- ‘American Dreamer’ is a frustratingly basic crime thriller starring Jim Gaffigan 7 Years Ago
- ‘Smallville’ star Tom Welling will play Superman once again Today 6:43 AM
- How old is Beto O’Rourke? Today 6:30 AM
- How to stream Chiefs vs. Ravens in NFL Week 3 action Today 6:08 AM
- How to stream Saints vs. Seahawks in NFL Week 3 action Today 5:46 AM
- Reddit Relationships: Man laughs at girlfriend for using Microsoft PowerPoint during sex Thursday 8:59 PM
- The 15 Brad Pitt movies you need to see now, ranked Thursday 8:26 PM
- Facebook could face legal action over the Area 51 event Thursday 6:50 PM
- How to stream Texans vs. Chargers in NFL Week 3 action Thursday 6:40 PM
- Tekashi 69 alleges Cardi B was a Bloods gang member Thursday 5:55 PM
- Right-wing sites falsely claimed group of Somalis attacked man in viral video Thursday 5:00 PM
- Big creators risk losing checkmarks amid YouTube verification purge Thursday 4:56 PM
- How to stream Eagles vs. Lions in NFL Week 3 action Thursday 4:52 PM
- How to stream Steelers vs. 49ers in NFL Week 3 action Thursday 4:10 PM
- How to stream Bills vs. Bengals in NFL Week 3 action Thursday 4:03 PM
Leaked Apple device IDs came from app developer, not FBI
Although AntiSec hackers claim they stole 1 million Apple device ID numbers from the FBI, a digital publishing company has come forward as the real source of the leak.
A Florida publishing company has taken responsibility for the leaked Apple device identification numbers that were originally claimed to be stolen from a FBI laptop.
Paul DeHart admitted to NBC News that around 1 million unique device identifier numbers, or UDIDs, were stolen from his company’s database and not from an FBI laptop cracked by Anonymous-affiliated hacker group AntiSec. The FBI previously denied having access to UDIDs, and Apple denied sharing the numbers with the agency.
To prove his company was the source of the leak, DeHart downloaded the data released by AntiSec and compared it to that on his company’s computers. There was a 98 correlation between both batches of information, DeHart told NBC.
“That’s 100 percent confidence level, it’s our data,” DeHart added. “As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this.”
UDIDs are regularly used by applications run on Apple devices as a way to identify users—for example, to send iMessages and push notifications to the proper device. While they are a quick and easy way for users to interact with software (often unknowingly) the UDIDs are extremely vulnerable, reported Aldo Cortesi, a researcher who has published numerous studies on the abuse of UDID since May 2011.
DeHart was tipped off to the security breach by independent researcher David Schuetz who believes the data was stolen sometime in the last two weeks. This further contradicts AntiSec’s claims that the information was stolen in March.
BlueToad is an app developer that provides services to more than 5,000 publishers, who have released more than 10,000 titles.
The company does not have plans to notify Apple users that their UDIDs have been compromised and doesn’t believe the leak is a major risk to user security.
“Honestly, the UDID information by itself isn’t harmful, as far as we know,” he told NBC. “I can’t say anything is impossible, but the reality is, to push notifications to a device, you need certain keys, certain Apple credentials. You have to have a developer’s account with Apple. … So there are lots of processes in place, measures to keep the average ‘anybody’ from being able to take UDIDs and begin doing something with that information.”
Image via BlueToad
Fernando Alfonso III served as an early Reddit and 4chan reporter and the Daily Dot’s first art director until 2016. He’s gone on to report at Lexington’s Herald-Leader and at the Houston Chronicle.