In this roundup, we learn that hackers either have—or don’t have—millions of Apple user IDs, how to protect your company's precious data, and Google is hosting an upcoming hacking competition in which the winner will take away $60,000.
AntiSec Claims to Have Accessed More Than Twelve Million iOS User IDs
AntiSec is at it again, this time creating an internet panic by claiming to have gained access to a little more than twelve million user ID numbers associated with Apple devices running iOS. Information Week reports that hackers associated with the AntiSec movement may have accessed the notebook of FBI Special Agent Christopher Stangl and took from his a computer a CSV file containing a list of millions of Apple iOS user ID numbers. Supposedly, AntiSec “claimed that Stangl's laptop had been compromised by using a Java vulnerability—not the one publicly disclosed less than two weeks ago—but one being used earlier this year.” So far, the FBI has denied the security breach and is saying that AntiSec is lying. Additionally, Apple told The Wall Street Journal that it has not been handing over user ID information to the FBI.
Meanwhile, we might be getting answers soon if the hackers hold up their side of a Faustian bargain made with Gawker’s Adrien Chen. Earlier this week, Anonymous issued a press release that stated its members would only partake in news interviews about the Apple ID debacle under the condition that Chen dons a tutu and holds a shoe over his head (yes, you read that right). Eventually, the Gawker scribe complied with the demands and showed the world his best “Toddlers and Tiaras” stance. As of this writing, we have yet to see if Anonymous is holding up its word, but a recent tweet by the public mouthpiece of the group indicates that the deal will be honored.
A Former Hacker Gives Tips to Business Insider on Website Security
Business Insider published an intriguing interview with Kevin Mitnick, a former hacker who served prison time for his exploits involving Motorola, Sun Microsystems, and the FBI. In the piece, Mitnick mentions that organizations should spend cash on outside security consultants, train themselves to handle social engineering hacks, and annually review company security policies. Perhaps the most interesting take-away from the interview is Mitnick's saying to use Data loss prevention (DLP) software as a way to learn whether or not unauthorized employees are accessing private data.
Hack into Google Chrome and Earn $60,000
If your hacking skills are excellent and you want to make $60,000, you might want to make your way to Malaysia and try cracking Google’s Chrome browser. Google recently announced the second annual Pwnium competition to be held in Kuala Lumpur, Malaysia, during the Hack in the Box conference on October 10. According to Google, contest participants must be able to find exploits in the latest version of Chrome and exploits “should be served from a password-authenticated and https Google property, such as App Engine.” The total competition booty equals $2 million; the winner will take away $60,000.
Jonathan Vanian is an online editor who edits, writes, interviews, and helps turn the many cranks at StickyMinds, TechWell, AgileConnection, and CMCrossroads. He has worked for newspapers, websites, and a magazine, and is not as scared of the demise of the written word as others may appear to be. Software and high technology never cease to amaze him.