[sanjuro]

http://www.sfgate.com/cgi-bin/blogs/techchron/detail?entry_id=65436&tsp=1

Valleywag said a group called Goatse Security, which has exposed other security problems in the past, found the hole. They were able to exploit a function on AT&T's website that allowed them to obtain e-mail address when they entered in the ICC-ID of iPads as part of an HTTP request. The ICC-ID authenticates a user on the AT&T network.

 

[H8R]

http://www.sfgate.com/cgi-bin/blogs/techchron/detail?entry_id=65436&tsp=1

I nearly ran off the road tonight when I heard the CNN radio reporter talking about this story say "technicians from Goatse Security...".

 

[narlus]

I nearly ran off the road tonight when I heard the CNN radio reporter talking about this story say "technicians from Goatse Security...".

i've heard that they have a rather large hole in their back end defenses.

 

[Toshi]

It's not an iPad crack we're talking about here. It's a PHP script that these goat.se-lovin' dudes wrote that feeds guessed ICC-IDs to an unsecured script that in turn is on ATT's webservers. In other words, it's ATT's web designers that need to be whipped, not Steve Jobs, at least this time.

 

[Sghost]

Their logo:

 

[eaterofdog]

All you have to do is drop it...