Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Vulnerability researchers Goatse Security claim to have found a security flaw in AT&T's protocols that has given access to the personal data of over 114,000 iPad buyers.
According to Gawker the group ran an open script on AT&T's web site which would pass on the email addresses of owners based on the ID number of their 3G iPad.
By guessing an ID number range from publicly available web site images the team wrote a PHP script which then harvested email addresses from a huge number of iPad 3G owners.
The total bag came to 114,067 buyers, including the address for the White House chief of staff Rahm Emanuel, the head of the US B1 strategic bomber group and numerous executive in Apple, Google, Microsoft and Amazon.
Also included were executives at the New York Times, Dow Jones, Viacom, Time Warner, News Corporation and staff officers in the Senate, the House of Representatives, the Department of Justice, NASA and the Department of Homeland Security.
There is no currently known way to use AT&T ID codes for accessing data on the iPad but researchers at Goatse Security reportedly expressed concerns that the vulnerability, coupled with existing problems in the safety of GSM for reliable data transfer, could leave more data open to hacking.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
