Thursday06 October 2022

Blue Toad Says The UDIDs Posted By AntiSec Is "our data", Who Is Telling the Truth?

Reading time is around minutes.

Someone is claiming that the one million UDIDs posted by Anonymous actually were taken from them and not the FBI or Apple. The company Blue Toad from Orlando FL says that they checked the pastebin file and it was a 98% match for their database. This is an interesting twist in the events that have seen Apple, the FBI and even AT&T linked to surveillance of Apple phones through the use of the UDID (Unique Device IDentifier). Apple has already stated that the UDID will no longer be supported in the next version of their iOS software that is expected to be released to the world tomorrow.

It would seem that the FBI, Apple and AT&T are cleared in any wrongdoing here. We would actually like to be able to way that, but as of right now there is no proof that Anonymous took this directly from Blue Toad. That is the inference that is being made, but other than saying “That’s 100 percent confidence level, it’s our data” we do not have any indication that the Blue Toad data was actually taken from Blue Toad by Anonymous and AntiSec. There is still a possibility that it was taken in the manner that AntiSec claims, from a laptop in the possession of Special Agent Christopher Stangl.

Right now Blue Toad says they are cooperating with Law Enforcement to investigate the data theft, but their comment that “we successfully defend against thousands of cyber attacks each day, this determined criminal attack ultimately resulted in a breach to a portion of our systems” sounds a tad odd. The files were dumped to the Internet on the 4th of September and they are only now talking about a breach and what they discovered the data was theirs.

We are still wondering about the timeline of events here. Did Blue Toad detect the breach and then fix it without knowing that data was stolen? Or did they see the post, check the data against their data base and only after finding a match (98% according to them) did they find a breach? Something does not fit here in the time line. There is also a small problem of the number of UDIDs that were released. According to Blue Toad only 2 Million UDIDs were stolen yet AntiSec claims to have 12 Million. If Anonymous is telling the truth then we can expect to see another round of releases that will allow the total to exceed the number that Blue Toad is claiming.

We are not sure that we are ready to believe the claims of AntiSec just yet, but there is also something that is not quite right with the counter claims from the FBI, Apple and now Blue Toad. The pieces of this puzzle simply do not fit. We expect to hear more from AnySec in the next few days as well as from Blue Toad and even the FBI as both sides try to prove they are telling the truth. It will be interesting to find out which one really is

Discuss this in our Forum

Last modified on Tuesday, 11 September 2012 10:49

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.