iPad Database Hack: Who says no one writes anything for Apple?

A couple of years ago, in a staff meeting, our IT guy was telling us how many attacks from outside our servers fend off each day. Then the co-owner of the company – an Apple fanboy – asked,

“How many attacks are made on Apples?”

“A lot less,” the IT guy said.

“Ha!” bellowed my boss. I’d actually half expected him to, “Squeee!”

“Yeah, but no one writes anything for Apple,” I pointed out. “If more than nine people owned one of those things, I’m sure it would be worth the time of hackers to try an attack on them.”

The IT guy, who is eternally tired and didn’t really care either way, shrugging admitted I was right.

My boss scowled at me. Not because I’d contradicted him in a meeting – though I’m sure that was part of it – but because I’d dared point out a flaw in the perfect image of the company that Jobs built. To an Apple devote, pointing out anything negative – even as minor as that – is like suggesting Jesus Christ may have gotten laid once to a Christian. It’s just not said.

That was then, when the Evangelical Apple user had to cry, piss and moan to get their friends to try out a MacBook. Now everyone has an iPod, a lot of people have iPhones, and a few people have iPads. (And there’s still some MacBooks in there) All told, this accounts for 8% market share of domestic computers, and a 34% growth from this time last year.

Which means they’re growing fast – and about to face the problems PC companies have had for some time, problems they may have felt immune to: Namely, the attention of hackers.

Like most people who heard about the database hack of iPad users this week, I laughed.

I laughed because for once, the arrogance of the average Apple user was assaulted in a very public way. Keep in mind that iPads and Apple computers themselves were never hacked into in this story – because, as always, no one writes anything for an Apple, not even good malware.

In this case, AT&T was the victim. Hackers got in through by figuring out the a number pattern in ICC-IDs, which, when passed to the AT&T website, would send back the corresponding e-mail address.

Both Apple and AT&T were quick to point out how little data was lost, and how quickly the error was fixed. Of course, this isn’t the point.

The point is that AT&T does not guard the data of Apple users terribly well. What’s more, the publicity around this case has made them a prime target for more breaches, as they have shown they aren’t good at predicting what people will try on them.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s