back to article E-publisher 'fesses up: 'Apple UDIDs were ours'

It seems both Apple and the FBI were telling the truth: the Apple UDIDs published last week didn’t come from either organization, with an American e-publisher posting a statement that the data was stolen from its systems. The five-year-old BlueToad, based in Orlando, Florida, says the UDIDs that were posted to Pastebin matched …

COMMENTS

This topic is closed for new posts.
  1. toadwarrior
    Trollface

    How much did the FBI pay them to say that?

    1. Aaron Em
      Trollface

      Not a single thin dime

      Apple, on the other hand --

  2. Turtle

    Discontinued.

    "The publisher says it has discontinued the collection and reporting of UDIDs."

    If it is possible for them to conduct business without collecting UDIDs, then why were they collecting them in to begin with?

    Aside from the usual idea of there being penalties for not protecting user data, there should be more severe penalties for not protecting user data that was not needed in the first place.

    1. Aaron Em

      Probably debug logs

      It's awfully useful to be able, when some random user calls and complains about "this happened, then this happened, then it caught on fire and screamed demonically while shooting rubber bands at my cat", to be able to tie that problem report unambiguously to a set of log entries saying "this happened, then this happened, then the user totally fucked up".

      Using UDIDs to do said tying might not have been the best idea. On the other hand, this being a "privacy violation" on the same tempest-in-a-tiny-teapot level as most others we've heard about here and everywhere else, I fail to see why anyone should really give a damn.

      1. Matt Hamilton

        Re: Probably debug logs

        Then just use a hash of the UDID and not the UDID itself.

        -Matt

    2. Fred Flintstone Gold badge

      Re: Discontinued.

      If it is possible for them to conduct business without collecting UDIDs, then why were they collecting them in to begin with?

      Because they maybe are not in a nation that has any sensible and/or enforced Data Protection laws? Just guessing.. This is a *CLASSIC* example of how collecting too much data creates risks for those whose data it is. Are you listening, intercept promoting politicians?

  3. Anonymous Coward
    Anonymous Coward

    So let me get this right...

    Not only did these 'hacktivists' break into some system in the name of some higher justice, they then lied about whose system they hacked to make the FBI look bad?

    Who knew that such proponents of speaking truth to power would tell fibs.

    1. Aaron Em

      Re: So let me get this right...

      Oh, don't be a troll. We all know deceit is perfectly virtuous in the service of Higher Truth.

  4. Anonymous Coward
    Anonymous Coward

    Riiiiiight..

    Sure its from a publisher, the FBI does not do any surveillance and Apple has never ever had any spyware.

    cough*bullshit*cough.

    Damn allergies

  5. nuked
    FAIL

    orly?

    "UDIDs that were posted to Pastebin matched its databases"?

    != "These came from us"

    Why passively caveat an admission if it is, actually, an admission?

    1. Neftaly

      Re: orly?

      Because then the tone is "We have only just discovered this intrusion, and are just as shocked as you are" as opposed to "We knew we were hacked all this time but would have kept it a secret, were it not for those blasted kids".

  6. Mike Flugennock

    "Clears FBI of device data collection"

    Diverts Attention From FBI Device Data Collection

    There, fixed it for ya'.

    1. Fred Flintstone Gold badge

      Yeah, why ruin a perfectly good conspiracy theory.. :)

  7. Anonymous Coward
    Anonymous Coward

    Sigh

    Someone comes out and says it's their data, that the feds had nothing to do with it and people here still want to believe criminal hackers over law enforcement. Get a grip people.

  8. Anonymous Coward
    Anonymous Coward

    Added credentials?

    Those tinfoil hatters who want to believe in a consipracy should be more interested in finding out about the 2% of credentials that were added to the file before posting to pastebin ... or did you miss that point in your clamour to blame the FBI again?

    1. Mog0

      Re: Added credentials?

      I read that as being 2% added to the company's database after the breach and missing from pastebin...could be either way I suppose.

  9. dssf

    Why ruin a conspiracy theory?

    Well, consider the possibility the company could be a front, and a plausibly deniable and disposable one at that, hehehe... Just to add another spoon of gas to the quasi fire...

  10. dssf

    otoh, if it is a real and non fronting company...

    Then it is commendable that they fessed up, is it not?

    1. Anonymous Coward
      Anonymous Coward

      Re: otoh, if it is a real and non fronting company...

      Congrats on being the first person to say that. They do deserve some credit for fessing up and an equally big slap for it happening in the first place.

    2. Tom 13

      Re: otoh, if it is a real and non fronting company...

      Depends on when they knew about it. And frankly, if they only discovered they'd been breached after the Pastebin drop, that worries me even more.

  11. Anonymous Coward
    Anonymous Coward

    The company’s CEO Paul DeHart told NBC News the file posted by the crackers had a “98 percent” match with the company’s database

    posted by the crackers

    the crackers

    crackers

    SOMEBODY FINALLY GOT IT RIGHT!!!

    1. Mako

      All of a sudden I fancy some cheese and have absolutely no idea why.

      1. TeeCee Gold badge
        Coat

        Maddening isn't it? Could even drive one crackers.....

  12. Anonymous Coward
    Anonymous Coward

    Seems to be a legit company.

    http://www.sunbiz.org/scripts/cordet.exe?action=DETFIL&inq_doc_number=P07000054350&inq_came_from=NAMFWD&cor_web_names_seq_number=0000&names_name_ind=&names_cor_number=&names_name_seq=&names_name_ind=&names_comp_name=BLUETOAD&names_filing_type=">SunBiz Listing for BlueToad Inc.

    Doesn't mean they were paid off for an undisclosed sum of money ;-)

    1. John McCallum
      Devil

      Re: Seems to be a legit company.

      It would have to be significantly larger than the fine that they are about to be slapped with,watch this space.

  13. Anonymous Coward
    Anonymous Coward

    So it seems that....

    Thieves not only steal stuff but they lie about it too.

This topic is closed for new posts.

Other stories you might like