As with all American presidents...
"[Self Proclaimed] Leader of the Free World"
As for the article; neither side are renowned for being trustworthy. I'll wait for a more thorough third party analysis of the data before jumping to any conclusions.
Hot on the heels of AntiSec’s claim that the purloined Apple device IDs it dumped to Pastebin came from the FBI, the G-men have flatly denied the story. In a statement e-mailed to the press, the FBI says simply: The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple …
I think the US has lost it's cold world power that arguable made it the leader of the "free world".
The problem is bad US leadership might be better than the current situation of no leadership.
Beer, because thats the only honest way to make things unclear.
Nah... I don't think it's theirs. I think it was probably ripped either by a fake, planted app, or from the database of an app company who harvested the data. Antisec had no other real use for it, so tied a false flag to it.
Consider:
The hackers were very adamant as to specifically where the data came from: The very public face of the FBI's anti-hacking spokesman. That was a little suspicious to start with. It's a blatant attempt to disgrace a 'public' enemy.
Why would the FBI have that data on that person's laptop? Specifically.
If it was for practical use for some sub-rosa purpose, it would/should not be on the laptop of someone who does lots of public presentations and carries it around.
If the FBI were doing some mass-analysis of Apple owners, they'd have more than just a small slice of incomplete user data, one would hope. It's 'not good enough' for a federal agency.
If you breached a PC with the data on an FBI machine, they'd be other tools with it, showing how the data was used. Who the hell would just take the database and not uncover the rest? That's just stupid. You'd pull down the whole house of cards and expose what was being done... unless of course it WASN'T from the FBI and there isn't a house of cards. Or unless you were somehow totally stupid.
They might not necessarily have the complete data set due to data protection laws, it could be that otehr investigates are being given access to cleansed data for analysis which allows much bigger teams to look at the data without security issues or data protection problems. Once a device of interest is identified it would then be matched up at a later stage for proper investigation.
"They might not necessarily have the complete data set due to data protection laws"
That makes no sense. They either have legal access to the (full) list, or they already rode roughshod over it and the partial list is illegal, so why not have the equally illegal full one?
"it could be that otehr investigates are being given access to cleansed data for analysis which allows much bigger teams to look at the data without security issues or data protection problems. Once a device of interest is identified it would then be matched up at a later stage for proper investigation."
If it were a pared-down special interest database, it would contain further information rather than raw data, or there would have been a second database containing that information. As-is, the list is DATA, and of no actual isolated use. Which brings us back to why - if this was on an FBI machine - did the hackers not pull any of the surrounding data that would have been incriminating.
If you've cleaned the database as you've described for so a broader base of investigators can use it., the data you'd clean is precisely the data they've released. I've not been involved in that data handling personally, but have done support work for such a group.
"If you've cleaned the database as you've described for so a broader base of investigators can use it., the data you'd clean is precisely the data they've released. I've not been involved in that data handling personally, but have done support work for such a group."
So why not release the dataset and tool used to manipulate said data?
Unless the hackers are a bunch of fucking liars...
"So why not release the dataset and tool used to manipulate said data?"
That's the whole idea of it, the two data sets would be stored independently. We work with massive data sets for fraud investigation and by not keeping the person identifiable information with the actual data you can get round some of the data protection rules which would otherwise make things more difficult and complicated.
Typically although not as stupidly as the FBI are being made out to be, the data we work with would just be sitting on the network in a folder, the identifiable information would be stored on a number of encrypted devices such as memory sticks which are then stored in audited safes throughout the various company sites with limited staff access. An analyst would go to the seniors says here's the evidence, here's the device id or record id and then a senior would check against the secure data.
One of the reason we also do this is to reduce the risk of data being compromised or even an investigation being compromised by someone spotting a friend is being investigted etc
I see two possible options.
Firstly, it's a real list and it was on a laptop being used by Spankme or whatever his name is, but it was a personal laptop and not an FBI one. Note that the FBI statement says explicitly that no FBI laptop was hacked, not that no laptop was hacked. What Spankme was doing with the list is anyone's guess - it might be that he has an app on the iTunes store and it collects UDIDs, or it may be a list recovered from as evidence and he was trying to work out what the hackers were doing with it.
Second option is that the list is from somewhere else and Anti-Sec are trying to discredit Spankme and the FBI by implying that the FBI has some dark scheme for spying on the fanbois. Why the FBI would want to keep tabs on the technically-challenged is again anyone's guess, but probably because they are a danger to themselves if they are silly enough to fall for the Apple sales-pitch.
Would you be allowed to carry evidence on a personal laptop in the FBI, though?
You can definitely sign me up for option 2. I appreciate everyone loves a conspiracy, but I just don't see the reason for it, and the tin-foil hat brigade haven't been able to summon a single logical argument, other than "Ah, well, they *would* deny it, wouldn't they?", which is frankly something more akin to what I'd expect from a religious fundamentalist.
Again with Occam's Razor: If it comes down to whose word do you trust, is the the law enforcement organisation, or professional criminals who like getting their name in the media?
This post has been deleted by its author
"If the FBI in no way had this list, I find it a weird co-incidence that within a week of this hack supposedly taking place, apple quickly implemented their plan to reject all new applications that in any way use the UDID."
I don't what that is but logical is what it certainly isn't.
Presumably the possibility that the list came from elsewhere than the FBI hasn't occurred to you then?
1) Obtain rather boring list of data from ISP or Apple or someone
2) Claim its from the FBI
3) Succeed in bigging up story beyond wildest dreams
In the US there is a felony (serious) law that makes lying to Federal officials an offence.
What they REALLY need is felony legislation that makes it illegal for Federal employees to lie to the public. That would shut them up.
How did he get the info on his laptop. The FBI uses encryption on their computers. The soft they uses encrypts all data that the PC writes to removable media.So unless the person took thier personal lap top to the feds to install the certificates, how did he get it on his laptop ?
At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.
Absence of evidence is not evidence of absence. There could simply be no evidence because they haven't looked yet, and they wouldn't technically be lying, but they still could have done it.
(Remember all those years the government said there was 'no evidence' that eating BSE-laden beef could cause vCJD - while simultaneously refusing to fund any experiments to look for such evidence?)
It wouldn't be the first time American agencies have lied and some have publicly admitted their lies. I seem to recall a government minister having to apologise for misleading the house because he'd been lied to by America.
Very specific denials that seem to mean one thing but actually mean something else are however favoured.
Anyone who takes what an agency says at face value is a fool.