Hacker News new | past | comments | ask | show | jobs | submit login
IPad 3G owners account information compromised (nytimes.com)
50 points by flinc on June 9, 2010 | hide | past | favorite | 16 comments



The original article on Gawker on this was horrible. They completely spinned it to sound like Apple was at fault. Only in one little phrase did they happen to mention that AT&T was at fault. They really screwed themselves over by stealing the iPhone, and now they're fighting back by writing mean blog posts. Cute.


Yeah, I've notice that ever since they were denied a press pass to WWDC, Gizmodo has been piling on some Apple hate. Before the WWDC snub, I think it's fair to say they were pro-Apple. Ever since WWDC, there's been more anti-Apple stories written, and there are little one-line cheapshots in some of the more 'unbiased' stories. I've gotten sick of Gizmodo/Gawker's childish behavior and have been sticking to other tech sites now.


Yea their title, "Apple's Worst Security Breach," doesn't quite seem to fit.


The hacking group, Goatse Security

Amazing that kids have come of age in the Goatse era and named themselves for it.


Although, if you're talking about gaping security holes it makes better sense than some names.


The title of this story is a bit misleading.. US AT&T iPad 3G owners account information compromised.


This is why apple exhorts devs not use UUIDs in public-facing services. Too bad they didn't let AT&T in on the secret...


At what point does Apple need to sue AT&T so they can break their exclusivity contract on iOS devices?


I'm pretty sure that exclusivity ends soon; it's a question of renewing it or not.


Why are all of these people using their official e-mail addresses? Are all of these iPads work-owned?

I would never sign up for any personal service using my work address.


You get discounts on AT&T plans if you work for the government (for personal or professional use). You give the address to get the discount


It's not a leak if it's just email addresses. Email is useless if it's not public. If you get spam or unwanted messages, then set some filters. If you can't even do that, you probably shouldn't be using email. If you can't ignore things like that, you're probably better of not using the Internet.

If email addresses are a leak, then I guess that makes the phone book a disaster. Real names matched to addresses and phone numbers, oh my!


It's vaguely possible that some email name schemes could reveal something of an organizational structure that could be of some sort of value to someone. You'd be able to get multiple addresses from the same org, most likely.

But that would indicate security flaws with the naming scheme as much as anything else.


Why the hell would someone leave a script like that exposed on a public-facing site, with no access control or at the very least rate-limiting?!


If they thought of access control or rate-limiting, they wouldn't have made this mistake in the first place... this is strictly an amateur move.


I wonder if Apple can use this as a way to get out of their contract with AT&T.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: