The Original Gay Porn Community - Free Gay Movies and Photos, Gay Porn Site Reviews and Adult Gay Forums

  • Welcome To Just Us Boys - The World's Largest Gay Message Board Community

    In order to comply with recent US Supreme Court rulings regarding adult content, we will be making changes in the future to require that you log into your account to view adult content on the site.
    If you do not have an account, please register.
    REGISTER HERE - 100% FREE / We Will Never Sell Your Info

    PLEASE READ: To register, turn off your VPN (iPhone users- disable iCloud); you can re-enable the VPN after registration. You must maintain an active email address on your account: disposable email addresses cannot be used to register.

  • Hi Guest - Did you know?
    Hot Topics is a Safe for Work (SFW) forum.

Apple iPad iLeak

Beachguyj

Beachguyj

Is the King of JUB
Joined
Nov 24, 2008
Posts
7,470
Reaction score
44
Points
0
Location
Near Fort Bottomdale
http://gawker.com/5559346/

Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. They—and every other buyer of the cellular-enabled tablet—could be vulnerable to spam marketing and malicious hacking.

The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel's information was compromised.

It doesn't stop there. According to the data we were given by the web security group that exploited vulnerabilities on the AT&T network, we believe 114,000 user accounts have been compromised, although it's possible that confidential information about every iPad 3G owner in the U.S. has been exposed.
 
to be fair - this is at&t's fault, not apple's.

however .. i wonder what app was that problem and if other apps use the same "security" mechanism that they exploited. after all those apps must have been screened by apple before ..

When provided with an ICC-ID as part of an HTTP request, the script would return the associated email address, in what was apparently intended to be an AJAX-style response within a Web application. The security researchers were able to guess a large swath of ICC IDs by looking at known iPad 3G ICC IDs, some of which are shown in pictures posted by gadget enthusiasts to Flickr and other internet sites, and which can also be obtained through friendly associates who own iPads and are willing to share their information, available within the iPad "Settings" application.

To make AT&T's servers respond, the security group merely had to send an iPad-style "User agent" header in their Web request. Such headers identify users' browser types to websites.

The group wrote a PHP script to automate the harvesting of data.
Click to expand...

very interesting. the icc id is used for authentification. and that number is simply incremental when you have one valid number. also we now have an icc id -> person match for several important persons :)

and that my friends is why closed systems are bad, bad bad.
 
Corny, I have no idea what you just said.

All I got was... it's "bad, bad bad".

Holding off on getting iPad. I see the next iteration as having the camera on the front like iPhone 4.
 
It's funny how that didn't happen in Canada or anywhere else in the world. I wonder, does Apple ship different products here?

OH NO! It turns out it is just crappy AT&T, screwing over only Americans.
 
the best part about this entire thing is that "Goatse Security" found this "huge hole" :lol:
 
Interesting. The hackers handed it over to Gawker. The same Gawker that owns Gizmodo...


iPad e-mail hackers defend attack as 'ethical'
Computerworld
By Gregg Keizer
June 11, 2010

Computerworld - The hackers who harvested an estimated 114,000 Apple iPad 3G owner e-mail addresses defended their actions Friday as "ethical" and said they did nothing illegal.

The hacking group Goatse Security obtained the e-mail addresses using an automated PHP script that collected iPad 3G owners' ICC-ID numbers and associated addresses from AT&T's servers using a publicly-available feature of the carrier's Web site.

AT&T disabled the feature last Tuesday, a day before the Valleywag Web site first reported the story.

"We believe what we did was ethical," said Goatse member Escher Auernheimer in a telephone interview today. "What we did was right."

(...)

Instead, Goatse contacted Gawker Media, the company that operates ValleyWag and other technology sites and blogs.

http://www.computerworld.com/s/article/9177991/iPad_e_mail_hackers_defend_attack_as_ethical_
Click to expand...
 
Heh.... I really like my iPad.... but I'm disappointed with how Apple handled the Gizmodo thing.
 
You must log in or register to reply here.
Back
Top