Did Hackers Frame the FBI for the Massive Leak of Apple Users' Data?

The Citizen's Guide to the Future
Sept. 4 2012 5:42 PM

Did Hackers Frame the FBI for the Massive Leak of Apple Users' Data?

113879440
A customer types on a MacBook laptop at an Apple Store in 2011.

Photo by Justin Sullivan/Getty Images

In reports circulating today, hackers claim to have breached an FBI special agent’s laptop and siphoned data from it. The hackers allege that on the computer they found a database file containing identity information about more than 12 million Apple mobile devices and their users.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

But wait. The FBI issued a statement saying it had “no evidence” of the breach or that any such data were sought or obtained by the agency. When I asked a hacker affiliated with AntiSec, the hacking collective claiming responsibility, I was told “there will be no direct comments about the acquisition.”

Advertisement

The origin of the leak now seems sketchy. However, its contents appear to be genuine. Denmark-based security researcher Peter Kruse says he has identified his own iPhone and two iPads stored within the trove.

Among the information stored on the database, the hackers say, is a long list of UDID codes—unique numbers that identify every Apple device, including iPhones and iPads—plus user names, Apple Push Notification Service tokens, ZIP codes, cell phone numbers, and addresses. (Remember UDID codes? Apple began phasing them out after it was revealed last summer that they were  sent to app developers without a user’s knowledge.)

In 2011, Aldo Cortesi, CEO of security consultancy Nullcube, found that UDID codes could be used to find “usernames, email addresses, GPS locations, and even Facebook profiles” attached to a phone. Commenting on the leaked data to Techcrunch, Cortesi said, “If your UDID is on the list, you have reason to be very concerned.” On the other hand, Macrumours suggests, “UDIDs themselves are rather harmless in isolation” and pose a privacy risk only when used in conjunction with other information.

Either way, it seems feasible that the huge quantity of data obtained by the hackers could be used for nefarious purposes—and while they may not have come from an FBI laptop, they could hypothetically prove useful to a law enforcement agency. Christopher Soghoian, principal technologist at the ACLU, said having a database of UDID codes might help a law enforcement agency identify people more quickly in the course of investigations, allowing them to obtain data they might have to otherwise wait to obtain from a telecom company.

Even if the information can’t necessarily be used to track movements or log GPS locations, as the hackers have themselves claimed, it’s difficult to think of any justification the FBI or another government agency could have for storing it. According to Soghoian, “If the database is in the possession of law enforcement, it is quite likely that the majority of the people on it have committed no crime and have no business being on any law enforcement database.”

Still, at this point there are—as we journalists like to say—more questions than answers. The hackers themselves are not giving interviews; the FBI is denying the hack took place. Some have cast doubt on the hackers’ claims by suggesting the leak could even be part of an elaborate disinformation plot (presumably to get one over on the FBI for its role in arresting and jailing a number of hackers). Stranger things have happened. The only real certainty is that a large database has been leaked, and if you own any Apple devices, you might be on it. If you’re concerned, you can check here.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Jurisprudence

Scalia’s Liberal Streak

The conservative justice’s most brilliant—and surprisingly progressive—moments on the bench.

Colorado Is Ground Zero for the Fight Over Female Voters

There’s a Way to Keep Ex-Cons Out of Prison That Pays for Itself. Why Don’t More States Use It?

The NFL Explains How It Sees “the Role of the Female”

The Music Industry Is Ignoring Some of the Best Black Women Singing R&B

Culturebox

Theo’s Joint and Vanessa’s Whiskey

No sitcom did the “Very Special Episode” as well as The Cosby Show.

Television

The Other Huxtable Effect

Thirty years ago, The Cosby Show gave us one of TV’s great feminists.

Cliff Huxtable Explains the World: Five Lessons From TV’s Greatest Dad

Why Television Needs a New Cosby Show Right Now

  News & Politics
Weigel
Sept. 18 2014 8:20 PM A Clever Attempt at Explaining Away a Vote Against the Farm Bill
  Business
Moneybox
Sept. 18 2014 6:02 PM A Chinese Company Just Announced the Biggest IPO in U.S. History
  Life
The Slate Quiz
Sept. 18 2014 11:44 PM Play the Slate News Quiz With Jeopardy! superchampion Ken Jennings.
  Double X
Doublex
Sept. 18 2014 8:07 PM Crying Rape False rape accusations exist, and they are a serious problem.
  Slate Plus
Behind the Scenes
Sept. 18 2014 1:23 PM “It’s Not Every Day That You Can Beat the World Champion” An exclusive interview with chess grandmaster Fabiano Caruana.
  Arts
Brow Beat
Sept. 18 2014 4:33 PM The Top 5 Dadsplaining Moments From The Cosby Show
  Technology
Future Tense
Sept. 18 2014 6:48 PM By 2100 the World's Population Could Be 11 Billion
  Health & Science
Science
Sept. 18 2014 3:35 PM Do People Still Die of Rabies? And how do you know if an animal is rabid?
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.