Now the hack of a Special Agent of the FBI’s (and a Supervisor in the FBI’s Regional Cyber Action Team) company issued laptop is bad enough all on its own, but the bigger story here is the data that was there. Why would the FBI have 12 Million Apple UDIDs at all? How did they get them? And what purpose are they being put to? These questions raise some serious concerns about Apple and their partners. While it is true that the FBI could have gathered these directly from their long-time friendship with AT&T, it is also very likely that they came from Apple directly. If this is the case it could potentially explain a lot about why Apple appears to get a green light on so much in the US. One theory is that the information was gathered from one or more App developers that are cooperating with the FBI. We doubt that last one as it is actually much easier for the FBI to get this data from a carrier or from Apple than from a developer and the payoff would be much larger. Of course all of this is speculation at this point as there is no way to tell where the FBI collected the data or even if the data is real.

We took a look at it and while the data appears to be in the same format as the UDIDs we did not find any that we could recognize and none of the Apple devices that we have in the lab were on the list of the one million that were released. It remains and embarrassment to the FBI and their Cyber Action Team as well as a potential embarrassment for Apple and the Carriers that provide their phones.

There have been talks that the UDIDs in Apple (and other phone maker’s) devices can be used to collect significant data about their users. It was a hot topic with Congress for a short period of time, but as usual the subject was dropped for no reason (probably because law enforcement like being able to track things). The US DoJ has fought against privacy protections on mobile devices as well as refusing to release details on their partnerships with carriers. Anyone want to play connect the dots? So why did AntiSec and Anonymous go after the FBI and Special Agent Christopher Stangl? It is entirely possible that it was just to prove a point that the FBI is still operating in a very insecure manner, but it is also possible that they were aware that the FBI was doing something rather shady in their recent pursuit of members of both groups (with the help of Sabu). To paraphrase a comment in the pastebin post; The FBI, NSA and DoJ call them criminals, chase them down and arrest them, but they attempt to get them to work for them to push their own agendas. Sounds a tad hypocritical doesn’t it?

It will be very interesting to see if the information is real and also if there is any way to find out where it came from. We can imagine the outrage that will happen if this turns out to be from Apple, AT&T or another carrier of the iPhone/iPad. We will be reaching out to the FBI, Apple and a few carriers for more information although we doubt that any will respond.

Discuss this in our Forum