Informationweek Influencer
attrition.org (@attritionorg)
- Twitter Bio:
- http://attrition.org staff share this account. if we follow you, we really like you... or we really dislike you.
- Location:
- US
- Website:
- http://attrition.org/
attrition.org's Selections From the Web
Disclosing a flaw in a widely used system without making someone at least a little angry requires a delicate touch. But Andrew Auernheimer, a.k.a. “Weev,” a 26-year-old finder of security vulnerabilities, is anything but delicate.Two years ago, Auernheimer and a friend made a surprising discovery about the way AT&T was protecting its web database of iPad cellular data accounts: That is, AT&T wasn’t protecting it at all. Any customer could access his or her account data by going to an AT&T URL containing their iPad’s unique numerical identifier. No password, cookie, or login procedure was required to bring up a user’s private information. Auernheimer
Editor’s note: Andrew Auernheimer, also known by his pseudonym weev, is an American grey hat hacker and self-described Internet troll. Follow him on Twitter @rabite.In June of 2010 there was an AT&T webserver on the open Internet. There was an API on this server, a URL with a number at the end. If you incremented this number, you saw the next iPad 3G user email address. I thought it was egregiously negligent for AT&T to be publishing a complete target list of iPad 3G owners, and I took a sample of the API output to a journalist at Gawker.I did this because I despised people I think are unjustly wealthy and wanted to embarass them. I thought this
A couple of days ago, I received an e-mail from Iran. It was sent by an analyst from the Iranian Computer Emergency Response Team, and it was informing me about a piece of malware their team had found infecting a variety of Iranian computers. This turned out to be Flame: the malware that has now been front-page news worldwide.
When we went digging through our archive for related samples of malware, we were surprised to find that we already had samples of Flame, dating back to 2010 and 2011, that we were unaware we possessed. They had come through automated reporting mechanisms,
Upcoming Events
Live Events
- I Can See Clearly Now - E2 Conference Boston
- Discover the opportunities and challenges associated with mobile retail - Mobile Commerce World - Mobile Commerce World
- Explore best practices for marketers in the new mobile world - Mobile Commerce World - Mobile Commerce World
- The E2 Social Business Leaders - E2 Conference Boston - E2 Conference Boston
- How to Choose a SaaS Vendor - E2 Conference Boston
This Week's Issue
Free Print Subscription
SubscribeSpecial Issue
Current Government Issue
- The Government CIO 25: These influential and accomplished government IT leaders are finding ways to be cost efficient and still innovate.
- Rethink Video Surveillance: It's not just about networked cameras anymore. New technology provides analytics, automation, facial recognition, real-time alerts and situational-awareness capabilities.
- Read the Current Issue
Related Whitepapers
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- Information Protection: The Impact Of Big Data
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- IBM index reveals key indicators of business continuity exposure and maturity
Related Reports
