Hackers Release 1 Million iOS Device UDIDs Obtained from FBI Laptop

[angelneo]

Is it possible that the FBI retrieve the data from some other sources as evidence of some investigation?

 

[Mr. Gates]

Oh Lawdy....

Jokes aside, it's time to check and see if my device is in those 1M released... and then pray its their and not leave me hanging if it is in the other 11M still not released.

Where do we go to do that ?

 

[8CoreWhore]

Is it possible that the FBI retrieve the data from some other sources as evidence of some investigation?

1 FBI agent, 1 laptop, 12 million users from 1 phone model. That's just what happened to be found by these hackers.

 

[thasan]

CIA and FBI, what is different between them? WHY THEY HAVE THIS INFO?

i think they collect separately and compare their 'notes'

 

[jav6454]

Where do we go to do that ?

The first link in the MacRumors articles points toward the pastebin of the hacker's proclamation. That same pastebin contains several links to the file (the one containing all the info of the 1M UDIDs) and where it is hosted (several hosting sites). Then the pastebin also contains instructions on how to properly decrypt and decode the information in the file once downloaded. Several steps to do so. After all that you get a plain text document with the information.

 

[Orange Furball]

So...

The government is collecting info knew that

The government isn't warning people about a threat that personal information can be leaked yep yep. Obviously

The government doesn't properly secure files? apparently not

Why can't we just live in a world where private things are... well private?

I just don't understand what the FBI needs to do with my grandmas iPhone info. God I hate the government.

 

[below]

OK, a number of my devices are in there …

If anyone cares to know, I was able to confirm that a number of devices I own are in the list.

So, what do I do now ?

Alex

 

[thasan]

mmm...whats written there in the first link of the news? fbi bu**hurt ?

 

[Worf]

Seriously, people really don't know how much of your data is seen by the government. The NSA works with AT&T and other carriers to spy on your data. Big brother has been prying on your online activities for years now. Glad this violation of rights is getting more exposure now.

 

[sticky.chicken]

What is the FBI doing with that info?

Doubling up on security??? LOL

 

[parish]

If anyone cares to know, I was able to confirm that a number of devices I own are in the list.

So, what do I do now ?

Be afraid. Be very afraid. Big Brother is obviously watching you! So, what have you been up to?

 

[Magaman]

It's not really bothering me that the FBI has such data, but the fact that they can't secure it is not good.

That said people need to stop worrying about being tracked, seriously none of us live a life that is of any interest to the government. Go about watching porn and sending dirty texts, it's really not even a drop in the data bucket, and is really uninteresting to anyone.

 

[below]

Be afraid. Be very afraid. Big Brother is obviously watching you! So, what have you been up to?

So many evil things I can not even start to think about which one The Man™ is after.

It would — however —*be interesting to have the complete list. Then I could start to find out which App this info is related to.

It must be an app that's around for a while, because my 3GS is in there, which I have not been using for quite some time now. Some of my newer devices are not in there, but they only released less than 10% of the UDIDs, so it's unclear if those devices have not been recorded, or if they are just not in the published section.

Anyhow, it appears that this info is from some kind of app, and I would love to find out with other people whose UDIDs are on the list which apps we have in common.

Alex

 

[wrkactjob]

The source of the data is not entirely clear, though the type of data is typical for the kind of information an iOS app developer would collect to deliver push notifications to users. It seems an App developer or developers are the original likely source of the information...

I downloaded an app once that just enabled you to switch on the camera flash and use it as a torch, that's all it did.

I became suspicious when occasionally it would show an update was available then I started reading about how nobody reads the T&C's when they download apps which state the developer has the right to certain information on your device....

There are some people with over 20 or even 30 apps who have no idea what information is being collected, where it's going or who is using it.

 

[Mr. Gates]

The first link in the MacRumors articles points toward the pastebin of the hacker's proclamation. That same pastebin contains several links to the file (the one containing all the info of the 1M UDIDs) and where it is hosted (several hosting sites). Then the pastebin also contains instructions on how to properly decrypt and decode the information in the file once downloaded. Several steps to do so. After all that you get a plain text document with the information.

Thanks. I kinda figured that out after I typed it. 3 of the links have timed out before a full DL and 2 had some other strange problem.
Trying the Ziddu link now. Fingers crossed

 

[cclloyd]

ooo ooo, I wanna know if I was on it! Then I know I'm 1 in 1000000

 

[deannnnn]

It's **** like this, federal government

It drives me crazy when people talk badly about the people who keep us safe. Are there problems with the system? Absolutely. But some numbers that identify our cell phones gets out and everybody flies off the handle? Guess what, there is a different set of numbers that identifies our cell phones... they're called phone numbers, and they're publicly available everywhere.

I have absolutely no connection to the FBI or the federal government, but god dammit I respect them and know that they work hard to keep us safe every day.

 

[Apple Poptart]

::facepalm::

 

[austinguy23]

why was the damn laptop not encrypted?

It probably was but if the laptop is up and running, files are not encrypted.

 

[below]

I have absolutely no connection to the FBI or the federal government, but god dammit I respect them and know that they work hard to keep us safe every day.

I am not even a US citizen, so I guess it is very safe to say that I have no connection to the FBI.

What worries me, like others, is more that apparently, this information is not kept secure. It would not be on teh interwebs otherwise, would it?

Furthermore, while I respect law enforcement authorities, I think that it is good practice everywhere that they limit the amount of data they have. Seriously, I can not think of bad things I did other than speeding, so I would like to know that such information is deleted by the FBI as soon as they have closed an investigation.

Alex

 

[dontwalkhand]

Three things I see wrong,

1. Why do they want my UDID, and how would information on app crashes and other diagnostic data that Apple would use to fix my iPhone be useful to the FBI at all? Why would the federal government care that the Mighty Eagle is back in business with my push notifications from Angry Birds linked to my UDID?

2. Why is all of this on one laptop?

3. We are supposed to trust a federal government that can't seem to stop losing laptops in public? Meanwhile, I've never been irresponsible enough to leave it in such a way where my laptop can get stolen.

 

[onigami]

I love how everyone's taking pot shots at the federal government/FBI and all that cal, but nobody's looking at the possibility that Apple, directly or indirectly (through devs/app devs), gave up the UDIDs willingly. Given the cal that they've pulled in recent years (spoofing SFPD, going after Adrian Chen the way they did, etc.), I would not put it past them as them being willing accomplices.

I'm trying to remember a time you could trust this company.

 

[below]

I love how everyone's taking pot shots at the federal government/FBI and all that cal, but nobody's looking at the possibility that Apple, directly or indirectly (through devs/app devs), gave up the UDIDs willingly.

This is exactly why I would love to find out if we can find an app, that all people on the list have in common.

Alex

 

[clancemasterj]

Mine is also in the list. I'd be interested to find out why they have it... What's the point of the FBI having this data? Why did apple give it to them? I don't really like this.

 

[Akarin]

How to check if your UDID is in the released list?

1. Download the file from one of these sources:

http://freakshare.com/files/6gw0653b/Rxdzz.txt.html
http://u32.extabit.com/go/28du69vxbo4ix/?upld=1
http://d01.megashares.com/dl/22GofmH/Rxdzz.txt
http://minus.com/l3Q9eDctVSXW3
https://minus.com/mFEx56uOa
http://uploadany.com/?d=50452CCA1
http://www.ziddu.com/download/20266246/Rxdzz.txt.html
http://www.sendmyway.com/2bmtivv6vhub/Rxdzz.txt.html

2. Open a terminal window and type this (replace file.txt with the path/name of the file you just downloaded. You can drag and drop the filename directly in the terminal window):

openssl aes-256-cbc -d -a -in file.txt -out decryptedfile.tar.gz

3. Enter the following password (you can also copy/paste it. Don't worry, you won't see it in the terminal window):

antis3cs5clockTea#579d8c28d34af73fea4354f5386a06a6

4. Uncompress decryptedfile.tar.gz by double-clicking on it. The file should be located in Users/<your_username>/

5. Open iphonelist.txt

6. Find your iOS device UDID by starting iTunes. When presented with this screen:

...click on the word "Serial number" to reveal your UDID. It should now show this:

7. Copy your UDID and search within the file to check if yours is in it. If you have a question, just ask.