With What Databases Has NCTC Cross-Referenced with FBI’s 12 Million iDevice User IDs?

Update, 6/13/13: For those coming to this via my Twitter link, subverzo reminded me that this turned out to be a false claim. The data came from an Apple developer, not from FBI. 

Sorry for the confusion.

As you may have heard, Anonymous and AntiSec hacked into a database of 12 million Apple Universal Device IDs that were in an FBI officer’s laptop and released 1 million of them, ostensibly so some people could identify if their device was one of those FBI was tracking.

They claimed to have tapped into a Dell laptop owned by Special Agent Christopher K. Stangl, an FBI cyber security expert. They downloaded several files, including one that contained “12,367,232 Apple iOS devices including Unique Device Identifiers (UDID)” and other personal information, they wrote in a text file published online. “[The] personal details fields referring to people appears many times empty leaving the whole list incompleted [sic] on many parts. no other file on the same folder makes mention about this list or its purpose.”

While it’s not immediately clear what the FBI is doing with the Apple UDIDs and detailed information on device owners, Gizmodo pointed out that the acronym “NCFTA” could stand for the National Cyber-Forensics & Training Alliance, a nonprofit that acts as an information-sharing gateway between private industry and law enforcement.

These are unique identifiers for things like iPhones and iPads that have long presented the risk of tying someone’s identity to an individual device.

There are multiple ways FBI could have collected this information–either using an NSL or Section 215 request or an insecure transmissions to an ad or game server. And no one knows how the FBI was using it. Whatever you think about Anonymous, we may finally learn more about how the government is tracking geolocation.

But here’s one other concern. Assuming that’s an official FBI database, not only the FBI has it, but also the National Counterterrorism Center. And they’ve got access to whatever federal databases they want to cross-check with existing counterterrorism databases. And one of the few checks we have on the use of our data in this way is a Privacy Act SCOTUS just watered down.

This is a massive amount of data the government likely has no good excuse for having collected, much less used. But it’s likely just one tip of a very big iceberg.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

29 Responses to With What Databases Has NCTC Cross-Referenced with FBI’s 12 Million iDevice User IDs?

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
Emptywheel Twitterverse
emptywheel @granick Actually we also have docs to prove that that were officially released. Even training docs! @daveaitel @headhntr
9mreplyretweetfavorite
emptywheel @csoghoian But that's when NSA submitted outdated docs from to hide what they were doing from FISC in 2007. @daveaitel
10mreplyretweetfavorite
emptywheel RT @csoghoian: The last time @daveaitel worked at NSA, Bill Clinton was President. He can't "debunk" anything re: NSA's internet surveillan…
11mreplyretweetfavorite
emptywheel So should I debunk that Business Insider piece or point out why USAT on USAF is wrong? #NSAFactCheck
14mreplyretweetfavorite
emptywheel @onekade They play an important legal role--been half-assed wanting to chase this down for a while. And now, VIOLA!
18mreplyretweetfavorite
emptywheel When @wellsbennett discovers that all this time Mike Rogers has actually been talking shite. http://t.co/M5xRxb7nkN
31mreplyretweetfavorite
emptywheel This piece on neverending states of emergency in the US is really important. http://t.co/PcAkOhnUfv
36mreplyretweetfavorite
bmaz No problem with it, overall he's decent chap, but why is AZ CJ Stan Feldman being recalled to duty for a swearing in? http://t.co/zA8JPvBIPJ
47mreplyretweetfavorite
bmaz @PogoWasRight Yep. I won't even have to try. One side or other, irrespective of the type of case, will hate me. I don't blame them either.
50mreplyretweetfavorite
JimWhiteGNV RT @NBCLA: JUST IN: Dallas nurse Amber Vinson no longer has Ebola, her family says http://t.co/ttx1MtHAIe http://t.co/nRW2xA0cQM
52mreplyretweetfavorite
bmaz I've just been selected as a superior court juror! Yay! I'd truly love to sit on a jury, any jury, civil or crim, but it will never happen.
1hreplyretweetfavorite
emptywheel @AllThingsHLS Spent some time last weekend w/a guy in charge of it. He wasn't interested when i pointed that out.
2hreplyretweetfavorite
September 2012
S M T W T F S
« Aug   Oct »
 1
2345678
9101112131415
16171819202122
23242526272829
30