A recent leak of more than 1 million unique identifiers of Apple devices has created waves among the Apple customers. The hacker group ‘Antisec’ responsible for publishing the UDIDs, claims that it has about 12,367,232 such unpublished records. Some unconfirmed sources claim that even US President Barack Obama’s iPad was on the list.
Antisec, or “The Anti Security Movement” is a loose hacking collective that has been formed out of members from Anonymous, LulzSec and other independent hackers. They claim that the information was stolen from the laptop of Supervisor Special Agent Christopher K. Stangl by exploiting a “AtomicReferenceArray” breach in the Java software present on the system. The apparent motive behind such a leak was to expose how the FBI has been tracking devices and other private information. The group also criticised how hardware coded IDs for devices were a bad idea and it was a bad decision on Apple’s part. Here is most of what AntiSec had to say:
Well we have learnt it seems quite clear nobody pays attention if you just come and say “Hey, FBI is using your device details and info; and who knows what they are experimenting with that”, but nobody will care. FBI will as usual deny or ignore this uncomfortable thing and everybody will forget the whole thing at amazing speed.
Although the published records do not themselves contain personal identification info, but if merged with Apple’s developer resources, it is not too difficult to do so. The records published only contain the UDID, push notification service ID and the device name. There are a number of tools (like this one) that allow you to check whether your device’s UDID was present in the list. You can however get more details on finding the whole data dump here.
The FBI, on the other hand, has clarified that AntiSec has been lying the whole time and they never possessed such data. They even warned that “downloading such data and visiting shady websites may be harmful to your computer and can download malicious code”.
