- How to watch Danny Garcia vs. Adrian Granados for free 7 Years Ago
- The ‘Feeling Cute Challenge’ turns ugly after correctional officers abuse it Today 7:30 AM
- How to watch ‘How High 2’ for free Today 7:00 AM
- Swipe This! My ex-BFF keeps sliding into my DMs, but I don’t want to be friends Today 6:30 AM
- Watch ‘I Am Somebody’s Child: The Regina Louise Story’ for free Today 6:00 AM
- How to watch Barcelona vs. Real Sociedad for free Today 6:00 AM
- How to stream UFC Fight Night 149 for free Today 5:30 AM
- PDF Association dunks on Mueller report PDF Friday 7:33 PM
- Robert Downey Jr. says ‘Endgame’ finale is ‘best 8 minutes’ of any MCU film Friday 4:42 PM
- Elizabeth Warren calls on Congress to impeach Trump Friday 3:43 PM
- BlackBerry Messenger is still a thing—but not for much longer Friday 2:56 PM
- Matt Gaetz hires speechwriter fired by White House for attending white nationalist event Friday 1:33 PM
- Here’s why Elon Musk is a sheep on Twitter Friday 12:14 PM
- Trump is already running Facebook ads on the Mueller report Friday 12:07 PM
- 20 thoughtful gifts grads actually want Friday 12:00 PM
Although AntiSec hackers claim they stole 1 million Apple device ID numbers from the FBI, a digital publishing company has come forward as the real source of the leak.
A Florida publishing company has taken responsibility for the leaked Apple device identification numbers that were originally claimed to be stolen from a FBI laptop.
Paul DeHart admitted to NBC News that around 1 million unique device identifier numbers, or UDIDs, were stolen from his company’s database and not from an FBI laptop cracked by Anonymous-affiliated hacker group AntiSec. The FBI previously denied having access to UDIDs, and Apple denied sharing the numbers with the agency.
To prove his company was the source of the leak, DeHart downloaded the data released by AntiSec and compared it to that on his company’s computers. There was a 98 correlation between both batches of information, DeHart told NBC.
“That’s 100 percent confidence level, it’s our data,” DeHart added. “As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this.”
UDIDs are regularly used by applications run on Apple devices as a way to identify users—for example, to send iMessages and push notifications to the proper device. While they are a quick and easy way for users to interact with software (often unknowingly) the UDIDs are extremely vulnerable, reported Aldo Cortesi, a researcher who has published numerous studies on the abuse of UDID since May 2011.
DeHart was tipped off to the security breach by independent researcher David Schuetz who believes the data was stolen sometime in the last two weeks. This further contradicts AntiSec’s claims that the information was stolen in March.
BlueToad is an app developer that provides services to more than 5,000 publishers, who have released more than 10,000 titles.
The company does not have plans to notify Apple users that their UDIDs have been compromised and doesn’t believe the leak is a major risk to user security.
“Honestly, the UDID information by itself isn’t harmful, as far as we know,” he told NBC. “I can’t say anything is impossible, but the reality is, to push notifications to a device, you need certain keys, certain Apple credentials. You have to have a developer’s account with Apple. … So there are lots of processes in place, measures to keep the average ‘anybody’ from being able to take UDIDs and begin doing something with that information.”
Image via BlueToad
Fernando Alfonso III served as an early Reddit and 4chan reporter and the Daily Dot’s first art director until 2016. He’s gone on to report at Lexington’s Herald-Leader and at the Houston Chronicle.