FBI investigating iPad 3G security breach / FCC also concerned

=X= · 06-11-2010, 01:46 PM

Okay by now we have all heard of the security breach exploit on the iPad and AT&T network. But I find it interesting that the FBI is now investigating this breach.

I'm thinking of your going to show exploits to another company, make sure you don't capture any info from government officials, else it becomes a BIG story.

Quote:

The Federal Bureau of Investigation has opened an investigation into a possible security breach of AT&T Inc.'s website that exposed the email addresses of some owners of Apple Inc. iPad devices.

WSJ: FBI Opens investigation on iPad Breach

FCC Also Concerned

Meanwhile, a Federal Communications Commission official issued a statement expressing concern about the breach.

Quote:

"This breach underscores the need for robust cyber security," FCC Public Safety and Homeland Security Bureau Chief Jamie Barnett said in a statement cited by National Journal. "The FCC's cyber security mission is to ensure that broadband networks are safe and secure for the consumers and businesses that depend on them."

Tech Daily Post

Shaggy · 06-11-2010, 02:27 PM

Isn't that basically standard for something like this? They're probably concerned about espionage, etc.

=X= · 06-11-2010, 03:19 PM

I'm not sure that is a standard, but anytime the government is involved, esp military officials then it becomes an issue. Chances are likely that an investigation will occur.

tyche · 06-11-2010, 03:28 PM

Some bigwig must of had a 3G and made a phone call...

HarryT · 06-12-2010, 03:36 AM

This appears to have been a pretty minor "breach". All that was revealed were peoples' e-mail addresses, and an e-mail address is essentially public information - you "reveal" it every time you send an e-mail.

Logseman · 06-12-2010, 02:46 PM

I have the feeling that, if it were not for the issue being about an Apple-made device, this wouldn't be publicised so hugely. That's the masterpiece of Apple's marketing.

SameOldStory · 06-13-2010, 10:38 PM

Per the Daily Tech

"The names of victims immediately draw attention to the story. Among them are New York Times Co. CEO Janet Robinson, Diane Sawyer of ABC News, film mogul Harvey Weinstein, New York City Mayor Michael Bloomberg, and even White House Chief of Staff Rahm Emanuel."

The really bad news is that White House Chief of Staff is using an unsecured communication device (the iPad).

I do, and you probably do not, know the incredible stupidity of that.

The use of an unsecured communication device is the problem. His actual e-mail address is trivial. To monitor his e-mail you don't even need the address.

The term "criminal stupidity" applies to this man.

Please understand - I AM NOT TALKING POLITICS. I'm talking the security of our president, and of our country.

HarryT · 06-14-2010, 03:43 AM

The fact that this guy has an iPad does not mean that he is using it for official government business. I know that, although you probably do not...

I rather suspect that he will be conducting official business via appropriately secured communication channels.

Shaggy · 06-14-2010, 11:37 AM

Quote:

Originally Posted by SameOldStory

The really bad news is that White House Chief of Staff is using an unsecured communication device (the iPad).

There's a big difference between using an iPad to send an email to his mom, and using an iPad for official government business. The article didn't specify.

=X= · 06-14-2010, 11:54 AM

Quote:

Originally Posted by HarryT

This appears to have been a pretty minor "breach". All that was revealed were peoples' e-mail addresses, and an e-mail address is essentially public information - you "reveal" it every time you send an e-mail.

Well the real story isn't so much the security breach, but the fact that the Feds are looking into this story. This kind of exposure for AT&T and Apple is not good. Esp. for Apple who the Feds where considering investigating Apple for it's Anti-Competitive tactics. I believe they just announced this morning that they will conduct an official investigation in the matter.

But a breach is a breach, there is nothing minor about it. Let me put it to you this way. If someone broke into your house and stole a gallon of Milk, would you just shrug it off and say "Hey it was just a gallon" and go about business as usual. Most likely not, you would feel vurnable and question all of the security in you house. Because it is not so much the actual loss but the exposure you have to more damaging intrusions.

You have mentioned you do have a Web/IT background I would imagine you would take such security breaches more seriously.

They did not only capture the email but the ICC-ID's and here is the type of activity somebody can perform when they are equipped with confidential information. Per the DailyTech

Quote:

With the ICC-ID and unique email in hand, malicious parties could easily launch mass attacks to try to gain further access. For example, it's likely that at least one of those email addresses with the password "darthvader" would return account access.

=X=

Shaggy · 06-14-2010, 12:11 PM

Quote:

Originally Posted by =X=

Well the real story isn't so much the security breach, but the fact that the Feds are looking into this story.

I don't think it's really unusual, considering that the Feds have a cybersecurity task force, etc. It's probably standard procedure that they will investigate any breach like this against a large company. They're probably not as concerned with what was accessed (email addresses) in this case, but rather who and how. Most of the time, we just don't hear about it.

SameOldStory · 06-14-2010, 09:04 PM

Quote:

Originally Posted by HarryT

The fact that this guy has an iPad does not mean that he is using it for official government business. I know that, although you probably do not...

I rather suspect that he will be conducting official business via appropriately secured communication channels.

At one time I was responsible for the protection of classified material. At his level you don't use any unapproved communication devices. Period. It doesn't matter what he was using it for.

He probably has the same attitude.

kjk · 06-14-2010, 09:32 PM

Quote:

Originally Posted by SameOldStory

At one time I was responsible for the protection of classified material. At his level you don't use any unapproved communication devices. Period. It doesn't matter what he was using it for.

He probably has the same attitude.

The real question is who doesn't have one in the West Wing:
http://www.washingtonpost.com/wp-dyn...060701140.html

Obama did say it a distraction

Krystian Galaj · 06-15-2010, 11:23 AM

What's funny is that it wasn't an attack by anyone, Goatse Security discovered a vulnerability, notified AT&T of it, and when AT&T ignored the information (possibly trying to hide the breach), after a few days Goatse prodded AT&T to react by publishing the details.

http://security.goatse.fr/a-response-to-atts-letter

Now they're calling them "malicious hackers"... the idiocy.

Shaggy · 06-15-2010, 04:27 PM

Quote:

Originally Posted by SameOldStory

It doesn't matter what he was using it for.

You think that somebody who gets a clearance is not allowed to own a cellphone, laptop, PC... etc?

Obviously they would not be allowed to put classified material on such a device, but to suggest that they can't call their wife after work on their personal cellphone is... silly.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Security threat with iOS 4 and iPad and pdf's	vaughnmr	Apple Devices	35	08-13-2010 05:15 PM
iPad BoingBoing: Report: AT&T security breach exposed 114k iPad users	kjk	Apple Devices	9	06-14-2010 12:09 AM
Kindle free book: Breach of Trust	greencat	Deals and Resources (No Self-Promotion or Affiliate Links)	4	05-03-2010 05:50 AM
Still investigating and intrigued	ziegl027	Introduce Yourself	6	06-23-2009 03:05 AM
Science Fiction Phillips, Mark: Queen's Own FBI Trilogy. v2, 9 Jun 2008	HarryT	BBeB/LRF Books (offline)	13	06-09-2008 04:32 AM

06-11-2010, 02:27 PM	#2
Shaggy Wizard Posts: 4,293 Karma: 529619 Join Date: May 2007 Device: iRex iLiad, DR800SG	Isn't that basically standard for something like this? They're probably concerned about espionage, etc.

06-11-2010, 03:19 PM	#3
=X= Wizard Posts: 3,671 Karma: 12205348 Join Date: Mar 2008 Device: Galaxy S, Nook w/CM7	I'm not sure that is a standard, but anytime the government is involved, esp military officials then it becomes an issue. Chances are likely that an investigation will occur.

06-11-2010, 03:28 PM	#4
tyche Addict Posts: 227 Karma: 2530 Join Date: Dec 2009 Device: PRS-505, iPad	Some bigwig must of had a 3G and made a phone call...

06-12-2010, 03:36 AM	#5
HarryT eBook Enthusiast Posts: 85,544 Karma: 93383043 Join Date: Nov 2006 Location: UK Device: Kindle Oasis 2, iPad Pro 10.5", iPhone 6	This appears to have been a pretty minor "breach". All that was revealed were peoples' e-mail addresses, and an e-mail address is essentially public information - you "reveal" it every time you send an e-mail.

06-12-2010, 02:46 PM	#6
Logseman Orisa Posts: 1,999 Karma: 1035571 Join Date: Feb 2010 Location: Ireland Device: Onyx Poke 5	I have the feeling that, if it were not for the issue being about an Apple-made device, this wouldn't be publicised so hugely. That's the masterpiece of Apple's marketing.

06-13-2010, 10:38 PM	#7
SameOldStory My True Self Posts: 3,126 Karma: 66242098 Join Date: Apr 2010 Location: Trantor, Galactic Center Device: Galaxy Tab 2 7.0	Per the Daily Tech "The names of victims immediately draw attention to the story. Among them are New York Times Co. CEO Janet Robinson, Diane Sawyer of ABC News, film mogul Harvey Weinstein, New York City Mayor Michael Bloomberg, and even White House Chief of Staff Rahm Emanuel." The really bad news is that White House Chief of Staff is using an unsecured communication device (the iPad). I do, and you probably do not, know the incredible stupidity of that. The use of an unsecured communication device is the problem. His actual e-mail address is trivial. To monitor his e-mail you don't even need the address. The term "criminal stupidity" applies to this man. Please understand - I AM NOT TALKING POLITICS. I'm talking the security of our president, and of our country.

06-14-2010, 03:43 AM	#8
HarryT eBook Enthusiast Posts: 85,544 Karma: 93383043 Join Date: Nov 2006 Location: UK Device: Kindle Oasis 2, iPad Pro 10.5", iPhone 6	The fact that this guy has an iPad does not mean that he is using it for official government business. I know that, although you probably do not... I rather suspect that he will be conducting official business via appropriately secured communication channels.

06-15-2010, 11:23 AM	#14
Krystian Galaj Guru Posts: 820 Karma: 11012 Join Date: Nov 2007 Location: Warsaw, Poland Device: Bookeen Cybook	What's funny is that it wasn't an attack by anyone, Goatse Security discovered a vulnerability, notified AT&T of it, and when AT&T ignored the information (possibly trying to hide the breach), after a few days Goatse prodded AT&T to react by publishing the details. http://security.goatse.fr/a-response-to-atts-letter Now they're calling them "malicious hackers"... the idiocy.

Advert

Advert