FBI denies collecting Apple device IDs
Posted on 05 September 2012.
Following yesterday's claim made by AnitSec hackers that they have gotten ahold of a document containing a list of over 12 million Apple iOS devices - including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, ZIP codes, cellphone numbers, addresses, and more - after breaking into a computer used by an FBI agent, the agency has issued a resounding denial via Twitter:

It followed up with a statement saying that at this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.

The hackers published a redacted list of one million UDIDs, Apple Push Notification Service DevTokens, device names and device types in order to prove that the list exists, and according to some security experts such as e-crime specialist with CSIS Security Group Peter Kruse, who went through the trouble of verifying if their devices are on the list, it contains accurate information.

With that question seemingly answered, more important ones arise. Have the hackers really found it on an FBI computer? There is no concrete evidence that proves they did.

An agent named Christopher K. Stangl does work for the Regional Cyber Action Team and the New York FBI officeís Evidence Response Team, but that information could have been easily discovered by the hackers in some other way that doesn't include hacking his computer.

And the name of the downloaded document - NCFTA_iOS_devices_intel.csv - could point to the National Cyber Forensics and Training Alliance, a non-profit corporation backed by the FBI (among others), but that also doesn't prove anything.

As many Internet users have already pointed out, it was to be expected that the FBI would deny having anything to do with this list, and it will be hard to prove otherwise.

Still, the hackers have accomplished their goal by making users wonder about it all - and getting Gawker's Adrian Chen in a ballet tutu.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th