tech

Australia teen breaches Apple's secure network

10 Comments
By Josh Edelson

The requested article has expired, and is no longer available. Any related articles, and user comments are shown below.

© 2018 AFP

©2018 GPlusMedia Inc.

10 Comments
Login to comment

The big question, how was he able to get to the core and operate there for a year before being discovered?

6 ( +6 / -0 )

downloaded 90GB of secure files

What are 'secure files'? Does that mean they were encrypted (secured) or were they files that were supposed to be secure, and obviously weren't?

5 ( +5 / -0 )

Australia teen breaches Apple's not-so-secure network

Fixed it for you. Hint - If a teen can get in over the internet or dial up, it isn't a secured network, Apple.

At Apple's request, authorities did not disclose details regarding the

methods the teenager used to hack into its secure servers, though

investigators said his ways "worked flawlessly" until the company

noticed.

Probably an XSS attack. Something that any web-developer should prevent for the last 15 yrs. There's a well-know Top 10 List in the industry for things to avoid. https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet

3 ( +3 / -0 )

Probably an XSS attack. 

There’s nothing to indicate what kind of attack it was.

0 ( +2 / -2 )

Apple's should give him a job!

3 ( +4 / -1 )

There is no way to get a serial number from a computer over the internet. Apple must have placed a file like malware to steal the info like a honeypot

0 ( +0 / -0 )

There is no way to get a serial number from a computer over the internet.

That may be true for basic internet protocols such as http, but if he was able to join Apple's internal network, I think it's possible to retrieve a lot more information about connected devices. I don't whether that would include serial numbers.

0 ( +0 / -0 )

The Age said police raided the boy's home last year and found hacking files and instructions saved in a folder called "hacky hack hack".

Lol, that's his mistake right there! Should had named it "dicks dicks dicks" instead - imagine the raid team would see that folder and just think… "Not my job"

2 ( +2 / -0 )

Apple's should give him a job!

They probably will.

If not, the FBI will, after they have finished 'talking' to him.

Or the Chinese or Russians

1 ( +1 / -0 )

> There is no way to get a serial number from a computer over the internet. Apple must have placed a file like malware to steal the info like a honeypot

Actually, there is, but it depends on the browser's help. When we allow java to run, it is possible to perform network queries on the end-user's system... like doing an arp to get the MAC address, which is supposed to be unique in the world. Since Apple is the most likely vendor for any Apple sale, they would just need to look up in their sales records the MAC to person cross ref. Professionals know to modify their MAC or use other techniques to hide better.

There are other methods to figure out identities of end-users accessing a server, how else would google, facebook, twitter, insta-whatever, verizon, AT&T, Comcast, Cox, and all their advertising "partners" be able to trace each of us on the internet? Your computer is fairly unique in the world - https://panopticlick.eff.org/ will show you using simple tests. This method doesn't use java. My results:

Your browser fingerprint appears to be unique among the 2,002,729 tested in the past 45 days.

There are about 25M people in Australia now, so fewer than 13 other people have a similar "fingerprint." With just 13 people to check, it wouldn't take long to figure out who is most likely.

And not using a VPN or TOR is just dumb.

So I hear.

0 ( +0 / -0 )

Login to leave a comment

Facebook users

Use your Facebook account to login or register with JapanToday. By doing so, you will also receive an email inviting you to receive our news alerts.

Facebook Connect

Login with your JapanToday account

User registration

Articles, Offers & Useful Resources

A mix of what's trending on our other sites