Apple, Business, Cloud Computing, Companies

Millions of Stolen Apple UDIDs Were Not Given to FBI by Apple

According to a paste-bin posting on which was tweeted by the Anonymous Twitter account, Anonymous is seeking to clear up some of the unknowns regarding the 12 million UDIDs that they have on hand that they claim to have obtained by hacking the FBI.

Both the FBI and Apple deny any involvement nor claim any responsibility for the situation. They claim to have struggled with being able to prove anything beyond the 1 million UDIDs that they had initially posted. They explain that they have an elaborate method of proving that there are an additional 11 million UDIDs, but the real truth is that it doesn’t matter how many they have. The fact that they obtained 1 million is enough to prove credibility alone.

The real issue, the issue that Anonymous themselves would like addressed is the security hole of Apple’s that they claim is the reason why the FBI supposedly was able to obtain 12 million UDIDs. They state,

"about Apple, if u read the PR again, we has never said Apple gave this shit to FBI retards. we said it was a really bad decision go ahead on the deployment of such UDID concept. we hope they address this privacy issue as quick they can. Also we suggest they should review iTunes( for computers) deployment of similar concepts, last time we checked, that was a while ago. they were using hardware related references (like ethernet MAC addresses) to produce a hash to identify computers as associated workstations for an itunes account. just to mention an example of similar practices related to use of hardware linked references to identified systems."

By the looks of it, Anonymous is definitely not putting all of the blame on Apple for this issue, however it does appear that Apple implemented a system that is likely flawed in its security. Since Apple finds the need to lock down and DRM their content, they obviously do have to identify devices connecting to those accounts and limit those accounts to those 5 devices. Perhaps, if Apple’s content delivery were not so totalitarian they may not have to collect data about users’ devices and create an inherently insecure system.

Nevertheless, we are glad to hear that Anonymous has cleared up this issue for us and told us that Apple didn’t simply hand over the alleged UDIDs to the FBI. Hopefully Apple is aware of this issue and is trying to do something to patch up any holes that might exist in any of their apps or DRM systems.