or Connect
AppleInsider › Forums › Mobile › iPad › Hackers fire back at AT&T, say all iPads at risk to Safari hole
New Posts  All Forums:Forum Nav:

Hackers fire back at AT&T, say all iPads at risk to Safari hole - Page 2

post #41 of 58
I agree with those who say that this was more about PR stunt, Click Bait, then about Public Interest. The moment this info was shared with anyone other than ATT and or Apple, it smells of BS, PR Stunt...

When the "reporter" is not any Legitimate News Source, but those who are known for their adversarial position vs. Apple, the motives become suspect!!!

FBI? Sounds great, but what can FBI do against guys like that, if they are based out of foreign country! Recently CBS 60 Minutes rebroadcasted this story http://bit.ly/aq9isi where the stakes are a lot higher than in this ATT iPad Email Addresses Hack story!

It seems to me like a lot of parties are doing their best to hurt Apple, AAPL and it's partner ATT. With Headlines like: "FTC : FTC To Open Investigation Into Apple" - the timing of it all seems too suspicions to me!

I don't recall MSFT playing that dirty vs. Apple or vs., but these days, it seems like: anything goes!!! I only hope that it doesn't get any uglier than that, like kidnappings of Apple's execs family members in exchange for extortion etc.

After GizmodoGate, that side is not even trying to lay low, they seem to be taunting Apple, and thus Authorities that are Investigating that stolen iPhone Prototype! Gizmodo could have used that ATT iPad Hacker Info as a Peace Offering with Apple... Instead, they chose to play even harder ball..., while FTC is trying to nail Apple on something, just to nail Apple! And it's not like Apple is BP, and hurt lives! I don't see that much scrutiny of Google! Seems suspicious to me! FUD, FUD, FUD!!!

I guess, if things get too crazy, Apple will speak out on this, but hopefully there won't be need for that!!!

The GizmodoGate, in retrospect, looks slimy to me:

Yes, reporters want to be to be 1st ones to the story, but there should be some lines that must not be crossed! NY Times would never done what Gizmodo did, same with other Legitimate Media! Then there are Gizmodo's of the world who are willing to cross lines, in order to compete against the rest of the media! It is that rest of Legitimate Media who has to "throw Gizmodo and such under the bus", and stop treating them as equals who act in public interest! John Stewart, the comedian, went for the laughs, and almost defended Gizmodo, and put down Apple as a Big Brother, The Man!

Steve Job was correct in his email reply to Gizshits, when he said something along this lines:

I am with Apple, we create things, what DID YOU create!??

But then again, how does one play fair, and negotiate with Terrorists like that? - nothing's sacred with that crowd!

Gizshits wanted to create a PR stun at the expense of hurting Apple's business! And, even as they are being investigated, they are playing a victim of the powerful Apple, and all of a sudden they are involved in this ATT Hack? That way too suspicions.... I hope they are investigated to the max, and, when found guilty, they should be punished to max!!!!

It's time for all descent people use their brains for creating the best products and the most respectful way! Those who perpetrate the garbage news on us should be treated like garbage they are!!!

Go  Apple!!!

Reply

Go  Apple!!!

Reply
post #42 of 58
Quote:
Originally Posted by RationalTroll View Post

Have you considered asking them?

I've presume nothing about their intentions, and have described only their actions.

You responded to my post in which I posed a very specific question. You didn't answer it. What you did say was not pertinent to the question. And yes, I have asked Goatse the same question. No response yet. While some people use questions like mine as rhetoric to win some larger debate, I am not doing that. The question I posed is an honest one: I really want to know why a group that is supposedly concerned with information security actually sent out private data as opposed to just characterizing the exploit.

Quote:
Originally Posted by RationalTroll View Post

I don't know you so the likelihood is slim that would ever come into question.

Now you're just playing dumb. Of course I wouldn't confide in a stranger. Unless you are a moron, and I doubt it, then of course you got my point: your sentence that I was responding to downplayed the issue of Goatse sharing the private data with a third party... something I find very objectionable.

Quote:
Originally Posted by RationalTroll View Post

Besides, please note that I've made no claims about either the ethics or the legality of Goatse's actions. There's no shortage of such opinions here. What seemed lacking here was a few details reported elsewhere but apparently missed by some here, which I've provided.

[And blah, blah, blah]...

How many arguments are you carrying on at once? You may be confusing me with others. Go back and look at the only posts I've made on this thread. I asked one simple honest question. You responded to it with a non-answer and then made a statement to someone else that hit right on the same topic. And I called that statement into question too.

The rest of your points may be correct or incorrect. I do not care. I just can't think of any legitimate justification for the release of private data.

Thompson
post #43 of 58
Quote:
Originally Posted by RationalTroll View Post

Goatse claims that the only copy of the data they had was given to the reporter, and their own destroyed. Any data in the wild is a result of the exposure AT&T created for themselves, not from Goatse's sharing of the data with one reporter.

By giving the data to a so-called reporter they lost control of that data and can not confirm or prove that the emails were not released.This was reckless and very unprofessional. Destroying the data that was in their possession now proves nothing as they had already lost control of it. Once they did that they became criminals and fools, not security experts!
post #44 of 58
Anyone remember the original?

http://en.wikipedia.org/wiki/Goatse.cx - no need to, just see how the "Security Consultants" website changed itself (NSFW)

Appleinsider, along with others, is quoting Escher Auernheimer as if he might even be telling the truth.

Check out this "Full Disclosure": http://seclists.org/fulldisclosure/2009/Oct/82

for Andrew Alan Escher Auernheimer aka "Weev"

Then read his blog: http://weev.livejournal.com/

Then go to the other posts about how this AT&T scam was done, and note that it involved an e-mail sniffing machine that costs the price of a small car. Then see where he mentions making a good living off it.

Now go back to the blog. Scroll past the racial bigotry and comments about how he is looking more like Jesus every day, and there is a POEM to the pleasures of spamming "i read spamcop ...."

Now ask yourself, do you REALLY BELIEVE that all those harvested em@ds were "destroyed"? Or that they stopped harvesting at a few em@ds just to prove a point?

What more do the Feds need? Throw him in a cell with Jason Chen! Or perhaps not, they're probably bottom buddies by now.
post #45 of 58
I would have md5'd each email address and published it to the world. Let the customers look up their own addresses to know they were affected.

I have experience with a security disclosure involving an investment bank, and given all the management resistance, slow action by the feds, etc., I can tell you that a white hat approach is not the most effective.
post #46 of 58
Quote:
Originally Posted by Kersten View Post

By giving the data to a so-called reporter they lost control of that data and can not confirm or prove that the emails were not released.This was reckless and very unprofessional. Destroying the data that was in their possession now proves nothing as they had already lost control of it. Once they did that they became criminals and fools, not security experts!

Exactly where my sentiment was leaning.

Thompson
post #47 of 58
Quote:
Originally Posted by fulldecent View Post

I would have md5'd each email address and published it to the world. Let the customers look up their own addresses to know they were affected.

I have experience with a security disclosure involving an investment bank, and given all the management resistance, slow action by the feds, etc., I can tell you that a white hat approach is not the most effective.

+1 Inightful

The md5 suggestion is a good one.

Maybe next time Apple will partner with a carrier who employs people who think as clearly as you do about security issues.
post #48 of 58
Quote:
Originally Posted by Kersten View Post

By giving the data to a so-called reporter they lost control of that data and can not confirm or prove that the emails were not released.This was reckless and very unprofessional. Destroying the data that was in their possession now proves nothing as they had already lost control of it. Once they did that they became criminals and fools, not security experts!

They may be. I've not expressed an opinion about Goatse because I feel they're not worth my attention.

What's been interesting is that most of what I wrote was overlooked in this obsession with Goatse. Let's all agree: Goaste = bad. There. Done. Now can we move on to examine the more interesting implications at play here?

Given the various roles of the players in this story, this is not a situation in which a Boolean applies, where everyone lines up neatly into little boxes of "Good" and "Bad". Even if we all agree that Apple would go in the Good box and Goaste in the Bad, what can rationally be said of AT&T?

- They've demonstrated a lax approach to establishing their security infrastructure.
- They've withheld critical information from affected customers until after it became a public embarrassment, and even then they took several days to do it.
- They have further eroded confidence in the very act in which they tried to rebuild it: their letter to their customers downplays the actual risks involved.
- Given the nature of this exposure, one cannot assume other portions of their infrastructure are any more secure.

Okay, Goastse is the devil. We got that.

But AT&T is no angel either. They are not worthy of partnership with Apple, and are not worthy of your money.
post #49 of 58
Quote:
Originally Posted by aplnub View Post

You mean buy a vowel and add two ss's?

I thought the "A" would be sufficient in this case.
Pity the agnostic dyslectic. They spend all their time contemplating the existence of dog.
Reply
Pity the agnostic dyslectic. They spend all their time contemplating the existence of dog.
Reply
post #50 of 58
Ha ha hacker in jail now.
Anyone seen a pic of this Andrew dude. Pathetic.

http://news.cnet.com/8301-27080_3-20007827-245.html
post #51 of 58
Quote:
Originally Posted by SHOBIZ View Post

Ha ha hacker in jail now.
Anyone seen a pic of this Andrew dude. Pathetic.

http://news.cnet.com/8301-27080_3-20007827-245.html

A new name is needed for the combination of hillbilly and geek.
A.k.a. AppleHead on other forums.
Reply
A.k.a. AppleHead on other forums.
Reply
post #52 of 58
I'm glad Goatse is ripping Apple a new @sshole.

If their security is going to be as bad as Microsoft's, then it's no use paying more for their stuff.


All your base are belong to us. - NSA
post #53 of 58
Quote:
Originally Posted by SpotOn View Post

I'm glad Goatse is ripping Apple a new @sshole.
....

You may have the ripper and rippee transposed ...
Blindness is a condition as well as a state of mind.

Reply
Blindness is a condition as well as a state of mind.

Reply
post #54 of 58
Quote:
Originally Posted by SHOBIZ View Post

Ha ha hacker in jail now.
Anyone seen a pic of this Andrew dude. Pathetic.

http://news.cnet.com/8301-27080_3-20007827-245.html


Wow, a obvious set up!

This guy is smart enough to hack, but dumb enough to leave drugs laying around his house when he knows he's under suspicion and attention by the entire US Government?

I don't buy it and neither should anyone else.


Watch the Frontline WACO story video, it's available through Netflix, it will SHOCK YOU!!
post #55 of 58
Quote:
Originally Posted by RationalTroll View Post

Yes, I stand corrected on that technicality: Goatse did not contact AT&T directly, but did make sure they were contacted privately about the matter long before it was public.

Thank you for making my point even clearer: AT&T had advance notice and did not notify affected customers in a timely manner.

It seems to me that we do not know what happened. Saying that they contacted a(n unknown) third party privately, says nothing. Who was the private party? Without knowing that, how can anyone get verification that anyone was contacted at all? Who was this private party supposed to have contacted at AT&T? A customer service rep? We don't know. If they were contacted, somehow, how do we know that it was in enough time to fix this problem?
post #56 of 58
Quote:
Originally Posted by SpotOn View Post

Wow, a obvious set up!

This guy is smart enough to hack, but dumb enough to leave drugs laying around his house when he knows he's under suspicion and attention by the entire US Government?

I don't buy it and neither should anyone else.


Watch the Frontline WACO story video, it's available through Netflix, it will SHOCK YOU!!

Smart, as being able to hack something, and being smart, which in another sense means to have COMMON sense, are two different things.

If you knew anything about this guy, you would see that.
post #57 of 58
Quote:
Originally Posted by SpotOn View Post

Wow, a obvious set up!

This guy is smart enough to hack, but dumb enough to leave drugs laying around his house when he knows he's under suspicion and attention by the entire US Government?

I don't buy it and neither should anyone else.


Watch the Frontline WACO story video, it's available through Netflix, it will SHOCK YOU!!

And the moon is made of green cheese. Really, it IS! I saw a video on the internet that said so. So it must be true.

If you're implying that Public Television's Frontline is supporting wacko Waco conspiracy theories, you might want to look at it again. They are rigorously fair, and in so doing they acknowledge all sides of a story. Even theories by crazies. That's a long way from supporting them. And if I recall they may have even said they were highly unlikely. That jerk in Waco brought it all on himself. The deaths of all those people were all because of his vanity and delusions. Not to mention a taste for underage sex. Hope he roasts in hell if there is one.

PS: Do you also think his long and self-acknowledged record of posting antisemitic and racist rants are a government conspiracy too?
A.k.a. AppleHead on other forums.
Reply
A.k.a. AppleHead on other forums.
Reply
post #58 of 58
how is providing link to goatse considered more offensive than you suggesting to readers to research the origin of goatse? please advise.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPad
  • Hackers fire back at AT&T, say all iPads at risk to Safari hole
AppleInsider › Forums › Mobile › iPad › Hackers fire back at AT&T, say all iPads at risk to Safari hole