Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Edit - just read they reported it when realised they were the source. Did they not report anything when the incident originally happened?

The way I read the NBC article, it didn't look like Blue Toad knew they had an incident. Looks like we'll never find out now anyway since they seem to be saying they wont send notifications to those on the list but instead leave that up to the individual applications.
 
I'm really happy to hear this.

Everybody took the original article as an opportunity to jump on the anti-government bandwagon. They're not out to get us. They're trying to keep us safe.
 
I'm just going to file this under "I told you so." I'll also add that when I posted the following response to the original article I received exactly zero upvotes:

There's no evidence that the data came from the FBI, and there's no data that couldn't have been collected by an iOS application developer. You may not trust the FBI when they deny the data came from them, but why should we trust this hacker group who also has an obvious agenda? (they have a manifesto for crying out loud) UDIDs, device names, and address book info can be queried by any iOS app. There are thousands of sources this information could have come from. I say then that it is most likely to have come from an iOS developer.

Of course it turns out that the hackers were the bad guys all along, and that it was hackers along with irresponsible iOS developers and Apple's older security policies within iOS that were the threat to people's privacy.
 
Last edited:
Conjecture: FBI may still have millions of Apple UDIDs for American citizens they are tracking, but we simply do not have any evidence of it yet. (make sure to buy your tinfoil hats now while supplies last)

The only problem is that a list of UDIDs doesn't help you tracking anybody. This is like having a complete list with the names of 100 million US citizens - it doesn't help with anything.

----------

What can they do with your UDID if they have it?

Nothing.
 
So, Blue Toad are a front company for the FBI, eh?

(No stopping a good conspiracy theory.... or even a really bad one..)

That's the fundamental characteristic of a conspiracy theory. It promises you secret knowledge but it never delivers because its arguments are completely circular. If your theory isn't circular, and if you're not positing a conspiracy so vast everyone's in cahoots, then maybe it could be a real conspiracy.
 
I see no good reason that this data wasn't salted and hashed. BlueToad should have known better, for any legitimate use a hashed version would have been just as good, and would have made this leak a non issue. A non hashed list is only needed if distributed tracking is required, tracking across apps with different databases where the the information changes hands. So either the FBI wanted to do this, or BlueToad wanted to do this, either way this is not good.
 
So apparently if you have 12 devices you have a 12 in 10 chance?

(And you meant 1 in 12, according to Anonymous' statement that they leaked 1 M of 12 M UDIDs hacked).

Stat 101 lesson people. Assuming all 12 M UDIDs of any and all users of BlueToad were stolen but only 1 M were leaked, if you have one device that used their software it's a 1 in 12 chance.

......

Blah blah blah. 3% off. It's a forum.
 
Anonymous doesn't target innocent people.

I'd bet money that Bluetoad is a front for the CIA or for some FBI shell company.

There is no one group called Anonymous. Anybody can call themselves Anonymous. You could. I could call my dog Anonymous.

I called it thus as well. This is all fake. It's been done for a political purpose, like censoring the Internet.

I didn't know that anonymous flavoured kool-aid existed?

kool_aid.png
 
Flipboard is made by Flipboard, Inc. We are not associated with Blue Toad in any way. You can learn more about us on our website.

Also, we do not use UDID data for our service.

Thanks,
~ FlipboardCM
Flipboard Community Manager
Twitter: @FlipboardCM
email: support@flipboard.com
 
Good to see the FBI are using these front companies, I guess it’s like the US Gov telling Syria Gov to stop the violence but under some fake company give the rebels(in Iraq and Afghanistan called terrorist) communication so the war can continue.
 
You're all wrong.

This is clearly Obama's doing! These UDIDs will be used to identify and enable a citizen's GPS, whereby which a drone will be sent to your coordinates and fire rockets at your precise location, as you explode into a bloody mist.

It's all part of Obama's secret predator drone kill list, which specifically targets Americans planning to vote for Romney. Long story short, if you're on the list Obama's got your number, and he's coming for you.

I watch a lot of Fox News.
I think the only objection to the drone program that Fox News and its viewers would have is if Obama took credit for it in his reelection campaign.

RuPAUL 2012:p
 
iCatholic Magazine, eh? I wonder do the hackers have the addresses where the hierarchy has hidden all the naughty priests?

What?! What?! I'm Irish! I'm allowed make jokes like that!
 
The way I read the NBC article, it didn't look like Blue Toad knew they had an incident. Looks like we'll never find out now anyway since they seem to be saying they wont send notifications to those on the list but instead leave that up to the individual applications.

Possibly. They might just have gone through their logs afterwards and found something indicating the time of the attack.

On the other hand, if you read a story about the FBI leaking UDIDs, would you immediately check your own UDID list to see if your company was the actual source of the leak? Seems a slightly strange thing to do, unless you already knew your own list might have been compromised.

Anyway, all conjecture at this point...
 
Nothing about Blue Toad's admission lets FBI off the hook.

If anything, Blue Toad are bragging about how many customers they have, if they really have them.

Data could come from any app that grabs UDID. Still begs the question - how did FBI get it? With a court order? What's the transparent process here? Shut-up slave, it's National Security??

I wonder if UDID is handy if you want to frame someone? Not that that would ever happen.
 
We all know that these things happen. Every company/app builder collects userdata without permission. 99% of the times we don't even know what's collected and what will happen with our private information.

When lists like these are "discovered" it's too late already.
 
Possibly. They might just have gone through their logs afterwards and found something indicating the time of the attack.

On the other hand, if you read a story about the FBI leaking UDIDs, would you immediately check your own UDID list to see if your company was the actual source of the leak? Seems a slightly strange thing to do, unless you already knew your own list might have been compromised.

Anyway, all conjecture at this point...
Too bad you didn't read the actual article.

They didn't look through the list, someone else did, found several references to Blue Toad within the data (more than was statistically probable without some connection to Blue Toad), and contacted the company to warn them it might be their information. They then did their own search, found that it was their data, contacted law enforcement and NBC.
 
Red Frog

I thought it was Red Frog ... but I digress.

So without downloading this file, what actual information is in the file other than the UDID?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.