My new favorite infosec person.

Last week, Anonymous released a million Apple UDIDs claiming to have gotten them off an FBI laptop.

Both the FBI and Apple denied generating this list

Sadly, most people on the Internet were more likely to take the word of a shady group of law-breaking pranksters.

Thankfully, we have people like David Schuetz (aka Darth Null).

After analyzing the list, he initially provided a voice of sanity and reason, noting that the most likely source of the data was a third party app developer and that the actual risk of the leaked UDIDs was fairly low.

Then this week, he detailed how he located the actual source of the information.

Really great stuff.  I think it exemplifies the curiosity and puzzle-solving skills that are the hallmark of the best information security folks.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s