Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: bakedjake
It involved an insecure way that AT&T's website would prompt iPad users when they tried to log into their AT&T accounts through the devices.
The hacker group that claims to have discovered the weakness — the group calls itself Goatse Security — said it was able to trick AT&T's site into coughing up more than 114,000 e-mail addresses, including those apparently of famous media personalities and important government officials.
The iPad breach flew in the face of Jobs' statement that Apple's policy is to seek—and force partners to seek—user permission "every time. Let them know precisely what you're going to do with their data," and let "people know what they're signing up for in plain English, repeatedly."
a member of Goatse Security said "there was no illegal activity or unauthorized access" and that, from an ethical standpoint, the group was "as 'nice guy' as it gets." ... Further, the post said that the security hole was closed before the vulnerability was publicized; that the private user information gathered by the group was given only to Gawker and then destroyed;
I think they need a new definition for what defines "illegal activity" these days because they may be shocked when they read the current cyber laws.
He said he didn't know what was in the directory he was just exploring the site. He was charged with hacking because there was no link to that directory.