: Content
Skip to: Site Navigation
Skip to: Search


Horizons

Apple, FBI play down alleged Anonymous hack

Anonymous says it obtained a bunch of iPhone and iPad user IDs. Not so, counter the FBI and Apple. 

By Matthew Shaer / September 5, 2012

Apps are shown on the screen of an Apple iPhone.

Reuters

Enlarge

Over the weekend, the "hacktivist" group Anonymous released a cache of more than a million of what it said were Apple Unique Device Identifiers, or UDIDs, which were apparently stored on a computer owned by an FBI agent. At least a few security professionals think the breach might be for real. But today the FBI sought to distance itself from the Anonymous allegations – if not refute them altogether. 

Skip to next paragraph

Recent posts

"The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed," the agency said in a statement. "At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data."

As Anonymous partisans have gleefully noted, there's a little wiggle room here: "no evidence" is different from "it never happened." 

Meanwhile, Apple has issued its own statement on the hack.

"The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization," Natalie Kerris, an Apple spokeswoman, told The New York Times. "Additionally, with iOS 6, we introduced a new set of [application programming interfaces] meant to replace the use of the UDIDs and will soon be banning the use of UDIDs." 

In summary: Apple says it didn't give the UDIDs to the FBI and the FBI says it (probably) never had the UDIDs.

So should we be worried?

Well, sort of. Anonymous, it's worth noting, has only released a series of UDIDs, not the names and addresses associated with those UDIDs. Still, says Rob Rachwald, director of security strategy at Imperva, that doesn't mean Apple users aren't at risk. 

"If the hackers have what they claim, they may be able to cross-reference the breached data to monitor a user's online activity – possibly even a user's location," Rachwald told Information Week. "To be clear, the released database is sanitized so you cannot perform this type of surveillance today. But with the full information that hackers claim to have, someone can perform this type of surveillance. This implies that the FBI can track Apple users."

Permissions

  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer

 

Doing Good

 

What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

 
 
Become a fan! Follow us! Google+ YouTube See our feeds!