Hasta La Gadget!

Hack collective AntiSec claims to have broken into an FBI agent’s laptop and extracted what turned out to be a 12m long list of personal details from Apple devices, alleging that the federal agency had been tracking users. The document supposedly contains Unique Device Identifiers (UDID), usernames, name and type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, and other content; AntiSec has released 1,000,001 UDIDs (along with the device name/type) as a proof of hack.

According to the group, a remote exploit on the Dell laptop used by one FBI supervisor managed to pull out several files saved to the desktop. One of those files was a .CSV database containing a huge number of Apple device details, though no other mention of the purpose of that file was discovered on the machine.

“During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted [sic] on many parts. no other file on the same folder makes mention about this list or its purpose” AntiSec

However, that hasn’t stopped speculation as to the FBI’s intentions with the data. AntiSec suggests that it could be the basis of a tracking project, using Apple UDID codes to monitor individual users; it also claims that “it’s the right moment to release this knowing that Apple is looking for alternatives [to UDID].”

Not all of the records have all of the database fields filled in – some are limited to ZIP code – and it’s unclear where the FBI sourced the data from initially. The filename includes “NCFTA”, which is potentially the National Cyber-Forensics & Training Alliance, an organization which “functions as a conduit between private industry and law enforcement with a core mission to identify, mitigate and neutralize cyber crime” and which “manages the collection and sharing of intelligence” between those groups.

Although app developers have access to some of the data included, it’s apparently rare that they would have full postal address details for individual users.

[via TNW; via Hacker News]

12m iPhone and iPad ID database hacked from FBI claims AntiSec is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

There is always a need for disposable and secure email addresses. I had a bunch of junk Hotmail addresses years ago for handling spam and subscriptions I didn’t want going to my main email address. Thanks to Gmail, I’ve whittled it down to only one, but maybe I should just dispose of it and get the Gliph app. It’s basically, this app is like the Burner app we featured a couple of days ago, but for email addresses.

Gliph is a free app for iPhones, Android and mobile devices. You can use it to send cloaked messages to other Gliph users or use it to send and receive emails to anyone through your regular email client. An example would be Craigslist transactions, which are always somewhat spammy. Unlike other free services like Gmail and Hotmail, Gliph email addresses are easy to create and delete, and all your emails sent via your addresses come to a central location, so there’s no need to log on onto multiple accounts.

When you open the app, you get to pick a string of 3 to 5 icons that represents you, instead of using a username. You get one free randomly generated email address when you sign up for Gliph, and once you’ve invited at least 5 friends, you can send attachments too.

[via ReadWriteWeb]

Here’s something that’s rather interesting: Anonymous is claiming that it has hacked the PlayStation Network, making off with information on 10 million accounts. Anonymous announced the hack on its Twitter account just over an hour ago (though that tweet has since been removed), and someone claiming to be “the man behind Anonymous” posted this list of emails and encrypted passwords reportedly stolen from PSN as proof of the attack.

Reports of a new PSN security breach make us immediately recall the bad memories from spring 2011, but there may not be reason to worry just yet. The list which was posted to Pastebin is apparently just a duplicate of a list posted back in March. Kotaku says that SCEA’s Shane Bettenhausen has stated on Twitter that claims of the hack are “totally fake,” but that tweet appears to have been taken down too.

It’s all very confusing, but at the moment, it seems that the PlayStation Network is safe. It’s a good thing too, because PS3 owners definitely still remember last year’s attack all too well. The attack was severe enough that Sony had to take PSN down for a month as it worked on boosting security and investigated what all was stolen. When Sony reported that credit card details may have been stolen in the attack, that made things go from bad to worse, and Sony had to do a lot to restore faith in the company.

Luckily, it seems that history won’t be repeating itself quite yet, but with Sony claiming that it greatly improved security after the first attack, you know that there are plenty of hackers trying to bring PSN down for a second time. With that in mind, it seems that it’s only a matter of time before someone gets in, but who knows? It could be that Sony’s defenses are as strong as the company says. In any case, we’ll be bringing you more information as this rather strange story develops, so keep it tuned here to SlashGear!

Anonymous claims new PSN hack, Sony says it didn’t happen is written by Eric Abent & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

The strange nature of the relationship between Anonymous and WikiLeaks has been detailed in a report from International Business Times. Members of the group spoke to IBTimes following a Twitter row over the leaked emails from Syria, with one individual saying the relationship between the two entities is “complex.” As it turns out, there’s crossover between both groups, with some individuals working on both sides to gather and expose information.

Anonymous and WikiLeaks are said to have similar aspirations, hence the heavy crossover between the personnel: “Both groups are first and foremost information activists, so there is a common ground between us.” One member of Anonymous went on to detail the work behind the Syria email leaks, saying the group working tirelessly to breach “multiple domains and dozens of servers.” While the information was handed off to WikiLeaks, the organization didn’t reveal its relationship with Anonymous.

The hacktivist group doesn’t seem to mind, however: “Nor would they be expected to reveal their source that is after all what WikiLeaks is all about.” There’s also the fact that WikiLeaks seems to have no qualms about releasing any information. Anonymous is said to have negotiated with Al-Jazeera regarding the release of the email dumps, but “no suitable disclosure agreement could be negotiated.”

Still, Anonymous is looking ahead to the future. Members of the group have recently launched their own version of Wikileaks, dubbed Par:AnoIA. The site is designed is host Anonymous leaks, and is said to have been created to gain better media coverage for highly sensitive dumps and expose information faster than WikiLeaks.

Anonymous and WikiLeaks relationship detailed is written by Ben Kersey & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

This week it seems that the collective known as Anonymous has taken to picking up trash in the streets in order to push forth as a positive force in the world of activist computer hacking. This protest has been made against a recent revision of Japanese laws against illegal downloads of media on the web. This protest is an effort to show the world that Anonymous is not a terrorist organization, instead representing themselves with an act of public good to show their dissent against what they feel are unfair internet laws.

It was a collection of 80 members of the Anonymous conglomeration that hit the street this week in Tokyo, complete with their V for Vendetta Guy Fawkes masks and their iconic black suits as well. They hit Tokyo’s Shibuya Ward and made a quick thing of it, making sure there were plenty of photographers around to capture the event as it went down.

The folks in Anonymous have been vocal, for their part, in letting the world know that they feel Japan has not done an adequate job of representing the full truth about the laws they’re protesting and the changes that have been made in Japanese law as of late regarding web downloads. This protest has been called just one of many upcoming “Cleaning Service” protests Anonymous has said they’ll be making, with future litter removal dates planned for the future around the world.

Hopefully they’ll be showing up in your local town soon, clean streets as a protest for everyone!

[via Japan Daily Press]

Anonymous picks up litter in latest protest effort is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.